Ana
Ana
plain_text
4 years ago
1.7 kB
7
Indexable
<?php
include_once("../php/initdb.php");
if(isset($_POST['login-submit'])) {
$conn = new mysqli('localhost','root','', 'projekat');
$emailuid = $_POST['mailuid'];
$password = $_POST['pswuid'];
if (empty($emailuid) || empty($password)) {
header("Location: ../index1.php?error=emptyfields");
exit();
}
else {
$sql = "SELECT*FROM `korisnici` WHERE `username`=? OR `email`=?;";
$stmt = mysqli_stmt_init($conn);
if(!mysqli_stmt_prepare($stmt,$sql)) {
header("Location: ../index1.php?error=sqlerror");
exit();
}
else {
mysqli_stmt_bind_param($stmt, "ss", $emailuid, $emailuid);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
if ($row = mysqli_fetch_assoc($result)) {
$pswCheck = password_verify($password, $row['password']);
if ($pswCheck == false) {
header("Location: ../index1.php?error=wrongpwd");
exit();
}
elseif($pswCheck == true) {
session_start();
$_SESSION['userId'] = $row['id'];
$_SESSION['userName'] = $row['username'];
header("Location: ../index1.php?login=success");
exit();
}
else {
header("Location: ../index1.php?error=wrongpwd");
exit();
}
}
else {
header("Location: ../index1.php?error=nouser");
exit();
}
}
}
}
else {
header("Location: ../shop1.php");
exit();
}Editor is loading...