Login

1. <?php
2. include("config.php");
3. if (isset($_POST['POST_login'])) {
4.     global $conn;
5.     $u_username = trim(strip_tags(htmlspecialchars($_POST['username'])));
6.     $u_password = trim(strip_tags(htmlspecialchars($_POST['password'])));
7.     $h_password = hash('sha256', $u_password);
8.  
9.     $query = "SELECT * FROM `users` WHERE `username` = '".$u_username."'";
10.     $result = $conn->query($query);
11.  
12.     if ($result->num_rows > 0) {
13.         while($row = $result->fetch_assoc()) {
14.             if ($h_password != $row['password']) {
15.                 echo "[wrong_pass]";
16.             } else {
17.                 echo "[ok]";
18.             }
19.         }
20.     } else {
21.         echo "[incorrect]";
22.     }  
23. } else {
24.     echo "[no_perm]";
25. }