1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
<?php
include "php/db.php";
include "php/salt.php";
$password = sha1($_POST['password'].$pwd_salt);
$username = $_POST['username'];
if(isset($_SESSION ['userName'])) {
echo "You can not login whilest you are logedin...";
header("Location:./index.php");
} else {
$query = "SELECT * FROM Users
WHERE loginName = '{$username}';";
$userinfo = $db->query($query);
$fetch = $userinfo->fetchAll();
if ($fetch[0]['shadow'] == $password) {
session_start();
$_SESSION['userName'] = $username;
$_SESSION['userType'] = $fetch[0]['userType'];
} else {
echo "Wrong password or user name";
}
sleep(.5);
header("Location:./index.php");
}
?>
|