<?php require_once("../includes/init.php");$message = "";$message2 = "";

1. <?php
2. require_once("../includes/init.php");
3. $message = "";
4. $message2 = "";
5.  
6.     $Salt = uniqid();
7.     $Algo = '6';
8.     $Rounds = '5000';
9.     $CryptSalt = '$' . $Algo . '$rounds=' . $Rounds . '$' . $Salt;
10.    
11. if (isset($_POST['submit'])) { // Form is submitted.
12.  
13.     $username = trim($_POST['username']);
14.     $password = crypt($_POST['password'], $CryptSalt); 
15.    
16.     // Check database to see if user/pass exists.
17.     $stmt = $db->prepare("SELECT username, password FROM xail_users WHERE username = :username AND password = :password");
18.     $stmt->bindParam(':username', $username);
19.     $stmt->bindParam(':password', crypt($password, $CryptSalt));
20.     $stmt->execute();
21.    
22.     if($stmt->rowCount() > 0 )
23.     {  
24.         $_SESSION['username'] = $username;
25.         redirect_to("index.php");
26.     } else {
27.         $message = "Username or password is incorrect!";
28.     }
29. } else { // Form not submitted.
30.     $username = "";
31.     $password = "";
32. }