<?php include "db.php" ?><?php session_start(); ?><?phpif(isset($_POST['log

1. <?php include "db.php" ?>
2.  
3. <?php session_start(); ?>
4.  
5. <?php
6. if(isset($_POST['login'])){
7.  
8. $username = $_POST['username'];
9. $password = $_POST['password'];
10.  
11. $query = $connection->prepare("
12.  
13. SELECT * FROM adminUsers WHERE username = :username
14.  
15. ");
16.  
17. $query->execute([
18.  
19. 'username'=>$username
20.  
21. ]);
22.  
23. if (!$query){
24. die("QUERY FAILED");
25. }
26.  
27. while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
28.  
29. $db_id = $row['id'];
30. $db_username = $row['username'];
31. $db_password = $row['password'];
32. $db_display_name = $row['display_name'];
33.  
34. }
35. }
36. if(password_verify($password, $db_password)){
37.  
38. $_SESSION['username'] = $db_username;
39. $_SESSION['display_name'] = $db_display_name;
40. $_SESSION['password'] = $db_password;
41.  
42. $cookie = $_SESSION['username'];
43. $cookie2 = md5($_SESSION['password']);
44. $expiration = time() + (60*60*24*365);
45.  
46. setcookie('upst', $cookie, $expiration);
47. setcookie('upst2', $cookie2, $expiration);
48.  
49. header("Location: ../admin.php");
50. } else {
51.  
52. header("Location: ../please_login.php");
53. }