Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if (isset($_POST['login-submit'])) {
- include_once "DBC.php";
- $Uname = $_POST['uname'];
- $Psw = $_POST['psw'];
- if (empty($Uname) || empty($Psw)) {
- header("location: ../LoginPage.php?Error=EmptyFields");
- exit();
- }
- else {
- $sql = "SELECT * FROM r66_admin WHERE username=?;";
- $stmt = mysqli_stmt_init($conn);
- if (!mysqli_stmt_prepare($stmt, $sql)) {
- header("location: ../LoginPage.php?Error=SQLerror");
- exit();
- }
- else {
- mysqli_stmt_bind_param($stmt, "s", $Uname);
- mysqli_stmt_excecute($stmt);
- $result = mysqli_stmt_get_result($stmt);
- if ($row = mysqli_fetch_assoc($result)) {
- $PswCheck = password_verify($Psw, $row['password']);
- if ($PswCheck == false) {
- header("location: ../LoginPage.php?Error=WrongPasswordOrUsername");
- exit();
- }
- elseif ($PswCheck == true) {
- session_start();
- $_SESSION['ID'] = $row['id'];
- $_SESSION['UsName'] = $row['username'];
- header("location: ../LoginPage.php?Login=Success");
- exit();
- }
- else {
- header("location: ../LoginPage.php?Error=WrongPasswordOrUsername");
- exit();
- }
- }
- else {
- header("location: ../LoginPage.php?Error=NoUser");
- exit();
- }
- }
- }
- }
- else {
- header("location: ../Index.php");
- exit();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement