Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once 'connect.php';
- if((isset($_SESSION['user']) AND trim( $_SESSION['user'] ) != "") OR ( isset($_COOKIE['remember_me']) AND trim($_COOKIE['remember_me'] ) != "" ) ) {
- header('Location: profile.php');
- exit;
- }
- $error = '';
- try {
- if (isset($_POST['login'])) {
- $username = $_POST['username'];
- $password = $_POST['password'];
- //Retrieve the field values from our registration form.
- // $username = !empty($_POST['username']) ? trim($_POST['username']) : null;
- // $password = !empty($_POST['password']) ? trim($_POST['password']) : null;
- //Construct the SQL statement and prepare it.
- $sql = "SELECT
- id AS id,
- username AS username,
- password AS password,
- email AS email,
- phone AS phone,
- address AS address,
- first_name AS first_name,
- last_name AS last_name,
- age AS age
- FROM
- users
- WHERE
- username = ?
- ";
- $stmt = $pdo->prepare($sql);
- $stmt->execute([$username]);
- $user = $stmt->fetch(PDO::FETCH_ASSOC);
- $passwordHash = $user['password'];
- if (!password_verify($password, $passwordHash)) {
- setcookie('remember_me', '', time() - 100000);
- throw new Exception("Wrong username or password!");
- }
- else {
- if($_POST['remember']) {
- $month = time() + 3600 * 24 * 30;
- setcookie('remember_me', $_POST['username'], $month);
- }
- elseif(!$_POST['remember']) {
- $past = time() - 100;
- setcookie('remember_me', '', $past);
- }
- $hour = time() + 3600;
- setcookie('ID_my_site', $_POST['username'], $hour);
- $_SESSION['id'] = $user['id'];
- $_SESSION['user'] = $user['username'];
- header('Location: profile.php'); exit();
- }
- $_SESSION['id'] = '';
- $_SESSION['user'] = '';
- header('Location: login.php');
- exit;
- }
- } catch (Exception $exception) {
- $error = $exception->getMessage();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
