Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- if(isset($_POST['login'])){
- $link = $_SERVER['HTTP_REFERER'];
- $base_url = strtok($link, '?'); // Get the base url
- $parsed_url = parse_url($link); // Parse it
- $query = $parsed_url['query'];
- if(!isset($query)){
- $redireciona=$link;
- }else{
- $redireciona=substr($link, 0, strpos($link, "failed") - 1);
- }
- $user = trim($_POST['sp_uname']);
- $pass = trim($_POST["sp_pass"]);
- $stmt = $ligadb->prepare("SELECT id_user, u_user, u_nome, u_password, u_perfil FROM users WHERE u_user=? LIMIT 1");
- $stmt->bind_param('s', $user);
- $stmt->execute();
- $stmt->bind_result($user_id, $user, $nome, $password, $perfil);
- $stmt->store_result();
- if($stmt->num_rows == 1) //To check if the row exists
- {
- if($stmt->fetch()) //fetching the contents of the row
- {
- if(password_verify($_POST["sp_pass"], $password)){
- $_SESSION['user'] = $user;
- $_SESSION['perfil'] = $perfil;
- $_SESSION['id'] = $user_id;
- $_SESSION['nome'] = $nome;
- }else{
- if(!isset($query) || $query==="failed"){
- # Redirect user to error page
- header('Location: ' . $redireciona . '?failed');
- }else{
- if (strpos($link, 'failed') !== false) {
- header('Location: ' . $link);
- }else{
- header('Location: ' . $link . '&failed');
- }
- }
- }
- }
- header('Location: ' . $redireciona);
- }
- else {
- if (strpos($link, 'failed') !== false) {
- header('Location: ' . $link);
- }else{
- header('Location: ' . $link . '&failed');
- }
- }
- $stmt->close();
- }
- else
- {
- }
- $ligadb->close();
Add Comment
Please, Sign In to add comment
