-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathLabApplication.php
80 lines (67 loc) · 2.42 KB
/
LabApplication.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
<?php
// login.php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "database";
// Define variables and initialize with empty values
$email = $password = "";
$email_err = $password_err = "";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){
// Check if email is empty
if(empty(trim($_POST["email"]))){
$email_err = "Please enter email.";
} else{
$email = trim($_POST["email"]);
}
// Check if password is empty
if(empty(trim($_POST["password"]))){
$password_err = "Please enter your password.";
} else{
$password = trim($_POST["password"]);
}
// Validate credentials
if(empty($email_err) && empty($password_err)){
// Prepare a select statement
$stmt = $conn->prepare("SELECT id, email, password FROM users WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
// Store result
$stmt->store_result();
// Check if email exists, if yes then verify password
if($stmt->num_rows == 1){
// Bind result variables
$stmt->bind_result($id, $email, $hashed_password);
if($stmt->fetch()){
if(password_verify($password, $hashed_password)){
// Password is correct, so start a new session
session_start();
// Store data in session variables
$_SESSION["loggedin"] = true;
$_SESSION["id"] = $id;
$_SESSION["email"] = $email;
// Redirect user to welcome page
header("location: welcome.php");
} else{
// Display an error message if password is not valid
$password_err = "The password you entered was not valid.";
}
}
} else{
// Display an error message if email doesn't exist
$email_err = "No account found with that email.";
}
}
// Close statement
$stmt->close();
}
// Close connection
$conn->close();
?>