0

Login through PHP

the code below is for a login portal that allows user to login through Username and password. But the code is letting login with incorrect password as well. if (isset($_POST['btn-login'])) { $Username = $_POST['Username']; $Password = $_POST['Password']; $sql="SELECT * FROM logindata WHERE Username= ?;"; $stmt = mysqli_stmt_init($conn); if (!mysqli_stmt_prepare($stmt, $sql)){ header("Location: ../lab_login.html?eror=sqlerror"); exit(); } else{ mysqli_stmt_bind_param($stmt, "s", $Username); mysqli_stmt_execute($stmt); $result = mysqli_stmt_get_result($stmt); if($row = mysqli_fetch_assoc($result)){ $pwdCheck = password_verify($Password, $row['Password']); if($pwdCheck == false){ header("Location: ../lab_login.html?eror=wrngpwd"); exit(); } elseif ($pwdCheck==true) { session_start(); $_SESSION['Username']= $row['Username']; header("Location: ../lab_login.html?login=success"); exit(); } } } }

10th Jul 2019, 7:02 AM
ROBOKIT
ROBOKIT - avatar
1 Réponse
0
$password_hash= password_hash($row['password'], PASSWORD_DEFAULT); use this line of code before $pwdCheck = password_verify($Password, $password_hash);
10th Jul 2020, 10:57 AM
Muhammad Idrees 🇵🇰
Muhammad Idrees 🇵🇰 - avatar