Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ob_start();
- include 'inc/database.php';
- include 'php/sanitize.php';
- $result = mysqli_query($con, "SELECT * FROM `settings` LIMIT 1") or die(mysqli_error($con));
- while($row = mysqli_fetch_assoc($result)){
- $website = $row['website'];
- $favicon = $row['favicon'];
- }
- if (!isset($_SESSION)) {
- session_start();
- }
- if (isset($_SESSION['username'])) {
- header('Location: Home');
- exit();
- }
- if(isset($_POST['username']) && isset($_POST['password'])){
- $username = sanitizeInput($_POST['username']);
- $password = sanitizeInput($_POST['password']);
- $bcryptFunc = password_hash($password, PASSWORD_BCRYPT);
- $result = mysqli_query($con, "SELECT * FROM users WHERE username = '$username'") or die(mysqli_error($con));
- if(mysqli_num_rows($result) < 1){
- $msg = '<div class="alert alert-danger">No user exists</div>';
- }
- while($row = mysqli_fetch_array($result)){
- if(!password_verify($bcryptFunc, $row['password'])) {
- $msg = '<div class="alert alert-danger">The Passwords You Entered Didn\'t Match</div>';
- }
- else
- {
- if($row['status'] == "0")
- {
- $msg = '<div class="alert alert-danger">You were banned</div>';
- }
- else if($row['status'] == 1)
- {
- $_SESSION['id'] = $row['id'];
- $_SESSION['username'] = $username;
- $_SESSION['email'] = $row['email'];
- $_SESSION['rank'] = $row['rank'];
- header("location: Home");
- }
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
