Ana

 avatar
Ana
plain_text
2 years ago
1.7 kB
2
Indexable
Never
<?php
include_once("../php/initdb.php");
if(isset($_POST['login-submit'])) {
    $conn = new mysqli('localhost','root','', 'projekat');
    $emailuid = $_POST['mailuid'];
    $password = $_POST['pswuid'];
    if (empty($emailuid) || empty($password)) {
        header("Location: ../index1.php?error=emptyfields");
        exit();
    }
    else {
        $sql = "SELECT*FROM `korisnici` WHERE `username`=? OR `email`=?;";
        $stmt = mysqli_stmt_init($conn);
        if(!mysqli_stmt_prepare($stmt,$sql)) {
            header("Location: ../index1.php?error=sqlerror");
        exit();
        }
        else {
           mysqli_stmt_bind_param($stmt, "ss", $emailuid, $emailuid);
           mysqli_stmt_execute($stmt);
           $result = mysqli_stmt_get_result($stmt);
           if ($row = mysqli_fetch_assoc($result)) {
             $pswCheck = password_verify($password, $row['password']);
             if ($pswCheck == false) {
              header("Location: ../index1.php?error=wrongpwd");
              exit();
             }
             elseif($pswCheck == true) {
                 session_start();
                 $_SESSION['userId'] = $row['id'];
                 $_SESSION['userName'] = $row['username'];
                 header("Location: ../index1.php?login=success");
                 exit();
             }
             else {
                header("Location: ../index1.php?error=wrongpwd");
                exit();
             }
           }
           else {
            header("Location: ../index1.php?error=nouser");
            exit();
           }
        }
    }
}
else {
    header("Location: ../shop1.php");
    exit();
}