-
Notifications
You must be signed in to change notification settings - Fork 1
/
Protection and safety.php
35 lines (29 loc) · 1.08 KB
/
Protection and safety.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
<?php
session_start(); // Start or resume a session
$host = 'your_host';
$dbname = 'your_dbname';
$user = 'your_username';
$pass = 'your_password';
try {
$pdo = new PDO("mysql:host=$host;dbname=$dbname", $user, $pass);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
die("Could not connect to the database $dbname :" . $e->getMessage());
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$username = $_POST['username'];
$password = $_POST['password'];
$stmt = $pdo->prepare("SELECT * FROM users WHERE username = :username");
$stmt->execute(['username' => $username]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
// Password is correct, so start a new session
$_SESSION["loggedin"] = true;
$_SESSION["id"] = $user['id'];
$_SESSION["username"] = $username;
echo '<p style="color: green;">Login successful!</p>';
} else {
echo '<p style="color: red;">Invalid username or password!</p>';
}
}
?>