Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if (isset($_POST['submit'])) {
- include '../db.php';
- $username = mysqli_real_escape_string($conn, $_POST['username']);
- $password = mysqli_real_escape_string($conn, $_POST['password']);
- //Error handlers
- //Check if inputs are empty
- if (empty($username) || empty($password)) {
- header("Location: ../login.php?login=empty");
- exit();
- } else {
- $sql = "SELECT * FROM users WHERE username='$username'";
- $result = mysqli_query($conn, $sql);
- $resultCheck = mysqli_num_rows($result);
- if ($resultCheck < 1) {
- header("Location: ../login.php?login=error");
- exit();
- } else {
- if ($row = mysqli_fetch_assoc($result)) {
- //De-hashing the password
- $hashedPwdCheck = password_verify($password, $row['password']);
- if ($hashedPwdCheck == false) {
- header("Location: ../login.php?login=password-error");
- exit();
- } elseif ($hashedPwdCheck == true) {
- //Log in the user here
- $_SESSION ['id'] = $row['id'];
- $_SESSION ['username'] = $row['username'];
- $_SESSION ['email'] = $row['email'];
- $_SESSION ['password'] = $row['password'];
- header("Location: ../index.php?login=success");
- exit();
- }
- }
- }
- }
- } else {
- header("Location: ../login.php?login=error");
- exit();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement