Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if(isset($_POST["submit"]))
- {
- include_once "dbconnect.php";
- $username = mysqli_real_escape_string($conn, $_POST["username"]);
- $password = mysqli_real_escape_string($conn, $_POST["password"]);
- if(empty($username) || empty($password))
- {
- header("Location: ..\index.php");
- exit();
- }
- else
- {
- $stmt = mysqli_stmt_init($conn);
- $sql = "SELECT * FROM users WHERE username = ?";
- if(!mysqli_stmt_prepare($stmt, $sql))
- {
- header("Location: ..\index.php");
- exit();
- }
- else
- {
- mysqli_stmt_bind_param($stmt, "s", $username);
- mysqli_stmt_execute($stmt);
- $result = mysqli_stmt_get_result($stmt);
- if($row = mysqli_fetch_assoc($result))
- {
- //$pwd = password_hash($password, PASSWORD_DEFAULT);
- $passhash = true;
- //$passhash = password_verify($pwd, $row['user_pw']);
- if($passhash == false)
- {
- header("Location: ..\index.php");
- exit();
- }
- else if($passhash == true)
- {
- $_SESSION["username"] = $row['username'];
- $_SESSION["firstname"] = $row['firstname'];
- $_SESSION["lastname"] = $row['lastname'];
- header("Location: ..\index.php");
- exit();
- }
- }
- }
- mysqli_stmt_close($stmt);
- }
- }
- else
- {
- echo "asd5";
- //header("Location: ..\index.php");
- exit();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement