session_start();if(isset($_POST['do_login'])){require_once '../inc/mysql_con

1. session_start();
2. if(isset($_POST['do_login']))
3. {
4.  
5. require_once '../inc/mysql_connect.php';
6.  
7. $uname=$_POST['username'];
8. $pass=$_POST['password'];
9.  
10.  
11. $uname=strip_tags(mysqli_real_escape_string($con,trim($uname)));
12. $pass=strip_tags(mysqli_real_escape_string($con, trim($pass)));
13.  
14.  
15. $sql = "SELECT * from users where username='".$uname."'";
16.  
17. $select_data=mysqli_query($con,$sql)or die(mysqli_error());
18.  
19.  
20. if (mysqli_num_rows($select_data)>0) {
21. $row = mysqli_fetch_array($select_data);
22. $password_hash = $row['password'];
23. $token = $row['token'];
24. $email = $row['email'];
25. $email_verified = $row['email_verified'];
26.  
27. if (password_verify($pass,$password_hash)) {
28. if ($email_verified > 0) {
29. setcookie('token', $token, time()+31556926 , "/", "example.com", true, true);
30. echo "success";
31.  
32. }else {
33. echo "email_not_verified";
34. $_SESSION['email_not_verified'] = "true";
35. $_SESSION['username'] = $uname;
36. $_SESSION['email'] = $email;
37. $_SESSION['token'] = $token;
38. }
39.  
40. }
41. else{
42. echo "fail";
43. }
44. exit();
45. }}
46.  
47. function do_login()
48. {
49. $("#btn-login").addClass('disabled');
50. var username=$("#emailid").val();
51. var pass=$("#password").val();
52. if(username!="" && pass!="")
53. {
54. $.ajax
55. ({
56. type:'post',
57. url:'https://example.com/core/auth/do_login.php',
58. data:{
59. do_login:"do_login",
60. username:username,
61. password:pass
62. },
63. success: function (response) {
64. if (response =="success") {
65. $('#login').modal('hide');
66. window.location.href="https://example.com/account/";
67. }else if (response=="email_not_verified") {
68. window.location.href="https://example.com/login"
69. }
70. else{
71. shakeModal();
72. $("#btn-login").removeClass('disabled');
73. }}
74. });
75. }
76. return false;
77. }