Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- }
- else
- {
- //We check if the form has been sent
- if(isset($_POST['username'], $_POST['password']))
- {
- //We remove slashes depending on the configuration
- $username = $pdo->quote($_POST['username']);
- $password = stripslashes($_POST['password']);
- //We get the password of the user
- $req = $pdo->query('SELECT password,id from users where username="'.$username.'"');
- $dn = $req->fetchAll(PDO::FETCH_ASSOC);
- $count = $req->rowCount();
- //We compare the submited password and the real one, and we check if the user exists
- if($dn['password']==$password and $count>0)
- {
- //If the password is good, we dont show the form
- $form = false;
- //We save the user name in the session username and the user Id in the session userid
- $_SESSION['username'] = $_POST['username'];
- $_SESSION['userid'] = $dn['id'];
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement