From 1e44886d6f53d5bb9621211810fdea247f7fbd71 Mon Sep 17 00:00:00 2001 From: Mateja Date: Sat, 3 Oct 2020 00:10:38 +0200 Subject: moved notes --- admin.php | 55 +++++++++++++++++++++++-------------------------------- 1 file changed, 23 insertions(+), 32 deletions(-) (limited to 'admin.php') diff --git a/admin.php b/admin.php index 2bfdfde..39f268c 100644 --- a/admin.php +++ b/admin.php @@ -1,41 +1,32 @@ setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); -} catch (PDOException $e) { - echo "

Error!: " . $e->getMessage() . "

"; - die(); -} - -# SHOLUD SOMETHING BE APPROVED? -if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['id']) ) { - $stmt = $conn->prepare("UPDATE activities SET approved = true WHERE id=:id"); -echo "lol:" . $_POST['id']; - $stmt->bindParam(':id', $_POST['id']); - $stmt->execute(); -} - # IS LOGIN LEGITIMATE? if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['email']) && isset($_POST['password'])) { - try { - $stmt = $conn->prepare("SELECT * FROM admins WHERE email=:email"); - $stmt->bindParam(':email', $_POST['email']); - $stmt->execute(); - $row = $stmt->fetch(); - if (password_verify($_POST['password'], $row['password'])){ - $_SESSION['admin'] = true; - } else { - $_SESSION['admin'] = false; + # DB CONNECT + try { + $user = "yota_user"; + $password = "gahdeer6shai9hogai2sai4quuaj1eVu"; + $database = "yota_call_db"; + + $conn = new PDO("mysql:host=localhost;dbname=$database", $user, $password); + $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + + $stmt = $conn->prepare("SELECT * FROM admins WHERE email=:email"); + $stmt->bindParam(':email', $_POST['email']); + $stmt->execute(); + $row = $stmt->fetch(); + + if (password_verify($_POST['password'], $row['password'])){ + $_SESSION['admin'] = true; + } else { + $_SESSION['admin'] = false; + } + } catch (PDOException $e) { + echo "

Error!: " . $e->getMessage() . "

"; } - } catch (PDOException $e) { - echo "

Error!: " . $e->getMessage() . "

"; - } + $stmt=null; + $conn=null; } ?> -- cgit v1.2.3