Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- if ($_SERVER['REQUEST_METHOD'] == 'POST'){
- $userLogin = mysqli_real_escape_string($connLogin, $_POST['userLogin']);
- $userLogin2 = mysqli_real_escape_string($connLogin, $_POST['userLogin']);
- $pass = mysqli_real_escape_string($connLogin, $_POST['passLogin']);
- $passCriptata2ndLevelQry = mysqli_query($connLogin,"SELECT PASSWORD('" . mysql_real_escape_string($pass) . "') as password;");
- $passCriptata2ndLevelArr = mysqli_fetch_assoc($passCriptata2ndLevelQry);
- $passMysqlCript = urlencode($passCriptata2ndLevelArr['password']);
- $getQryData = mysqli_query($connLogin,"SELECT * FROM ADMIN WHERE username = '".$userLogin."'");
- $rowgetData = mysqli_fetch_assoc($getQryData);
- $passStored = $rowgetData['password'];
- $controlPass = false;
- if (password_verify($passMysqlCript, $passStored)) {
- $controlPass = true;
- }
- // Check del login
- if($controlPass){
- $_SESSION['loggedin'] = true;
- $_SESSION['username'] = $userLogin2;
- echo('<script>location.reload();</script>');
- } else {
- echo('<script type="text/javascript">window.alert("I dati che hai inserito sono errati. Riprova!")</script>');
- }
- }
Add Comment
Please, Sign In to add comment