A whole lot of shaking going on...

author: Mateja <mail@matejamaric.com> 2020-10-04 00:16:49 +0200
committer: Mateja <mail@matejamaric.com> 2020-10-04 00:16:49 +0200
commit: a3094caeb564821870870d57efb4a4fc3fd659e7 (patch)
tree: 9399de7d6fd48900d1d01573a81a286aa2fdfa74 /login.php
parent: 1e44886d6f53d5bb9621211810fdea247f7fbd71 (diff)
download: old-php-yota-a3094caeb564821870870d57efb4a4fc3fd659e7.tar.gz
old-php-yota-a3094caeb564821870870d57efb4a4fc3fd659e7.zip
1 files changed, 32 insertions, 0 deletions
diff --git a/login.php b/login.php
new file mode 100644
index 0000000..6d51326
--- /dev/null
+++ b/login.php
@@ -0,0 +1,32 @@
+<?php
+session_start();
+
+# IS LOGIN LEGITIMATE?
+if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['email']) && isset($_POST['password'])) {
+	# DB CONNECT
+	try {
+		$user = "yota_user";
+		$password = "gahdeer6shai9hogai2sai4quuaj1eVu";
+		$database = "yota_call_db";
+
+		$conn = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
+		$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+		$stmt = $conn->prepare("SELECT * FROM admins WHERE email=:email");
+		$stmt->bindParam(':email', $_POST['email']);
+		$stmt->execute();
+		$row = $stmt->fetch();
+
+		if (password_verify($_POST['password'], $row['password'])) {
+			$_SESSION['admin'] = true;
+		} else {
+			$_SESSION['admin'] = false;
+		}
+	} catch (PDOException $e) {
+			die("Error!: " . $e->getMessage());
+	}
+	$stmt=null;
+	$conn=null;
+}
+
+header("Location: admin.php");
author	Mateja <mail@matejamaric.com>	2020-10-04 00:16:49 +0200
committer	Mateja <mail@matejamaric.com>	2020-10-04 00:16:49 +0200
commit	a3094caeb564821870870d57efb4a4fc3fd659e7 (patch)
tree	9399de7d6fd48900d1d01573a81a286aa2fdfa74 /login.php
parent	1e44886d6f53d5bb9621211810fdea247f7fbd71 (diff)
download	old-php-yota-a3094caeb564821870870d57efb4a4fc3fd659e7.tar.gz old-php-yota-a3094caeb564821870870d57efb4a4fc3fd659e7.zip