Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php include 'session.php';?>
- <?php
- if(isset($_POST['username'])){
- include 'dbh.inc.php';
- $uname=$_POST['username'];
- $password=$_POST['password'];
- $secretcode=$_POST['secretcode'];
- if (empty($uname) || empty($password) || empty($secretcode)) {
- header("Location: ../index.php?login=empty");
- } else {
- $sql="select * from loginform where User = ? AND SCode= ? limit 1";
- $stmt = mysqli_stmt_init($conn);
- if (!mysqli_stmt_prepare($stmt, $sql)) {
- header("Location: ../index.php?error=error");
- } else {
- mysqli_stmt_bind_param($stmt, "ss", $uname, $secretcode);
- if (mysqli_stmt_execute($stmt) == true) {
- $result = $stmt->get_result();
- if ($row = mysqli_fetch_assoc($result)) {
- $hashedpsw = password_verify($password, $row['Pass']);
- if ($hashedpsw == true) {
- $_SESSION['Admin']=$uname;
- // Log in
- header('Location: ../index.php?login=success');
- exit();
- } else {
- header("Location: ../index.php?login=error");
- exit();
- }
- } else {
- header("Location: ../index.php?login=error");
- }
- } else {
- header("Location: ../index.php?login=error");
- }
- }
- }
- } else {
- header("Location: ../page-not-found.php");
- }
- ?>
- <?php
- ini_set('session.use_only_cookies', 1);
- session_set_cookie_params(0,'/','localhost',false,true);
- session_start();
- session_regenerate_id();
- ?>
- password_hash("test", PASSWORD_BCRYPT, array('cost' => 12));
Add Comment
Please, Sign In to add comment