Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require 'NFSKGBER7GI5HGIT7G54IHGJHGDFK/config.php';
- error_reporting(E_ERROR | E_PARSE);
- // Get data from FORM
- $username = $_GET["u"];
- $password = $_GET["p"];
- $action = $_GET["a"];
- //Remove '
- //$username = str_replace("'", "", $username1);
- //$password = str_replace("'", "", $password1);
- if($action == 'login') {
- $errMsg = '';
- if(isset($_GET['u']) && !isset($_GET['p'])){
- echo 'invalid login';
- }else{
- try {
- $stmt = $connect->prepare('SELECT id, fullname, username, password, secretpin FROM pdo WHERE username = :username');
- $stmt->execute(array(
- ':username' => $username
- ));
- $data = $stmt->fetch(PDO::FETCH_ASSOC);
- if($data == false){
- //$errMsg = "User $username not found.";
- echo 'invalid login';
- }
- else {
- if($password == $data['password']) {
- $_SESSION['name'] = $data['fullname'];
- $_SESSION['username'] = $data['username'];
- $_SESSION['password'] = $data['password'];
- $_SESSION['secretpin'] = $data['secretpin'];
- //User Loggedin
- echo 'valid login';
- //header('Location: dashboard.php');
- //exit;
- }
- else
- echo 'invalid login';
- }
- }
- catch(PDOException $e) {
- //$errMsg = $e->getMessage();
- echo 'server down';
- }
- }
- }else{
- echo 'no action';
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
