Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include_once "../db_connection.php";
- $user = $_POST['user'];
- $pass = $_POST['pass'];
- $db = new DbConnect();
- $conn = $db->connect();
- $sql = 'SELECT * FROM "user" WHERE email = :email
- and pass = :pass';
- $sth = $conn->prepare($sql);
- $sth->bindParam(':email', $user);
- $sth->bindParam(':pass', md5($pass));
- $sth->execute();
- $userReturn = $sth->fetch();
- session_start();
- unset($_SESSION['erroUser']);
- unset($_SESSION['erroPass']);
- unset($_SESSION['erro']);
- if ($userReturn) {
- unset($userReturn['pass']);
- $_SESSION['user'] = $userReturn;
- header("Location: /adm/home.php");
- } else {
- $_SESSION['count']++;
- if ($user != 'admin')
- $_SESSION['erroUser'] = "Usuário $user não existe";
- else
- $_SESSION['erroPass'] = "Senha inválida";
- header("Location: /adm/index.php");
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement