Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- include_once 'dbconnect.php';
- if ($_SERVER['REQUEST_METHOD'] === 'POST') {
- $options = [
- 'cost' => 12,
- ];
- $email = mysqli_real_escape_string($con, $_POST['email']);
- $password = password_hash($con, $_POST['password'], PASSWORD_BCRYPT, $options);
- $result = mysqli_query($con, "SELECT * FROM `users` WHERE `email` = '" . $email. "' and `password` = '" . $password . "'");
- if(count($result) > 0 && password_verify($_POST['password'], $result['password']) ){
- $_SESSION['user_id'] = $result['id'];
- header("Location: admin_site/panel.php");
- exit();
- } else {
- $message = 'Invalid pass or email';
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement