function authenticate() { try { $db = new PDO('mysql:host=localhost;d

1. function authenticate() {
2.  
3. try {
4. $db = new PDO('mysql:host=localhost;dbname=users_db;charset=UTF-8', 'root', 'aiden223', array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
5. } catch(PDOException $ex) {
6. echo '<font face="Verdana" size="2">An error occured: ' . $ex;
7. }
8.  
9. $username = strtolower($_POST['username']);
10. $encrypted_pass = encrypt_pass($_POST['password']);
11.  
12. $prepquery = $db->prepare('SELECT COUNT(*) FROM users WHERE username = :username AND ecrypted_pass = :encrypted_pass)');
13. $prepquery->bindParam(':username', $username);
14. $prepquery->bindParam(':encrypted_pass', $encrypted_pass);
15. $res = $prepquery->rowCount();
16.  
17. return $res;
18. }
19.  
20. function encrypt_pass($password) {
21.  
22. $Salt = uniqid();
23. $Algo = '6';
24. $Rounds = '7500';
25. $cryptSalt = '$' . $Algo . '$rounds=' . $Rounds . '$' . $Salt;
26.  
27. $encrypted_pass = crypt($password, $cryptSalt);
28.  
29. return $encrypted_pass;
30.  
31. }
32.  
33. if(authenticate() > 0) {
34. echo '<font face="Verdana" size="2">You are now logged in as ' . $username . '.';
35. $_SESSION['is_logged_in'] = 1;
36. $_SESSION['logged_in_as'] = $username;
37. } else if(isset($_SESSION['is_logged_in'])) {
38. echo '<font face="Verdana" size="2">You are already logged in';
39. } else {
40. echo '<font face="Verdana" size="2">The username or password was incorrect. <br /> ';
41. }