<?phpif (isset($_POST['login-submit'])) {require 'dbh.inc.php';$mail

1. <?php
2.  
3. if (isset($_POST['login-submit'])) {
4.  
5. require 'dbh.inc.php';
6.  
7. $mailuid = $_POST['mailuid'];
8. $password = $_POST['pwd'];
9.  
10. if (empty($mailuid) ||  empty($password)) {
11.   header("Location: ../index.php?error=emptyfields");
12.     exit();
13. }
14. else {
15.     $sql = "SELECT * FROM users WHERE uidUsers=? OR emailUsers=?;";
16.     $stmt = mysqli_stmt_init($conn);
17.     if (!mysqli_stmt_prepare($stmt, $sql)) {
18.        header("Location: ../index.php?error=sqlerror");
19.  
20.     exit();
21.     }
22.     else {
23.  
24.         mysqli_stmt_bind_param($stmt, "ss", $mailuid, $mailuid);
25.         mysqli_stmt_execute($stmt);
26.         $result = mysqli_stmt_get_result($stmt);
27.         if ($row = mysqli_fetch_assoc($result)) {
28.           $pwdCheck = password_verify($password, $row['pwdUsers']);
29.           if ($pwdCheck == false) {
30.              header("Location: ../index.php?error=wrongpwd");
31.               exit();
32.           }
33.           else if ($pwdCheck == true) {
34.              session_start();
35.       $_SESSION['userId'] = $row['idUsers'];
36.       $_SESSION['userUid'] = $row['uidUsers'];
37.  
38.       header("Location: ../index.php?login=success");
39.               exit();
40.           }
41.           else {
42.              header("Location: ../index.php?error=wrongpwd");
43.               exit();
44.           }
45.         }
46.         else {
47.             header("Location: ../index.php?error=nouser");
48.             exit();
49.         }
50.     }
51. }
52.  
53. }
54. else {
55. header("Location: ../index.php");
56.     exit();
57.  
58. }