Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- session_start();
- include($_SERVER['DOCUMENT_ROOT'].'/crm/connect/db.php');
- mysqli_select_db($conn, 'users');
- if($_SERVER["REQUEST_METHOD"] == "POST") {
- $user=mysqli_real_escape_string($conn,$_POST['user']);
- $pass=mysqli_real_escape_string($conn,$_POST['pass']);
- $hashedpassword = password_hash ($pass, PASSWORD_DEFAULT);
- $sql="select * from users where username ='$user'";
- $result=mysqli_query($conn,$sql);
- $row=mysqli_fetch_array($result, MYSQLI_ASSOC);
- $role = $row["admin"];
- if ($row["active"] == 0 && $pass = $row["password"]){
- header('location:initial_login.php');
- }
- elseif(password_verify($pass, $row["password"])){
- $_SESSION['username'] = $user;
- $_SESSION['admin'] = $role;
- header('location:index.php');
- }else{
- echo 'incorrect!';
- }
- }
- session_start();
- include($_SERVER['DOCUMENT_ROOT'].'/crm/connect/db.php');
- mysqli_select_db($conn, 'users');
- if($_SERVER["REQUEST_METHOD"] == "POST") {
- $user=mysqli_real_escape_string($conn,$_POST['user']);
- $pass=mysqli_real_escape_string($conn,$_POST['pass']);
- $hashedpassword = password_hash ($pass, PASSWORD_DEFAULT);
- $sql="select * from users where username ='$user'";
- $result=mysqli_query($conn,$sql);
- $row=mysqli_fetch_array($result, MYSQLI_ASSOC);
- $role = $row["admin"];
- if ($row["active"] == 0 && $pass == $row["password"]){
- header('location:initial_login.php');
- }else{
- echo 'incorrect!';
- if(password_verify($pass, $row["password"])){
- $_SESSION['username'] = $user;
- $_SESSION['admin'] = $role;
- header('location:index.php');
- }else{
- echo 'incorrect!';
- }
- }
- }
Add Comment
Please, Sign In to add comment