-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.php
41 lines (36 loc) · 1.35 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
<?php
session_start();
if ((!isset($_POST['login'])) || (!isset($_POST['password']))) {
header('Location:index.php');
exit();
}
require_once 'config.php';
$connection = @new mysqli($db_host, $db_name, $db_password, $db);
if ($connection->connect_errno != 0) {
echo "Error:" . $connection->connect_errno;
} else {
$login = $_POST['login'];
$password = $_POST['password'];
$login = htmlentities($login, ENT_QUOTES, "UTF-8");
$password = htmlentities($password, ENT_QUOTES, "UTF-8");
if ($result = $connection->query(
sprintf("SELECT * FROM users WHERE name = '%s' AND password = '%s'",
mysqli_real_escape_string($connection, $login),
mysqli_real_escape_string($connection, $password)))) {
$no_users = $result->num_rows;
if ($no_users > 0) {
$_SESSION['log_in'] = true;
$row = $result->fetch_assoc();
$_SESSION['id'] = $row['ID'];
$_SESSION['user'] = $row['name'];
unset($_SESSION['error']);
$result->close();
header('Location: dashboard.php');
} else {
$_SESSION['error'] = '<span style="color:red;">Wrong login or password</span>';
header('Location:index.php');
}
}
$connection->close();
}
?>