- time: documentation ( source)
- password_verify: documentation ( source)
- setcookie: documentation ( source)
- session_start: documentation ( source)
- header: documentation ( source)
<?php
$username = $_POST['username'];
$pass = $_POST['Password'];
$mysqli = new mysqli("localhost", "438613", "website", "438613");
if ($mysqli->connect_errno) {
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}
else{
$username = $mysqli->real_escape_string($username);
$pass = $mysqli->real_escape_string($pass);
if($row=$mysqli->query("SELECT password FROM accounts WHERE username='$username'")){
if($row->num_rows == 0){
echo "No user with this email!";
header( "refresh:3;url=index.php" );
}
else{
$result = $row->fetch_assoc();
$db_pass = $result["password"];
if (password_verify($pass, $db_pass)) {
echo "The password is correct!";
session_start();
unset($_SESSION['user']);
$_SESSION['user'] = $username;
if (isset($_POST['remember'])) {
$year = time() + 31536000;
setcookie("user", $username, $year);;
}
header("Location:main.php");
exit();
}
else{
echo "Incorrect password!";
header( "refresh:3;url=index.php" );
}
}
}
else{
echo "Select error: (" . $mysqli->errno . ") " . $mysqli->error;
}
}
?>