Li1M0ST3Rz
I <3 Bianca
- Sep 13, 2010
- 269
- 166
PHP:
if(isset($_GET['login']))
{
$error = array();
if(!isset($_POST['loginusername']) || !isset($_POST['loginpassword']))
$error[] = 'All the fields must be filled in!';
if(!count($error))
{
$user = $_POST['loginusername'];
$pass = md5(sha1($_POST['loginpassword']));
$query = "SELECT * FROM users WHERE username='$user' and password='$pass'";
$connect = $conn->query($query);
$hit = $connect->num_rows;
if($hit)
{
$take = $hit->fetch_assoc();
extract($take);
$_SESSION['username'] = $user;
header('Location: ./home.php?user');
}else{
$error[] = 'Wrong username and/or password';
header('Location: ./home.php?wrong');
}
}
}