-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.php
49 lines (41 loc) · 1.23 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
<?php
session_start();
require_once "connect.php";
$connection = @new mysqli($db_host, $db_user, $db_password, $db_name);
$connection->set_charset('utf8');
if (!isset($_SESSION['last_page']))
$_SESSION['last_page'] = "index.php";
if ($connection->connect_errno != 0) {
echo "Error: " . $connection->connect_errno;
} else {
$login = $_POST['username'];
$password = $_POST['password'];
$login = htmlentities($login, ENT_QUOTES, "UTF-8");
if ($result = @$connection->query(
sprintf(
"SELECT * FROM users WHERE username='%s'",
mysqli_real_escape_string($connection, $login)
)
)) {
$user_num = $result->num_rows;
if ($user_num > 0) {
$row = $result->fetch_assoc();
if (password_verify($password, $row['password'])) {
$_SESSION['logged'] = TRUE;
$_SESSION['id'] = $row['id'];
$_SESSION['username'] = $row['username'];
$_SESSION['email'] = $row['email'];
unset($_SESSION['error']);
header('Location:' . $_SESSION['last_page']);
} else {
$_SESSION['error'] = 'Nieprawidłowy login lub hasło!';
header('Location:' . $_SESSION['last_page']);
}
} else {
$_SESSION['error'] = 'Nieprawidłowy login lub hasło!';
header('Location:' . $_SESSION['last_page']);
}
}
$connection->close();
}
?>