Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include_once "includes/functions.php";
- include_once "includes/db_connect.php";
- sec_session_start();
- $username = $_POST['username'];
- $password = $_POST['password'];
- if ($username && $password) {
- $query = "SELECT password, rank FROM user WHERE username=?";
- $result = $connect->prepare($query);
- $result->bind_param('s', $username);
- $result->execute();
- $result->bind_result($dbpassword, $dbrank);
- $result->store_result();
- $result->fetch();
- $numrows = $result->num_rows();
- if($numrows !=0) {
- $hash = password_hash($password, PASSWORD_DEFAULT);
- $dbusername = $username;
- if ($username == $dbusername && password_verify($password, $dbpassword)) {
- echo "Login successful. <br><br> <a href='membersarea.php'>Click here to enter the members area</a>";
- $_SESSION['username'] = $dbusername;
- $_SESSION['rank'] = $dbrank;
- } else {
- echo "Incorrect password...";
- echo $hash;
- }
- } else {
- die ("That username doesn't exist...");
- }
- } else {
- die ("Please enter a username and password...");
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement