Twip-Network/watch.twip-network.org
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changes in html and Login/Register php

Browse Source
This commit is contained in:
Richard Mikloš
2024-01-20 16:35:03 +01:00
parent 4c43261455
commit a7c943676f
5 changed files with 84 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
login.php
View File

@@ -7,18 +7,23 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
$username = $_POST['username'];
$password = $_POST['password'];
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
// Prepare and execute the SQL query using prepared statements
$query = "SELECT id, username, password, isAdmin FROM users WHERE username = ?";
$stmt = $mysqli->prepare($query);
$stmt->bind_param("s", $username);
$stmt->execute();
$stmt->bind_result($user_id, $user_username, $user_password, $user_isAdmin);
$query = "SELECT * FROM users WHERE username = '$username' AND password = '$hashed_password'";
$result = mysqli_query($mysqli, $query);
if (mysqli_num_rows($result) == 1) {
$user = mysqli_fetch_assoc($result);
$_SESSION['user_id'] = $user['id'];
header('Location: main.php');
// Fetch the result
if ($stmt->fetch() && password_verify($password, $user_password)) {
$_SESSION['user_id'] = $user_id;
header('Location: index.php');
exit();
} else {
echo "Invalid username or password.";
}
// Close the statement
$stmt->close();
}
?>