Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if ((isset($_POST['username'])) && (isset($_POST['password']))) {
- require_once "../connections/connection.php";
- $link = new_db_connection();
- $stmt = mysqli_stmt_init($link);
- $query = "SELECT ref_id_roles, password_hash FROM users WHERE username LIKE ?";
- if (mysqli_stmt_prepare($stmt, $query)) {
- mysqli_stmt_bind_param($stmt, 's', $username);
- $username = $_POST['username'];
- $password = $_POST['password'];
- mysqli_stmt_execute($stmt);
- mysqli_stmt_bind_result($stmt, $perfil, $password_hash);
- // devemos validar também o resultado do execute!
- if (mysqli_stmt_fetch($stmt)) {
- if (password_verify($password, $password_hash)) {
- session_start();
- $_SESSION['role'] = $perfil;
- $_SESSION["username"] = $username;
- mysqli_stmt_close($stmt);
- mysqli_close($link);
- header('Location: ../index.php?msg=3');
- // feedback de sucesso
- } else {
- mysqli_stmt_close($stmt);
- mysqli_close($link);
- header('Location: ../index.php?msg=2');
- // feedback de erro geral devido à password estar errada
- }
- } else {
- mysqli_stmt_close($stmt);
- mysqli_close($link);
- header('Location: ../index.php?msg=2');
- }
- // Acção de sucesso
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement