$_SESSION['email1'] = $_POST['email1'];$_SESSION['pass1'] = $_POST['pass1'];

1. $_SESSION['email1'] = $_POST['email1'];
2. $_SESSION['pass1'] = $_POST['pass1'];
3.  
4. $mysqli = mysqli_connect($servername, $username, $password, $dbname);
5.  
6. // Escape email to protect against SQL injections
7. $email = $mysqli->escape_string($_POST['email1']);
8. $pass = $mysqli->escape_string($_POST['pass1']);
9.  
10. $sql = $mysqli->query("SELECT * FROM user WHERE email='$email'");
11.  
12.  
13. if ( $sql->num_rows == 0 ){ // User doesn't exist
14.     header("location: userErr.php");
15. }
16. else { // User exists
17.   $user = $sql->fetch_assoc();
18.  
19.   if ( password_verify($_POST['pass1'], $user['password']) ) {
20.  
21.       $_SESSION['email1'] = $user['email'];
22.       $_SESSION['name'] = $user['username'];
23.       $_SESSION['active'] = $user['active'];
24.  
25.       // This is how we'll know the user is logged in
26.       $_SESSION['logged_in'] = true;
27.  
28.       header("location: home.php");
29.     }
30.     else {
31.         header("location: passErr.php");
32.     }
33. }
34. ?>