Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- include_once 'includes/dbh.php';
- $username = $conn->real_escape_string($_POST['username']); <br/>
- $password = $conn->real_escape_string($_POST['password']); <br/>
- $sql = "SELECT * FROM users WHERE username='$username';"; <br/>
- $result = mysqli_query($conn, $sql); <br/>
- $row = mysqli_fetch_array($result,MYSQLI_ASSOC); <br/>
- if($row){ <br/>
- echo '$row = true';
- }
- else{
- echo '$row = false';
- }
- while($row) {
- echo 'Fetched result<br/>';
- if($row['username'] == $username){
- echo 'Found user in database';
- if(password_verify($password, $row['password'])){
- echo 'Successfull login';
- header('Location: home.html');
- exit;
- }
- else{
- echo 'Wrong password';
- }
- }
- else {
- echo 'Could not find user'; <br/>
- }
- }
- <?php
- include_once 'includes/dbh.php';
- $sql = "SELECT * FROM users;";
- $result = mysqli_query($conn, $sql);
- $resultCheck = mysqli_num_rows($result);
- if($resultCheck > 0) {
- while($row = mysqli_fetch_assoc($result)) {
- if($row['username'] == $username){
- // Note: Add message username already taken in error session
- echo 'Username already taken';
- exit;
- }
- }
- }
- $username = $conn->real_escape_string($_POST['username']);
- $password = $conn->real_escape_string($_POST['password']);
- $password = password_hash($password, PASSWORD_DEFAULT, ['cost' => 12]);
- $email = $conn->real_escape_string($_POST['email']);
- $sql = "INSERT INTO users (username, password, email, points)" . "VALUES ('$username', '$password', '$email', '0')";
- if($conn->query($sql) === true){
- header('Location: index.html');
- exit;
- }
- else {
- echo 'Error while signing up!';
- }
Add Comment
Please, Sign In to add comment
