Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ini_set('display_errors', 'On');
- session_start();
- require "./db_connect.php";
- if (array_key_exists("email_address", $_POST) &&
- array_key_exists("password", $_POST))
- {
- if (isset($_POST['email_address']) && isset($_POST['password'])) {
- echo processLogin($_POST['email_address'], $_POST['password'], $mysqli);
- }
- } else
- {
- echo "didnt work<br>";
- }
- function processLogin($input_email, $input_pwd, $mysqli) {
- $retval = NULL;
- $result = 0;
- $email_address_clean = mysqli_real_escape_string ( $mysqli, $input_email);
- $password_clean = mysqli_real_escape_string ( $mysqli, $input_pwd);
- $dbquery = "
- SELECT id, email_address, first_name, last_name, credits
- FROM usr_db
- WHERE email_address='".$email_address_clean."'
- AND pass='".$password_clean."'";
- //prepare
- if (!($stmt = $mysqli->prepare($dbquery))) {echo "Falied to prepare query (".$mysqli->connect_errno.") ".$mysqli->connect_error; }
- //execute
- if (!$stmt->execute()) { echo "Falied to execute query (".$mysqli->connect_errno.") ".$mysqli->connect_error; }
- //bind
- if (!($stmt->bind_result($db_id, $db_email, $db_fname, $db_lname, $db_balance))) { echo "Falied to bind parameters (".$mysqli->connect_errno.") </p>".$mysqli->connect_error;
- }
- //evaluate
- $result = 0;
- while($stmt->fetch()) {
- $result += 1;
- }
- if ($result == 1)
- {
- $retval = 1;
- $_SESSION['id'] = $db_id;
- $_SESSION['email_address'] = $db_email;
- $_SESSION['first_name'] = $db_fname;
- $_SESSION['last_name'] = $db_lname;
- $_SESSION['credits'] = $db_credits;
- $_SESSION['logged_in_status'] = 1;
- }
- else $retval = NULL;
- $stmt->close();
- return $retval;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement