pass protected

Out of context: Reply #5

• Started
• Last post
• 5 Responses

• unfittoprint0

  w/ MySQL [> 1 user]?

  I use [secure method]:

  [?php
  foreach ($HTTP_POST_VARS as $key => $value) {
  $$key = $value;
  }

  function auth($username, $password) {
  $crypt = md5($password);
  $query = "SELECT userID FROM users WHERE username = '$username' AND password = '$crypt'";

  // Execute the query
  $result = mysql_query($query);

  // If we found a match...
  if (mysql_num_rows($result) == 1) {
  // Extract user ID from the results
  $user = @mysql_fetch_array($result);
  $userID = $user['userID'];
  } else {
  // Otherwise set username to -1
  $userID = -1;
  }
  // Return user ID
  return $userID;
  }

  //____________________
  $userID = auth($username, $password);
  // If authorisation failed...
  if ($userID == -1) {
  fail("UTILIZADOR / PASSWORD INVÁLIDOS
  Clique aqui para tentar de novo");
  } else {
  session_start(); $_SESSION['username'] = $username;
  $_SESSION['password'] = $password;
  $_SESSION['userID'] = $userID;
  //ir para a página loggedin
  header("Location: loggedin.php");
  }
  }

  ?]

  unfittoprint 0Permalink

  UpvoteDownvote

  Flag

  Show [[ numHiddenNotes ]] more notesAdd Note

  SaveCancel

View thread