2022-11-10 20:56:38 +00:00
|
|
|
<?php
|
|
|
|
session_start();
|
|
|
|
|
2023-02-06 19:26:34 +00:00
|
|
|
$DATABASE_HOST = 'censored';
|
|
|
|
$DATABASE_USER = 'censored';
|
|
|
|
$DATABASE_PASS = 'censored';
|
|
|
|
$DATABASE_NAME = 'censored';
|
2022-11-10 20:56:38 +00:00
|
|
|
|
|
|
|
$con = mysqli_connect($DATABASE_HOST, $DATABASE_USER, $DATABASE_PASS, $DATABASE_NAME);
|
|
|
|
if ( mysqli_connect_errno() ) {
|
|
|
|
exit('MySQl Connection failed with error: ' . mysqli_connect_error());
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( !isset($_POST['username'], $_POST['password']) ) {
|
|
|
|
exit('Please fill both the username and password fields!');
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($stmt = $con->prepare('SELECT id, password FROM accounts WHERE username = ?')) {
|
|
|
|
$stmt->bind_param('s', $_POST['username']);
|
|
|
|
$stmt->execute();
|
|
|
|
|
|
|
|
$stmt->store_result();
|
|
|
|
|
|
|
|
if ($stmt->num_rows > 0) {
|
|
|
|
$stmt->bind_result($id, $password);
|
|
|
|
$stmt->fetch();
|
|
|
|
|
|
|
|
if (password_verify($_POST['password'], $password)) {
|
|
|
|
session_regenerate_id();
|
|
|
|
|
|
|
|
$_SESSION['loggedin'] = TRUE;
|
|
|
|
$_SESSION['name'] = $_POST['username'];
|
|
|
|
$_SESSION['id'] = $id;
|
|
|
|
|
|
|
|
header("Location: admin.php");
|
|
|
|
} else {
|
|
|
|
//Incorrect Data
|
|
|
|
echo 'Incorrect username and/or password!';
|
|
|
|
}
|
|
|
|
|
|
|
|
} else {
|
|
|
|
//Incorrect Data
|
|
|
|
echo 'Incorrect username and/or password!';
|
|
|
|
}
|
|
|
|
|
|
|
|
$stmt->close();
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
?>
|