Webbserverprogrammering 1

Show sourcecode

The following files exists in this folder. Click to view.

webbserverprogrammering/projects/anton-quiz/endpoints/

admin/
check_answers.php
create-account.php
log-in.php
log-out.php

log-in.php

47 lines UTF-8 Windows (CRLF)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
<?php
session_start();

require_once __DIR__ '/../dbconnect.php';

if (!isset($username)) {
    $username $_POST["username"];
}
if (!isset($password)) {
    $password $_POST["password"];
}

$stmt $conn->prepare("SELECT * FROM quizdb_users WHERE username = ?");
$stmt->bind_param("s"$username);
$stmt->execute();

$results $stmt->get_result();

if (mysqli_num_rows($results) > 0) {

    foreach ($results as $res) {
        $hash $res["password"];

        if (password_verify($password$hash)) {
            $id $res["id"];
            $username $res["username"];
            $latest_login $res["latest_login"];
            $is_admin $res["is_admin"];

            $_SESSION["id"] = $id;
            $_SESSION["username"] = $username;
            $_SESSION["latest_login"] = $latest_login;
            $_SESSION["is_admin"] = $is_admin;

            if ($is_admin) {
                header("Location: ../admin/dashboard.php");
            } else {
                header("Location: ../logged-in/dashboard.php");
            }
        } else {
            echo 'Fel lösenord';
        }
    }
} else {
    echo 'Fel användarnamn';
}