Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ini_set("session.save_path", "/home/unn_w16017186/sessionData");
- session_start();
- ?>
- <!doctype html>
- <html lang="en">
- <head>
- <meta charset="UTF-8" />
- <title>Login process script</title>
- <link href ="index.css" rel = "stylesheet" type = "text/css"/>
- </head>
- <body>
- <ul>
- <li><a href="index.html">Homepage</a></li> <!-- This is my navigation bar -->
- <li><a href="adminPage.html">Admin</a></li>
- <li><a href="loginForm.html">Login</a></li>
- </ul>
- <br>
- <br>
- <?php
- $username = filter_has_var(INPUT_POST, 'username') ? $_POST['username']: null;
- $username = trim($username);
- $password = filter_has_var(INPUT_POST, 'password') ? $_POST['password']: null;
- $password = trim($password);
- if (empty($username) || empty($password)) {
- echo "<p>You need to provide a username and password. Please try <a href='loginForm.html'>again</a>.</p>\n";
- }
- else {
- try {
- unset($_SESSION['username']);
- unset($_SESSION['logged-in']);
- require_once("functions.php");
- $dbConn = getConnection();
- $querySQL = "SELECT passwordHash FROM nbc_users WHERE username = :username";
- $stmt = $dbConn->prepare($querySQL);
- $stmt->execute(array(':username' => $username));
- $user = $stmt->fetchObject();
- if ($user) {
- if (password_verify($password, $user->passwordHash)) {
- echo "<h1>Login successful!</h1>\n";
- echo "<a href='adminPage.html'>Admin Page</a>\n";
- $_SESSION['logged-in'] = true;
- $_SESSION['username'] = $username;
- }
- else {
- echo "<p>The username or password were incorrect. Please try again</p>\n";
- }
- } else {
- echo "<p>The username or password were incorrect. Please try again</p>\n";
- }
- } catch (Exception $e) {
- echo "Record not found: " . $e->getMessage();
- }
- }
- ?>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement