To login to chat i have a url line request like:
http://prieteniitai.com/chat/123flashchat//login_chat.php?username=%username%&password=%password%
I have on site that file login_chat.php where I cannot confirm the password of user. I know this due to I get message "wrong password". Where is text bold and italic style is a mistake but I cannot find.
The file is:
$LOGIN_SUCCESS = 0;$LOGIN_PASSWD_ERROR = 1;$LOGIN_NICK_EXIST = 2;$LOGIN_ERROR = 3;$LOGIN_ERROR_NOUSERID = 4;$LOGIN_SUCCESS_ADMIN = 5;$LOGIN_NOT_ALLOW_GUEST = 6;$LOGIN_USER_BANED = 7;
$username = isset($_GET['username']) ? trim(htmlspecialchars($_GET['username'])) : '';$username = substr(str_replace("\\'", "'", $username), 0, 32);$username = str_replace("'", "\\'", $username);$password = isset($_GET['password']) ? $_GET['password'] : '';
$db_host = "localhost";$db_username = "DB user";$db_password = "DB password";$db_name = "DB name";
$usertable = "ow_base_user";$username_field = "username";$password_field = "password";
define('OW_PASSWORD_SALT1', 'key');//
$link4 = mysql_connect($db_host, $db_username, $db_password) or die (mysql_error());mysql_select_db($db_name, $link4);
$sql6 = "SELECT * FROM ow_base_userWHERE username = '" . $username . "'";
$query1 = mysql_query($sql6, $link4);
$user_data1 = mysql_fetch_array($query1);
if ($user_data1['username'] == $username) if ($user_data1['password'] == hash('sha256', OW_PASSWORD_SALT . $password)) echo $LOGIN_SUCCESS . $url;else {echo $LOGIN_PASSWD_ERROR;if ($link != null)//juni -> 2016-01-12mysql_close($link);exit;}else {echo $LOGIN_ERROR_NOUSERID;if ($link != null)mysql_close($link);exit;}