Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if ((!isset($_POST['login'])) || (!isset($_POST['password'])))
- {
- header('Location: index.php');
- exit();
- }
- require_once "dbconnect.php";
- $connection = @new mysqli($host, $db_user, $db_password, $db_name);
- if ($connection->connect_errno!=0)
- {
- echo "Error:".$connection->connect_errno;
- }
- else
- {
- $login = $_POST['login'];
- $password = $_POST['password'];
- $login = htmlentities($login,ENT_QUOTES, "UTF-8");
- //zabezpieczenie logowania
- if ($result = @$connection->query(sprintf("SELECT * FROM user WHERE user='%s'",
- mysqli_real_escape_string($connection,$login))))
- {
- $how_much_users = $result->num_rows;
- if($how_much_users>0)
- {
- $row = $result->fetch_assoc();
- if(password_verify($password,$row['pass']))
- {
- $_SESSION['logged'] = true;
- $_SESSION['userID'] = $row['userID'];
- $_SESSION['user'] = $row['user'];
- $_SESSION['mail'] = $row['mail'];
- unset($_SESSION['error']);
- $result->close();
- header('Location: main.php');
- }
- else
- {
- $_SESSION['error'] = '<span style="color:red">Nieprawidłowy login lub hasło!</span>';
- header('Location: log.php');
- }
- }
- else
- {
- $_SESSION['error'] = '<span style="color:red">Nieprawidłowy login lub hasło!</span>';
- header('Location: log.php');
- }
- }
- $connection->close();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement