Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- // Connecting to database //
- include('sql_connect.php');
- $username = $obj_connection->real_escape_string($_POST['login_username']);
- $password = $obj_connection->real_escape_string(md5($_POST['login_password']));
- if($username && $password) {
- $sql_select = "SELECT username, password FROM ovi_users WHERE username = '$username'";
- $sql_result = $obj_connection->query($sql_select);
- $numrows = $sql_result->num_rows;
- // Return the row of user to check if it exist //
- if($numrows != 0) {
- while($row = $sql_result->fetch_assoc()) {
- $dbusername = $row['username'];
- $dbpassword = $row['password'];
- }
- // Check if they both match //
- if($username == $dbusername && $password == $dbpassword) {
- $_SESSION['username'] = $username;
- header('location: ../index.php?page=admin&show_home=true');
- }
- else {
- $_SESSION['login_pass'] = "Wrong password!";
- header('location: ../index.php');
- }
- }
- else {
- $_SESSION['login_user'] = "User doesnt ecxist!";
- header('location: ../index.php');
- }
- }
- else {
- $_SESSION['login_blank'] = "All fields must be filled out!";
- header('location: ../index.php');
- }
- ?>
Add Comment
Please, Sign In to add comment