if (empty($SESSION_['id'])) { // Read the entered username and password $u

1. if (empty($SESSION_['id']))
2. {
3. // Read the entered username and password
4. $username = $_POST['username'];
5. $password = $_POST['password'];
6.  
7. // Select password from database
8. $loginresult = mysqli_query($dbc, "SELECT password FROM user WHERE username = '$username'") or die('Error accessing the user database');
9. $row = mysqli_fetch_assoc($loginresult);
10. if (mysqli_num_rows($loginresult) > 0 && password_verify($password, $row['password']))
11. {
12. $SESSION_['id'] = $username;
13. }
14. else
15. {
16. echo ("Access denied. <a href='login.php'>Try again?</a>");
17. }
18. mysqli_close($dbc);
19. }