<script> function ajaxSubmit(){ var formData = { 'u

1.  
2. <script>
3. function ajaxSubmit(){
4. var formData = {
5. 'username' : $('input[name=username]').val(),
6. 'password' : $('input[name=password]').val(),
7. 'submit' : true
8. };
9.  
10. $.ajax({
11. url: "includes/sign_in.php",
12. type: "POST",
13. data: formData,
14. success: function(result){$("#outputDiv").html(result);},
15. error: function(result){$("#outputDiv").html("Error!");}
16. })
17. }
18.  
19. </script>
20.  
21.  
22.  
23.  
24.  
25.  
26.  
27.  
28. <?php
29. require('dbconnect.php');
30.  
31.  
32. if (isset($_POST["submit"])){
33. @session_destroy();
34. @session_start();
35.  
36.  
37. $user = $_POST['username'] ?? "Guest";
38. $pass = $_POST['password'] ?? "";
39.  
40.  
41. $stmt = $pdo->prepare('SELECT * FROM users WHERE username = ?');
42. $stmt->execute([$user]);
43. $row = $stmt->fetch();
44.  
45. if (password_verify($pass, $row['password'])){
46.  
47. $_SESSION['username'] = $user;
48. $_SESSION['accessLevel'] = $row['accessLevel'];
49. $stmt = $pdo->prepare('INSERT INTO login_log (username,logDate) VALUES (?,?)');
50. $stmt->execute([$_SESSION['username'],date("Y-m-d H:i:s")]);
51. echo '<script>alert("Successfully logged in!");</script>';
52. echo '<script>window.location="index.php";</script>';
53.  
54. }
55. else{
56. die ("Invalid username or password.<br/>");
57. }
58. $username = $_SESSION['username'] ?? "Guest";
59. echo $username;
60.  
61. }
62.  
63. else{
64. ?>
65.  
66. <fieldset >
67. <legend>Login</legend>
68. <input type='hidden' name='submitted' id='submitted' value='1'/>
69.  
70. <label for='username' >Username:
71. </label>
72.  
73.  
74. <input type='text' name='username' id='username'/>
75.  
76. <label for='password' >Password:
77. </label>
78.  
79. <input type='password' name='password' id='password'/>
80.  
81.  
82. <button name="submit" onclick="ajaxSubmit();">log in</button>
83.  
84. </fieldset>
85.  
86. <div id= "outputDiv"> </div>
87. <?php } ?>