Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- In auth.php page (which is included in every page).
- session_start();
- if(!isset($_SESSION["username"])){
- header("Location: login.php");
- exit(); }
- session_start();
- // If form submitted, insert values into the database.
- if (isset($_POST['username'])){
- $username = stripslashes($_REQUEST['username']); // removes backslashes
- $username = mysqli_real_escape_string($conn,$username); //escapes special characters in a string
- $password = stripslashes($_REQUEST['password']);
- $password = mysqli_real_escape_string($conn,$password);
- //Checking is user existing in the database or not
- $query = "SELECT * FROM `users` WHERE username='$username' and password='".md5($password)."'";
- $result = mysqli_query($conn,$query) or die(mysql_error());
- $rows = mysqli_num_rows($result);
- if($rows==1 ){
- $_SESSION['username'] = $username;
- header("Location: index.php"); // Redirect user to index.php
- }else{
- header("Location: login.php"); // Redirect user to index.php;
- }
- };
Add Comment
Please, Sign In to add comment