<?PHP session_start(); require_once('helloPage.php'); require_

1. <?PHP
2. session_start();
3.  
4. require_once('helloPage.php');
5. require_once('connect.php');
6. require_once('postPage.php');
7.  
8. $login = $_POST['login'];
9. $haslo = $_POST['haslo'];
10.  
11. $_SESSION['login'] = $login;
12. $_SESSION['haslo'] = $haslo;
13.  
14. if($login == NULL || $haslo == NULL)
15. {
16. header('Location: helloPage.php');
17. $_SESSION['error_login_blank'] = "Login i hasło nie mogą pozostać puste!";
18. exit();
19. }
20.  
21. $connect = mysqli_connect($host, $db_user, $db_password) or die ('Serwer jest wyłączony');
22. mysqli_select_db($connect, $db_name) or die ('Baza danych jest wyłączona');
23.  
24. $login_db = mysqli_real_escape_string($connect, $login);
25. $haslo_db = mysqli_real_escape_string($connect, $haslo);
26.  
27. $connect_result_login = mysqli_query($connect, 'SELECT user FROM konta WHERE user = "'.$login_db.'";');
28. $connect_row_login = mysqli_fetch_array($connect_result_login);
29. $connect_string_login = $connect_row_login['user'];
30.  
31. $connect_result_password = mysqli_query($connect, 'SELECT pass FROM konta WHERE user = "'.$login_db.'";');
32. $connect_row_password = mysqli_fetch_array($connect_result_password);
33. $connect_string_password = $connect_row_password['pass'];
34. if(password_verify($haslo, $connect_string_password) && $login == $connect_string_login){
35. header('Location: postPage.php');
36. } else {
37. header('Location: helloPage.php');
38. $_SESSION['error_login_and_password'] = "Nieprawidłowy login lub hasło!";
39. exit();
40. }
41. ?>