Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- if(!empty($_POST) && $_POST['Action']=='login_form'){
- /* Define return | here result is used to return user data and error for error message */
- $Return = array('result'=>array(), 'error'=>'');
- $email = safe_input($con, $_POST['Email']);
- $password = safe_input($con, $_POST['Password']);
- /* Server side PHP input validation */
- if(filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
- $Return['error'] = "Please enter a valid Email address.";
- }elseif($password===''){
- $Return['error'] = "Please enter Password.";
- }
- if($Return['error']!=''){
- output($Return);
- }
- /* Check Email and Password existence in DB */
- $result = mysqli_query($con, "SELECT * FROM user WHERE username='$email' AND password='MD5($password)");
- if(mysqli_num_rows($result)==1){
- $row = mysqli_fetch_assoc($result);
- /* Success: Set session variables and redirect to Protected page */
- $Return['result'] = $_SESSION['UserData'] = array('user_id'=>$row['user_id']);
- } else {
- /* Unsuccessful attempt: Set error message */
- $Return['error'] = 'Invalid Login Credential.';
- }
- /*Return*/
- output($Return);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement