Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
<?php
$query = "SELECT * FROM members WHERE login='$login'";
$result = mysql_query($query) or die(mysql_error());
if ( mysql_num_rows($result) < 1 ) die("Invalid user?");
$record = mysql_fetch_assoc($result);
$hash = hash('sha256', $record['salt'] . $_POST['password']);
// Check whether the query was successful or not
if ( $hash === $record['hash'] ) {
session_regenerate_id();
$_SESSION['SESS_MEMBER_ID'] = $record['member_id'];
$_SESSION['SESS_LOGIN'] = $record['login'];
session_write_close();
} else {
// ...
}
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment