<?php require 'vendor/autoload.php'; use Dotenv\Dotenv; $dotenv = Dotenv::createImmutable(__DIR__); $dotenv->load(); $host = $_ENV['DB_HOST']; $name = $_ENV['DB_NAME']; $db = pg_connect("host=$host dbname=$name"); if (!$db) { echo "Error connection to database"; } echo "Connected to $name successfully \n"; $sql = file_get_contents('init_db.sql'); pg_query($db, $sql); ?> This is the .sql file that gets loaded and populates the database -- init_db.sql DROP TABLE IF EXISTS users; CREATE TABLE IF NOT EXISTS users ( id SERIAL PRIMARY KEY, name VARCHAR(50) NOT NULL, surname VARCHAR(50) NOT NULL, password VARCHAR(255) NOT NULL, email VARCHAR(100) NOT NULL UNIQUE, phone VARCHAR(20) NOT NULL, created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ); -- Insert initial data INSERT INTO users (name, surname, password, email, phone) VALUES ('admin', 'admin', '$2y$10$oEpwSflquB9WyTSVkHj8HupkxygaepInmricYtoNTTAGh23iPOK3.%', 'admin@example.com', '123123123'), ('John', 'Doe', '$2y$10$oEpwSflquB9WyTSVkHj8HupkxygaepInmricYtoNTTAGh23iPOK3.%', 'user@example.com', '123123123'); The password hash was gotten by using "password_hash('123', PASSWORD_DEFAULT);" and copying the output // The login page that reads the DB password and checks it <?php require_once '../vendor/autoload.php'; use Dotenv\Dotenv; // NOTE: Maybe there is a better way to do this but I don't know about it. $dotenv = Dotenv::createImmutable(__DIR__ . '/../'); $dotenv->load(); $dbName = $_ENV['DB_NAME']; session_start(); if (isset($_POST) && isset($_POST['email']) && isset($_POST['password'])) { $email = $_POST['email']; $db = pg_connect("dbname=$dbName"); if (!$db) { die('Connection to DB failed: ' . pg_last_error()); } $res = pg_query_params($db, "SELECT u.password, u.id, u.email FROM users u WHERE u.email=$1", [$email]); if (!$res) { die('Query failed: ' . pg_last_error()); } $row = pg_fetch_assoc($res); if ($row) { $password = $_POST['password']; if (password_verify($password, $row['password'])) { $_SESSION['loggedin'] = true; $_SESSION['id'] = $row['id']; $_SESSION['email'] = $row['email']; header('Location: dashboard.php'); } else { echo 'Wrong password'; } } else { echo 'User not found'; } pg_free_result($res); pg_close($db); } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Login</title> </head> <body> <form action="login.php" method="POST"> <label for="email">E-mail:</label> <input type="email" id="email" name="email"> <label for="password">Password:</label> <input type="password" id="password" name="password"> <button type="submit">login</button> </form> </body> </html>
You have javascript disabled. You will not be able to edit any code.