Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if(!isset($_SESSION["user"]))
- {
- // not logged in
- header("Location: login.php");
- exit();
- }
- ?>
- <?php
- require_once("config.php");
- if(isset($_POST['login'])){
- $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
- $password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
- $sql = "SELECT * FROM users WHERE username=:username";
- $stmt = $db->prepare($sql);
- // bind parameter ke query
- $params = array(
- ":username" => $username
- );
- $stmt->execute($params);
- $user = $stmt->fetch(PDO::FETCH_ASSOC);
- // jika user terdaftar
- if($user){
- // verifikasi password
- if(password_verify($password, $user["password"])){
- // buat Session
- session_start();
- $_SESSION["user"] = $user;
- // login sukses, alihkan ke halaman timeline
- header("Location: timeline.php");
- }
- }
- }
- ?>
Add Comment
Please, Sign In to add comment