query("SELECT salt FROM user WHERE name='$username';"); while($salt_array = $salt_db->fetchArray(SQLITE3_NUM)){ foreach($salt_array as $firstelement){ $salt=$firstelement; } } $password = "$salt"."$passwort"; $hash_password = md5($password); for($i=0;$i<15000;$i++) $hash_password = md5($hash_password); $real_password_db = $db->query("SELECT password FROM user WHERE name='$username';"); while($real_password_array = $real_password_db->fetchArray(SQLITE3_NUM)){ foreach($real_password_array as $secondelement){ $real_password=$secondelement; } } /*___Login___*/ if ($real_password == $hash_password) { if($db->exec(" BEGIN TRANSACTION; INSERT INTO log (id, user, login) VALUES (NULL, (SELECT id FROM user WHERE name='$username'), (SELECT datetime()) ); COMMIT; ")){ $_SESSION["login"] = true; $_SESSION["username"] = "$unsafe_username"; header("Refresh: 0; /"); } else { header("Refresh: 0; login?reason=database"); } } else { header("Refresh: 0; login?reason=failure"); } } else { /*Prints the GET version*/ foreach ($_GET as $argument => $value) { if(preg_match("/logout/",$argument)){ session_destroy(); header("Refresh: 0; /login?success"); exit; } else { if(preg_match("/success/",$argument)) $logout="Successfull loged out!"; } } if($_SESSION["login"]){ header("Refresh: 0; /"); } else { echo $logout; echo "

Name:

Password:

"; } }