Tweet
PHP-Code:
include("config.inc.php");
$con = @mysql_connect($db_server, $db_user, $db_pass);
@mysql_select_db($db_db,$con);
$query = "SELECT * FROM db_user WHERE user = '".$user."'";
$result = mysql_query($query, $con);
$rows = mysql_num_rows($result);
//mysql_close($con);
if ($rows <= 0) {
echo "Unbekannter Benutzername!";
}
else {
while ($row = mysql_fetch_object ($result)) {
if ($row->password==md5($password)) {
echo "righty";
}
else {
echo "Falsches Passwort!";
}
}
}
$query2 = "SELECT vname, name, birth, email, level, since, lastmod FROM db_user WHERE name = '".$user."'";
$result2 = mysql_query ($query2,$con);
$userdetails = mysql_fetch_array($result2,MYSQL_ASSOC);
$vname = $userdetails["vname"];
$name = $userdetails["name"];
$birth = $userdetails["birth"];
$since = $userdetails["since"];
$lastmod = $userdetails["lastmod"];
echo $vname." - ".$name." - ".$birth." - ".$since." - ".$lastmod;
mysql_close($con);
?>
PHP-Code:
<?php
include('config.inc.php');
$username="admin";
$con = @mysql_connect($db_server,$db_user,$db_pass);
if (!$con)
{
die ("Sorry, Verbindungsversuch zur Datenbank ist fehlgeschlagen !");
}
mysql_select_db($db_db,$con);
$query = "SELECT password, level FROM db_user WHERE user = '".$username."'";
$result = mysql_query($query,$con);
$zeileholen = mysql_fetch_array($result,MYSQL_ASSOC);
mysql_close($con);
if (!$zeileholen)
{
die ("Sorry, aber dieser Name ist leider nicht bekannt !");
}
$level = $zeileholen["level"];
$pass = $zeileholen["password"];
echo $level." - ".$pass;
?>
Danke.
Kommentar