Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // Validate credentials
- if ($unique_code_err == "") {
- // Prepare a select statement
- $sql = "SELECT id, unique_code FROM users WHERE unique_code = :unique_code";
- if ($stmt = $pdo->prepare($sql)) {
- // Bind variables to the prepared statement as parameters
- $stmt->bindParam(":unique_code", $param_unique_code, PDO::PARAM_INT);
- // Set parameters
- $param_unique_code = trim($_POST["unique_code"]);
- // Attempt to execute the prepared statement
- if ($stmt->execute()) {
- // Check if username exists, if yes then verify password
- if ($stmt->rowCount() == 1) {
- if ($row = $stmt->fetch()) {
- $id = $row["id"];
- $unique_code = $row["unique_code"];
- // Password is correct, so start a new session
- session_start();
- // Store data in session variables
- $_SESSION["loggedin"] = true;
- $_SESSION["guestloggedin"] = true;
- $_SESSION["idguest"] = $id;
- $_SESSION["unique_code"] = $unique_code;
- // Redirect user to welcome page
- header("location: wishlist.php");
- }
- } else {
- // Display an error message if username doesn't exist
- $unique_code_err = "This unique code does not exist.";
- }
- } else {
- echo "Oops! Something went wrong. Please try again later.";
- }
- // Close statement
- unset($stmt);
- }
- }
- // Close connection
- unset($pdo);
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement