Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //echo "<script type='text/javascript'>alert('$m');</script>";
- session_start(); // Starting Session
- $error = ''; // Variable To Store Error Message
- if (isset($_POST['submit'])) {
- $username = $_POST['username'];
- $password = $_POST['password']; //md5
- $options = ['cost' => 12,];
- $passwordHash = password_hash($password, PASSWORD_BCRYPT, $options);
- // echo '--->' . '' . $passwordHash;
- if (password_verify($password, $passwordHash))
- {
- $connection = mysqli_connect("localhost", "root", "", "ddt_db");
- if (mysqli_connect_errno())
- {
- mysqli_close($connection);
- } else {
- $result = "SELECT * FROM member WHERE username=? AND password=?";
- $stmt = mysqli_stmt_init($connection);
- if (mysqli_stmt_prepare($stmt, $result) == TRUE) {
- mysqli_stmt_bind_param($stmt, "ss", $username, $password);
- mysqli_stmt_execute($stmt);
- mysqli_stmt_store_result($stmt);
- $res = mysqli_stmt_fetch($stmt);
- // mysqli_stmt_fetch($stmt1);
- $rows = mysqli_stmt_num_rows($stmt);
- //$arr = mysqli_stmt_fetch($stmt1);
- //print_r($arr);
- //$rows2 = mysqli_num_rows($result2);
- //
- //
- //echo 'lafhdjksljdsfhsfdjhlfsdkjsdfh';
- if ($rows == 1)
- {
- echo "Sure";
- $_SESSION['login_user'] = $username;
- $result2 = "SELECT * FROM member WHERE username= '$username'";
- $res = mysqli_query($connection, $result2);
- $rest = mysqli_fetch_array($res);
- //$user = mysqli_stmt_execute($stmt1);
- if ($rest['admin'] == 1) {
- echo "admin";
- // header("location: pages/admin.php");
- } else {
- //echo "not admin";
- header("location: testLogin.php");
- }
- } else {
- if ($rows == 0) {
- ?>
- <script>
- alert('Email or Password is invalid')
- </script>;
- <?php
- //$error = "Username or Password is invalid"; Doesnt work
- }
- }
- }
- }
- }
- else
- {
- echo 'Invalid password.';
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement