<?phpsession_start();if ($_SERVER['REQUEST_METHOD'] == 'GET') { die("Thi

1. <?php
2. session_start();
3.  
4.  
5. if ($_SERVER['REQUEST_METHOD'] == 'GET') {
6. die("This page does not take GET request");
7. }
8. if ($_SERVER['REQUEST_METHOD'] == 'POST') {
9.  
10. require_once('dbconfig.php');
11. $loginUserName = $_POST['username'];
12. $loginPassword = $_POST['password'];
13.  
14. $mysqli_conn = new mysqli($servername, $username, $password, $dbname);
15. if (mysqli_connect_errno()) {
16. die("Failed to connect to database");
17. }
18. $sql = "select * from users where username='$loginUserName' and password='$loginPassword'";
19. $result = $mysqli_conn->query($sql);
20. $count = mysqli_num_rows($result);
21.  
22.  
23. if (empty($_POST['username'])) {
24. echo "Username cannot be empty";
25. }
26. if (empty($_POST['password'])) {
27. echo "password is empty, try again";
28. }
29. if ($count > 0 && $row = $result->fetch_assoc()) {
30.  
31. echo("$loginUserName has successfully logged in");
32.  
33. } else if ($count == 0) {
34.  
35. $sqlCheck = "select * from users";
36. $checkResult = $mysqli_conn->query($sqlCheck);
37.  
38.  
39. if ($checkResult->num_rows > 0) {
40. while ($row = $result->fetch_assoc()) {
41. if ($row['username'] == $loginUserName && $row['password'] != $loginPassword) {
42. echo "Invalid ID";
43. }
44. if ($row['username'] != $loginUserName && $row['password'] == $loginPassword) {
45. echo "Incorrect password";
46. }
47. if ($row['username'] != $loginUserName && $row['password'] != $loginPassword) {
48. echo "Your ID and password do not exist";
49. }
50.  
51.  
52. }
53. }
54. }
55.  
56.  
57.  
58.  
59. $mysqli_conn->close();
60.  
61. }
62.  
63.  
64. ?>