-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathformcon.php
More file actions
55 lines (47 loc) · 1.62 KB
/
formcon.php
File metadata and controls
55 lines (47 loc) · 1.62 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
<?php
// connection
session_start();
$DATABASE_HOST = '127.0.0.1';
$DATABASE_USER = 'root';
$DATABASE_PASS = '';
$DATABASE_NAME = 'app';
$con = mysqli_connect($DATABASE_HOST, $DATABASE_USER, $DATABASE_PASS, $DATABASE_NAME);
if ( mysqli_connect_errno() ) {
exit('Failed to connect to MySQL: ' . mysqli_connect_error());
}
// check if the data from the login isset()
if ( !isset($_POST['UserName'], $_POST['password']) ) {
exit('Please fill both the username and password fields!');
}
// query
if ($stmt = $con->prepare('SELECT id, Password FROM login WHERE UserName = ?')) {
// ربط المتغيرات
$stmt->bind_param('s', $_POST['UserName']);
$stmt->execute();
// Store the result , check if the account exists in the database.
$stmt->store_result();
if ($stmt->num_rows > 0) {
$stmt->bind_result($id, $password);
$stmt->fetch();
// Account exists, now we verify the password.
// Note: remember to use password_hash in your registration file to store the hashed passwords.
if ($_POST['password'] === $password) {
// Verification success! User has loggedin!
// Create sessions know the user is logged in, they basically act like cookies but remember the data on the server.
session_regenerate_id();
$_SESSION['loggedin'] = TRUE;
$_SESSION['name'] = $_POST['UserName'];
$_SESSION['id'] = $id;
header('Location: home.php');
} else {
// Incorrect password
//echo 'Incorrect username pass and/or password!';
header('Location: login.php');
}
} else {
// Incorrect username
echo 'Incorrect username user and/or password!';
}
$stmt->close();
}
?>