<form id="formLogin" action="login_dashboard.php" method="post" novalidate> <d

1. <form id="formLogin" action="login_dashboard.php" method="post" novalidate>
2. <div class="form-group has-feedback">
3. <input id="user_name" type="text" class="form-control" placeholder="Username" name="user_name" required>
4. </div>
5.  
6. <div class="form-group has-feedback">
7. <input type="password" class="form-control" placeholder="Password" name="user_password" required>
8. </div>
9.  
10. <div class="row">
11. <div class="col-xs-6">
12. <button type="submit" class="btn btn-primary btn-block btn-flat">login</button>
13. </div><!-- /.col -->
14. </div>
15. </form>
16.  
17. <script>
18. $('#formLogin').on("submit",function(e) {
19. if ($('#formLogin').smkValidate()) {
20.  
21. $.post("login_dashboard.php", $("#formLogin").serialize() )
22. .done(function( data ) {
23.  
24. if (data.status === "danger") {
25. $.smkAlert({text: data.message , type: data.status});
26. $('#formLogin').smkClear();
27. $("#user_name").focus();
28.  
29. } else {
30. $(location).attr('href', 'index.php');
31. }
32.  
33. });
34. e.preventDefault();
35. }
36. e.preventDefault();
37. });
38. </script>
39.  
40. <?php
41. include '../db/database.php';
42.  
43. $user_name = mysqli_real_escape_string($link, $_POST['user_name']);
44. $user_password = mysqli_real_escape_string($link, $_POST['user_password']);
45.  
46. $code = 'abcabcabcabcabcabc';
47. $hash_login_password = hash_hmac('sha256', $user_password, $code);
48.  
49. $sql = "SELECT * FROM user WHERE (user_name=? AND user_password=?)";
50. $stmt = mysqli_prepare($link, $sql);
51. mysqli_stmt_bind_param($stmt, "ss", $user_name, $hash_login_password);
52. mysqli_stmt_execute($stmt);
53. $result_user = mysqli_stmt_get_result($stmt);
54. if($result_user->num_rows == 1){
55. session_start();
56. $row_user = mysqli_fetch_array($result_user, MYSQLI_ASSOC);
57. $_SESSION['user_id'] = $row_user['user_id'];
58. $_SESSION['user_name'] = $row_user['user_name'];
59. header('Content-Type: application/json');
60. echo json_encode(array('status' => 'success'));
61. } else {
62. header('Content-Type: application/json');
63. $errors = "Username or Password incorrect" . mysqli_error($link);
64. echo json_encode(array('status' => 'danger','message' => $errors));
65. }
66.  
67. mysqli_stmt_free_result($stmt);
68. mysqli_stmt_close($stmt);
69. mysqli_close($link);