login
unknown
plain_text
2 years ago
3.1 kB
21
Indexable
<?php // Start or resume a session session_start(); // Database connection parameters $servername = "your_servername"; $username = "your_username"; $password = "your_password"; $dbname = "your_dbname"; // Create connection $conn = new mysqli($servername, $username, $password, $dbname); // Check connection if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error); } // Define variables to store user input and error messages $username = $password = ""; $usernameErr = $passwordErr = ""; if ($_SERVER["REQUEST_METHOD"] == "POST") { // Function to sanitize and validate input data function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } // Validate username if (empty($_POST["username"])) { $usernameErr = "Username is required"; } else { $username = test_input($_POST["username"]); } // Validate password if (empty($_POST["password"])) { $passwordErr = "Password is required"; } else { $password = test_input($_POST["password"]); } // If there are no errors, check the username and password if (empty($usernameErr) && empty($passwordErr)) { // Prepare and execute an SQL statement to retrieve user data $stmt = $conn->prepare("SELECT username, password FROM users WHERE username = ?"); $stmt->bind_param("s", $username); $stmt->execute(); $stmt->store_result(); if ($stmt->num_rows > 0) { // User exists, fetch the password $stmt->bind_result($dbUsername, $dbPassword); $stmt->fetch(); // Verify the password if (password_verify($password, $dbPassword)) { // Password is correct, set session variables and redirect to index.php $_SESSION["username"] = $username; header("Location: index.php"); exit(); } else { $passwordErr = "Incorrect password"; } } else { $usernameErr = "Username not found"; } // Close the statement $stmt->close(); } } // Close the database connection $conn->close(); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Login</title> </head> <body> <h2>Login</h2> <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>"> <label for="username">Username:</label> <input type="text" name="username" value="<?php echo $username; ?>"> <span class="error"><?php echo $usernameErr; ?></span> <br><br> <label for="password">Password:</label> <input type="password" name="password"> <span class="error"><?php echo $passwordErr; ?></span> <br><br> <input type="submit" name="submit" value="Login"> </form> </body> </html>
Editor is loading...
Leave a Comment