Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // Login
- <?php
- session_start();
- if (isset($_POST['login'])) {
- $link = mysqli_connect('localhost', 'grinevich', 'OtGTqnHNR24SH2zA', 'events');
- $user = mysqli_real_escape_string($link, trim($_POST['user_name']));
- $pwd = mysqli_real_escape_string($link, $_POST['user_password']);
- if (empty($user) || empty($pwd)) {
- echo "Заполните все поля!";
- } else {
- $sql = "SELECT * FROM user WHERE user_name = '$user'";
- $result = mysqli_query($link, $sql);
- $resultCheck = mysqli_num_rows($result);
- if ($resultCheck < 1 ) {
- header("Location: /?login=notuser");
- exit();
- } else {
- if ($row = mysqli_fetch_assoc($result)) {
- // De - hashing password
- $hashedPassword = password_verify($pwd, $row['user_password']);
- if ($hashedPassword == false) {
- var_dump($row, $hashedPassword);
- //header("Location: /?login=notpassword");
- //exit();
- } elseif ($hashedPassword == true) {
- //Log int the user
- $_SESSION['u_id'] = $row['user_ID'];
- $_SESSION['u_name'] = $row['user_name'];
- $_SESSION['u_password'] = $row['user_password'];
- header("Location: /?login=success");
- exit();
- }
- }
- }
- }
- } else {
- header("Location: /");
- exit();
- }
- ?>
Add Comment
Please, Sign In to add comment
