Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $user = $_POST['user_name'];
- $pass = md5($_POST['user_pass']);
- require_once("connection_file.php");
- $sql = "SELECT * FROM login_table WHERE user_n = :us AND user_p = :password";
- $stmt = $conn->prepare($sql);
- $stmt->bindValue(':us', $user, PDO::PARAM_STR);
- $stmt->bindValue(':password', $pass, PDO::PARAM_STR);
- $stmt->execute();
- $result = $stmt->fetchAll();
- if($result)
- {
- //echo $msg = "user exist";
- if(session_status() == PHP_SESSION_NONE)
- {
- session_start();
- foreach($result as $row)
- {
- $hash = password_hash($row['user_pass'], PASSWORD_BCRYPT);
- if(password_verify($row['user_pass'], $hash))
- {
- $_SESSION['userid'] = $row['user_id'];
- $_SESSION['role'] = $row['user_role'];
- header("Location: homepage.php");
- }
- }
- }
- }
- else
- {
- $msg = "Wrong credentials";
- header("Location: login_page.php");
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement