Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $errors = array();
- require("php_db_info.php");
- // connect to the database
- $connection = @mysqli_connect($servername, $username1, $password, $dbname) or die("Error: Couldn't connect to the database.");
- mysqli_select_db($connection,$dbname);
- if (isset($_POST['login_user'])) {
- $username20 = isset($_POST['username']) ? $_POST['username'] : null;
- $password120 = isset($_POST['password']) ? $_POST['password'] : null;
- if (empty($username20)) {
- array_push($errors, "Username is required");
- }
- if (empty($password120)) {
- array_push($errors, "Password is required");
- }
- if (count($errors) == 0) {
- // $query = "SELECT * FROM users WHERE username='$username20' AND password='$password_hash'";
- $query = "SELECT userID,password FROM users WHERE username= ? ";
- $stmt = $connection->prepare($query);
- $stmt->bind_param("s", $username);
- $stmt->execute();
- $stmt->bind_result($userID,$password);
- $stmt->store_result();
- if ($stmt->num_rows == 1) //check if the row exists
- {
- if ($stmt->fetch()) //fetching the contents of the row
- {
- //verify user password
- if (password_verify($password120, $password)) {
- //password_verify("userenteredPassword",PasswordFromDatabase);
- $_SESSION['username'] = $username;
- $_SESSION['success'] = "You are now logged in";
- $hour = time() + 15 * 24 * 60 * 60;
- setcookie('c_username', $username20, $hour);
- setcookie('c_password', $password, $hour);
- header('location: home.php');
- } else {
- array_push($errors, "Password and username does not match");
- }
- }
- } else {
- array_push($errors, "Invalid user account");
- }
- } else {
- array_push($errors, "Unknown Error!");
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
