Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ini_set('display_errors', 1);
- ini_set('display_startup_errors', 1);
- error_reporting(E_ALL);
- include('includes/functions.php');
- if(isset($_POST['login'])) {
- //create variables
- //wrap the data with our function
- $formUser = validateFormData($_POST['username']);
- $formPass = validateFormData($_POST['password']);
- // connect to database
- include('includes/connection.php');
- //create SQL query
- $query = "SELECT username, email, password FROM users WHERE username='$formUser'";
- // store the result
- $result = mysqli_query($conn, $query);
- // verify if result is returned
- if (mysqli_num_rows($result) > 0 ) {
- // store basic user data in variables
- while ($row = mysqli_fetch_assoc($result)) {
- $user = $row["username"];
- $email = $row["email"];
- $hashedPass = $row["password"];
- }
- // verify hashed password with the typed password
- if (password_verify($formPass, $hashedPass)) {
- // correct login details!
- // start the Session
- session_start();
- //store data in session variables
- $_SESSION['loggedInUser'] = $user;
- $_SESSION['loggedInEmail'] = $email;
- //Even though there aren't any errors, we're gonna initialize the variable
- $loginError = "";
- header("Location: checker.php");
- } else {
- // error message
- $loginError = "<div class='alert alert-danger'>Please check your username or password.</div>";
- }
- }else {
- // there are no results in database
- $loginError = "<div class='alert alert-danger'>No user in the database. <a class='close' data-dismiss='alert'>×</a></div>";
- }
- // close mysql connection
- mysqli_close($conn);
- }
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <title>Login</title>
- <meta charset="utf-8">
- <meta name="viewport" content="width=device-width, initial-scale=1">
- <link rel="stylesheet" href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
- <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
- <script src="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
- </head>
- <body>
- <div class="container">
- <h1>Login</h1>
- <p class="lead">Log in to your account!</p>
- <?php echo $loginError ?>
- <form class="" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF'] ); ?>" method="post">
- <div class="form-group">
- <label>* Username</label>
- <input type="text" name="username" value="Username" class="form-control" id="login-username" placeholder="username">
- </div>
- <div class="form-group">
- <label>* Password</label>
- <input type="password" name="password" value="Password" class="form-control" id="login-password" placeholder="password">
- </div>
- <button type="submit" class="btn btn-default" name="login">Login</button>
- </form>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement