Last active
January 12, 2017 18:00
-
-
Save InukVT/4cc15746ec137350da71cfd80214e287 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$username = $_POST['username']; | |
$password = $_POST['password']; | |
$username = stripslashes($username); | |
$username = mysqli_real_escape_string($db, $username); | |
$sql = "SELECT * FROM users WHERE username='$username'"; | |
$res = mysqli_query($db, $sql) or die(mysqli_error($db)); | |
if (mysqli_num_rows($res) > 0) | |
{ | |
$row = mysqli_fetch_assoc($res); | |
$hash = $row['password']; | |
} | |
if (password_verify($password, $hash)) | |
{ | |
$_SESSION['username'] = $username; // Initializing Session | |
header("location: $uri_cookie"); // Redirecting To Other Page | |
$error = "Your username is: $username"; | |
$sql = "SELECT role FROM users WHERE username='$username'"; | |
$result = mysqli_query($db, $sql); | |
$row = mysqli_fetch_array($result, MYSQLI_ASSOC); | |
if (mysqli_num_rows($result) == 1) | |
{ | |
$_SESSION['role'] = $row['role']; | |
$admin = $_SESSION['role']; | |
echo "$admin"; | |
} | |
} | |
else { | |
$error = "Incorrect username or password.<br>".$hash. "<br>" .$password; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$username = $_POST['username']; | |
$password = $_POST['password']; | |
// To protect from MySQL injection | |
$username = stripslashes($username); | |
$username = mysqli_real_escape_string($db, $username); | |
$hash = password_hash($password, PASSWORD_DEFAULT); | |
//Check username and password from database | |
$sql = "INSERT INTO users(`uid`,`username`,`password`,`role`) VALUES (NULL, '$username','$hash','0')"; | |
if(mysqli_query($db, $sql)) | |
{ | |
//Code here for successful login! | |
$register = true; | |
} | |
else | |
{ | |
//Error code, should be removed before primetime! | |
echo "Something happened!<br>".mysqli_error($db); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment