<?phprequire("connect.php");#$username = "";$password = "";$rows =

1. <?php
2. require("connect.php");#
3.  
4. $username = "";
5. $password = "";
6. $rows     = '';
7.  
8. if (isset($_POST['username']) && isset($_POST['password'])) {
9.     $username = $_POST['username'];
10.     $password = $_POST['password'];
11.  
12.     if (empty($username) || empty($password)) {
13.         $return_data['success']  = false;
14.         $return_data['errors'][] = "You are missing some key fields!";
15.     }
16.  
17.     if (!ctype_alnum($username) && $username != false) {
18.         $return_data['success']  = false;
19.         $return_data['errors'][] = "Username is incorrect. Use your college username.";
20.     }
21.  
22.     if (strlen($username) > 10) {
23.         $return_data['errors'][] = "You have exceeded the maximum length of a username.";
24.     }
25.      authenticate($username, $password);
26. }
27.  
28. function authenticate($username, $password){
29.     global $pdo;
30.     $hash = password_hash($password, PASSWORD_DEFAULT);
31.     $sql = "SELECT * FROM users WHERE username='" . $username . "'";
32.     $result = $pdo->query($sql);
33.     $user = $result->fetchColumn(2);
34.     print_r("test");
35.  
36.     if (password_verify($password, $user)) { // Havent hashed in database yet (does work)
37.       $_SESSION['login_user'] = $username;
38.       if ($rows == 1) {
39.         header("location: ../app/adminlogin.php");
40.       }
41.     }
42.   }
43. }
44. ?>