Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $_SESSION['email1'] = $_POST['email1'];
- $_SESSION['pass1'] = $_POST['pass1'];
- $mysqli = mysqli_connect($servername, $username, $password, $dbname);
- // Escape email to protect against SQL injections
- $email = $mysqli->escape_string($_POST['email1']);
- $pass = $mysqli->escape_string($_POST['pass1']);
- $sql = $mysqli->query("SELECT * FROM user WHERE email='$email'");
- if ( $sql->num_rows == 0 ){ // User doesn't exist
- header("location: userErr.php");
- }
- else { // User exists
- $user = $sql->fetch_assoc();
- if ( password_verify($_POST['pass1'], $user['password']) ) {
- $_SESSION['email1'] = $user['email'];
- $_SESSION['name'] = $user['username'];
- $_SESSION['active'] = $user['active'];
- // This is how we'll know the user is logged in
- $_SESSION['logged_in'] = true;
- header("location: home.php");
- }
- else {
- header("location: passErr.php");
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement