API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 3rd, 2016
104
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.12 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. $db = new PDO('mysql:host=localhost;dbname=xxxxxxxxxxxxx;charset=utf8mb4', 'xxxxxxxxxxx', 'xxxxxxxxxxxxxxx');
  3.  
  4. // First start a session. This should be right at the top of your login page.
  5. session_start();
  6.  
  7. // Check to see if this run of the script was caused by our login submit button being clicked.
  8. if (isset($_POST['login-submit'])) {
  9.  
  10. // Also check that our email address and password were passed along. If not, jump
  11. // down to our error message about providing both pieces of information.
  12. if (isset($_POST['emailaddress']) && isset($_POST['pass'])) {
  13. $user = $_POST['username'];
  14. $pass = $_POST['pass'];
  15.  
  16.  
  17. // Connect to the database and select the user based on their provided email address.
  18. // Be sure to retrieve their password and any other information you want to save for the user session.
  19. $pdo = new Database();
  20. $pdo->query("SELECT id, email, password, name, level FROM db_users WHERE user = :username");
  21. $pdo->bind(':username', $user);
  22. $row = $pdo->single();
  23.  
  24.  
  25. // If the user record was found, compare the password on record to the one provided hashed as necessary.
  26. // If successful, now set up session variables for the user and store a flag to say they are authorized.
  27. // These values follow the user around the site and will be tested on each page.
  28. if (($row !== false) && ($pdo->rowCount() > 0)) {
  29. if ($row['password'] == hash('sha256', $pass)) {
  30.  
  31. // is_auth is important here because we will test this to make sure they can view other pages
  32. // that are needing credentials.
  33. $_SESSION['is_auth'] = true;
  34. $_SESSION['user_level'] = $row['level'];
  35. $_SESSION['user_id'] = $row['id'];
  36. $_SESSION['username'] = $row['username'];
  37.  
  38. // Once the sessions variables have been set, redirect them to the landing page / home page.
  39. header('location: home.php');
  40. exit;
  41. }
  42. else {
  43. $error = "Invalid email or password. Please try again.";
  44. }
  45. }
  46. else {
  47. $error = "Invalid email or password. Please try again.";
  48. }
  49. }
  50. else {
  51. $error = "Please enter an email and password to login.";
  52. }
  53. }
  54. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!