Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require('db.php');
- session_start();
- // If form submitted, insert values into the database.
- if (isset($_POST['username'])){
- // removes backslashes
- $username = stripslashes($_REQUEST['username']);
- //escapes special characters in a string
- $username = mysqli_real_escape_string($con,$username);
- $password = stripslashes($_REQUEST['password']);
- $password = mysqli_real_escape_string($con,$password);
- //Checking is user existing in the database or not
- $query = "SELECT * FROM `users` WHERE username='$username' and password='".md5($password)."'";
- $result = mysqli_query($con,$query) or die(mysql_error());
- $rows = mysqli_num_rows($result);
- if($rows==1){
- //This one works
- $_SESSION['username'] = $username;
- //This one doesn't
- $_SESSION['email'] = $rows ['email'];
- // Redirect user to index.php
- header("Location: index.php");
- }else{
- echo "<div class='form'>
- <p>Username/password is incorrect.</p>
- <br/>Click here to <a href='login.php'>Login</a></div>";
- }
- }else{
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
