API tools faq
paste
Guest User

Untitled

a guest
Nov 27th, 2018
169
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.06 KB | None | 0 0
raw download clone embed print report
  1. session_start();
  2.  
  3. // Check if the user is already logged in, redirect to welcome page
  4. if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
  5. header("location: add-event.php");
  6. exit;
  7. }
  8.  
  9. require_once "config.php";
  10.  
  11. // Define variables and initialize with empty values
  12. $username = $password = "";
  13. $username_err = $password_err = "";
  14.  
  15. // Processing form data when form is submitted
  16. if($_SERVER["REQUEST_METHOD"] == "POST"){
  17.  
  18. // Validate credentials
  19. if(empty($username_err) && empty($password_err)){
  20. // Prepare a select statement
  21. $sql = "SELECT id, username, password FROM users WHERE username = ?";
  22.  
  23. if($stmt = mysqli_prepare($link, $sql)){
  24. // Bind variables to the prepared statement as parameters
  25. mysqli_stmt_bind_param($stmt, "s", $param_username);
  26.  
  27. // Set parameters
  28. $param_username = $username;
  29.  
  30. // Attempt to execute the prepared statement
  31. if(mysqli_stmt_execute($stmt)){
  32. // Store result
  33. mysqli_stmt_store_result($stmt);
  34.  
  35. // Check if username exists, if yes then verify password
  36. if(mysqli_stmt_num_rows($stmt) == 1){
  37. // Bind result variables
  38. mysqli_stmt_bind_result($stmt, $id, $username, $hashed_password);
  39. if(mysqli_stmt_fetch($stmt)){
  40. if(password_verify($password, $hashed_password)){
  41. // Password is correct, so start a new session
  42. session_start();
  43.  
  44. // Store data in session variables
  45. $_SESSION["loggedin"] = true;
  46. $_SESSION["id"] = $id;
  47. $_SESSION["username"] = $username;
  48.  
  49. // Redirect user to welcome page
  50. header("location: welcome.php");
  51. } else{
  52. // Display an error message if password is not valid
  53. $password_err = "The password you entered was not valid.";
  54. }
  55. }
  56. } else{
  57. // Display an error message if username doesn't exist
  58. $username_err = "No account found with that username.";
  59. }
  60. } else{
  61. echo "Oops! Something went wrong. Please try again later.";
  62. }
  63. }
  64.  
  65. // Close statement
  66. mysqli_stmt_close($stmt);
  67. }
  68.  
  69. // Close connection
  70. mysqli_close($link);
  71. }
  72.  
  73. <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
  74. <div class="form-group <?php echo (!empty($username_err)) ? 'has-error' : ''; ?>">
  75.  
  76. <H2>Username:</H2>
  77. <input type="text" name="username" class="form-control" value="<?php echo $username; ?>">
  78. <H2>Password:</H2>
  79. <input type="password" name="password" class="form-control">
  80. <div class="form-group">
  81. <input type="submit" class="btn btn-primary" value="Login" style="width:80px;height:42px;font-size:18px;">
  82. </div>
  83. </div>
  84. </form>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!