Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //pulls in database login credentials
- require_once('credentials.php');
- session_start();
- //DEVELOPMENT PURPOSES ONLY. REMOVE BEFORE SUBMISSION!
- error_reporting (E_ALL);
- ini_set('display_errors', 1);
- if(!empty($_POST['username']) && !empty ($_POST['password'])) {
- $username = mysqli_real_escape_string($conn, $_POST["username"]);
- //hashes user input to match against database hash
- $password = password_hash(mysqli_real_escape_string($conn, $_POST["password"]), PASSWORD_BCRYPT);
- $sql = "SELECT username,password FROM Credentials.Users WHERE username = '$username' AND password = '$password'";
- $result = $conn->query($sql);
- echo mysqli_error($conn);
- if ($result->num_rows > 0) {
- $_SESSION['user'] = $username;
- if(isset($_SESSION['user'])){
- echo 'logged in!';
- }else{
- echo 'not logged in wtf';
- }
- }else{
- echo 'there aint no rows brother';
- }
- }else{
- echo 'i fucked up the form';
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement