Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ini_set('display_errors',1);
- error_reporting(E_ALL);
- session_start();
- include('connection.php');
- if(isset($_POST['submit'])) {
- $username = $_POST['username'];
- $password = $_POST['password'];
- $query = "SELECT * FROM hash WHERE username = '$username' LIMIT 1";
- // use LIMIT 1 so query will stop once match record is found
- $result = mysqli_query($conn , $query) or die(mysqli_error($conn));
- if (mysqli_num_rows($result) == 1) {
- // you don't need a while loop for one record
- $row = mysqli_fetch_assoc($result);
- $upass = $row['password'];
- $uname = $row['username'];
- $uid = $row['id'];
- if (password_verify($password, $upass)) {
- $_SESSION['active'] = $uid;
- header('location:welcome.php');
- }
- } else {
- echo "<script>alert('error');
- window.location.href= 'index.php';</script>";
- }
- } else {
- echo "<script>alert('INVALID USERNAME OR PASSWORD!');
- window.location.href= 'index.php';</script>";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
