Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $username = $_POST['username'];
- $password = $_POST['password'];
- $username = stripslashes($username);
- $username = mysqli_real_escape_string($db, $username);
- $sql = "SELECT * FROM users WHERE username='$username'";
- $res = mysqli_query($db, $sql) or die(mysqli_error($db));
- if (mysqli_num_rows($res) > 0)
- {
- $row = mysqli_fetch_assoc($res);
- $hash = $row['password'];
- }
- if (password_verify($password, $hash))
- {
- $_SESSION['username'] = $username; // Initializing Session
- header("location: $uri_cookie"); // Redirecting To Other Page
- $error = "Your username is: $username";
- $sql = "SELECT role FROM users WHERE username='$username'";
- $result = mysqli_query($db, $sql);
- $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
- if (mysqli_num_rows($result) == 1)
- {
- $_SESSION['role'] = $row['role'];
- $admin = $_SESSION['role'];
- echo "$admin";
- }
- }
- else {
- $error = "Incorrect username or password.<br>".$hash. "<br>" .$password;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement