<form class="form-inline" action="../includes/login.php" method="post">

1. <form class="form-inline" action="../includes/login.php" method="post">
2. <input type="text" name="email" class="form-control mr-2" placeholder="Username/Email">
3. <input type="password" name="password" class="form-control mr-2" placeholder="Password">
4. <input type="submit" name="login-submit" class="btn btn-primary mr-2" value="Login">
5. </form>
6. <a href="singup.php" class="btn btn-info mr-2">Signup</a>
7.  
8. if (isset($_POST['login-submit'])) {
9. $email = $_POST['email'];
10. $password = $_POST['password'];
11.  
12. if (empty($email) || empty($password)) {
13. header("Location: ../public/index.php?error=emptyfields");
14. exit();
15. } else {
16. $conn = mysqli_connect("localhost", "root", "", "expodb");
17. $sql = "SELECT * FROM users WHERE username=? OR email=?;";
18. $stmt = mysqli_stmt_init($conn);
19. if (!mysqli_stmt_prepare($stmt, $sql)) {
20. header("Location: ../public/index.php?error=sqlerror");
21. exit();
22. } else {
23. mysqli_stmt_bind_param($stmt, "ss", $email, $email);
24. mysqli_stmt_execute($stmt);
25. $result = mysqli_stmt_get_result($stmt);
26. if ($row = mysqli_fetch_assoc($result)) {
27. $passwordCheck = password_verify($password, $row['password']);
28. if ($passwordCheck == false) {
29. header("Location: ../public/index.php?error=wrongpassword");
30. exit();
31. } elseif ($passwordCheck == true) {
32. session_start();
33. }
34. } else {
35. header("Location: ../public/index.php?error=nouser");
36. exit();
37. }
38. }
39. }
40. } else {
41. header("Location: ../public/index.php");
42. exit();
43. }