Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- require_once("db_connection.php");
- if ($_POST) {
- $username = isset($_POST["username"]) ? $_POST["username"] : "";
- $password = isset($_POST["password"]) ? $_POST["password"] : "";
- $username = mysqli_real_escape_string($conn, $username);
- $password = mysqli_real_escape_string($conn, $password);
- if ($username && $password) {
- $query = "SELECT * ";
- $query .= "FROM useraccount ";
- $query .= "WHERE username = '{$username}' AND ";
- $query .= " password = '{$password}' ";
- $query .= "LIMIT 1";
- $user_set = mysqli_query($conn, $query);
- if (mysqli_num_rows($user_set) && !mysqli_errno($conn)) {
- $user = mysqli_fetch_assoc($user_set);
- $_SESSION["user_id"] = $user["id"];
- header("Location: admin.php");
- exit;
- } else {
- die("Query failed. " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");
- }
- mysqli_free_result($user_set);
- } else {
- # username and password are required fields
- # tell it to user
- }
- }
- mysqli_close($conn);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement