Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $username = isset ( $_POST [ 'lgnUsername' ] ) ? $_POST [ 'lgnUsername' ] : NULL;
- $password = isset ( $_POST [ 'lgnPassword' ] ) ? $_POST [ 'lgnPassword' ] : NULL;
- try
- {
- $query = $db -> prepare ( "SELECT COUNT(*) as uCount FROM users WHERE username = ? AND password = SHA256(?)" );
- $query -> bindParam ( 1, $username, PDO :: PARAM_STR );
- $query -> bindParam ( 2, $password, PDO :: PARAM_STR );
- $query -> execute ( );
- // by this point, an exception would be thrown otherwise
- // $row will contain an array
- $row = $query -> fetch ( PDO :: FETCH_ASSOC );
- if ( $row [ 'uCount' ] == 0 )
- {
- // user does not exist
- }
- else
- {
- // user exists
- $_SESSION [ 'hash' ] = md5 ( "test" );
- }
- }
- catch ( PDOException $e )
- {
- die ( $e -> getMessage ( ) );
- }
Add Comment
Please, Sign In to add comment
