<?php session_start(); if (isset($_SESSION['username'])

1. <?php
2. session_start();
3. if (isset($_SESSION['username'])) {
4. header('location:index.php');
5. }
6. include '../inc/db.php';
7. if (isset($_POST['submit'])) {
8. $username = mysqli_real_escape_string($conn,$_POST['username']);
9. $password = mysqli_real_escape_string($conn,$_POST['password']);
10. $query = "SELECT * FROM admin_user WHERE username='$username'";
11. $rslt = mysqli_query($conn,$query);
12. if(mysqli_num_rows($rslt)>0){
13. while ($row = mysqli_fetch_array($rslt)) {
14. if (password_verify($password, $row['password'])) {
15. $_SESSION['username'] = $username;
16. header('location:index.php');
17. }else{
18. echo "<div class='alert alert-danger inputmsg-txt'>Username or Password does not matched</div>";
19. }
20. }
21.  
22. }
23. }
24. ?>