Code: Select all
extract($_POST);
if($password1 != $password2)
{
die('The passwords must be the same!');
}
$salt = '$1$' . substr(MD5(microtime() . getmypid()),0,12);
$password1 = md5crypt($password1, $salt);
$query = ($action == 'new') ? 'INSERT ' : 'UPDATE ';
mysql_query("
$query {$prefix}users
SET user_name = '$username',
user_pass = '$password1',
user_mail = '$email'
WHERE user_name = '$username'
")
or die(mysql_error());Code: Select all
$result = mysql_query('
SELECT user_pass
FROM users
WHERE user_name = ''' . $_POSTї'username'] . '''
');
extract(mysql_fetch_array($result));
if(md5crypt($_POSTї'password'], $user_pass) == $user_pass)
{
echo('login correct!');
}
else
{
echo('whaa!');
}