Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php ob_start(); ?>
- <!DOCTYPE html>
- <html>
- <body>
- <?php
- // store the inputs & hash the password
- $username = $_POST['username'];
- $password = hash('sha512', $_POST['password']);
- // connect
- $conn = new PDO('mysql:host=sql.computerstudi.es;dbname=gc200339576', 'gc200339576', 'ANiYXWZf');
- // write the query
- $sql = "SELECT user_id FROM users WHERE username = :username AND password = :password";
- // create the command, run the query and store the result
- $cmd = $conn->prepare($sql);
- $cmd->bindParam(':username', $username, PDO::PARAM_STR, 50);
- $cmd->bindParam(':password', $password, PDO::PARAM_STR, 128);
- $cmd->execute();
- $users = $cmd->fetchAll();
- // if count is 1, we found a matching username and password in the database
- if (count($users) >= 1) {
- echo 'Logged in Successfully.';
- foreach ($users as $user) {
- //get user_id and store it b/c web is stateless
- //take user to subscribe.php
- //access current user session
- session_start();
- //store users unique id in a session variable
- $_SESSION['user_id'] = $user['user_id'];
- //redirect
- header('location:menu.php');
- }
- }
- else {
- echo 'Invalid Login';
- }
- $conn = null;
- ?>
- </body>
- </html>
- <?php ob_flush(); ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
