pls i need help
Code: Select all
<?php
$link = mysqli_connect("localhost", "test","test123");
$database = mysqli_select_db($link, "test");
$user = $_GET['username_clean'];
$password = $_GET['user_password'];
$hwid = $_GET['hwid'];
$tables = "phpbb_users";
$token = $_GET['token'];
$sql = "SELECT * FROM ". $tables ." WHERE username_clean = '". mysqli_real_escape_string($link,$user) ."'" ;
$result = $link->query($sql);
if ($result->num_rows > 0) {
// Outputting the rows
while($row = $result->fetch_assoc())
{
$password = $row['user_password'];
$salt = $row['salt'];
$plain_pass = $_GET['user_password'];
$stored_pass = md5(md5($salt).md5($plain_pass));
$passwordstatus;
$hwidstatus;
echo "{<br>";
if($stored_pass != $row['user_password'])
{
echo "password: false<br>";
}
else
{
echo "password: true<br>";
}
echo "group: " . $row['group_id'] . "<br>";
echo "additionalgroups: " . $row['group_id'] . "<br>";
if (strlen($row['hwid']) > 1)
{
if ($hwid != $row['hwid'])
{
echo "hwid: false<br>";
}
else
{
echo "hwid: true<br>";
}
}
else
{
$sql = "UPDATE ". $tables ." SET hwid='$hwid' WHERE username_clean='$user'";
if(mysqli_query($link, $sql))
{
echo "hwid: true<br>";
}
else
{
echo "hwid: false<br>";
}
}
echo "token: " . $_GET['token'] . "<br>";
echo "}";
}
}
else
{
echo "password: false";
}
?>