this validation page doesn't show error and doesn't redirect to the home page. I check if it reach the verifying from the databse and it works fine but doesn't redirect the page so I think that the problem is with "$user = $req->fetch()" help plz
if(isset($_POST['login'])){
$username = $_POST['username'];
$password = $_POST['password'];
$pc = md5($password);
$req = $pdo->prepare('SELECT * FROM users WHERE nom= :username AND pass= :password');
$req->execute(array(
'username' => $username,
'password' => $pc,
));
if ($user = $req->fetch()) {
$_SESSION['auth'] = $user;
header("location:home.php");
exit();
}
else{
echo"<script> alert('LE NOM D UTILISATEUR OU LE MOTS DE PASSE INCORRECTE')</script>";
}
I agree with @tadman you should looking into using a framework that rather than implementing your own access control later. using md5 on its own is not a good way of hashing your passwords . Please at least try to add a salt. Anyway this should work for you . Just replace the db, user and pass for the database connection. Again i wouldn't put these directly on a view.
if(isset($_POST['login'])){
$host = '127.0.0.1';
$db = 'tester';
$user = 'root';
$pass = 'root';
$charset = 'utf8';
$username = $_POST['username'];
$password = $_POST['password'];
$pc = md5($password);
$dsn = "mysql:host=$host;dbname=$db;charset=$charset";
$opt = [
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::ATTR_EMULATE_PREPARES => false,
];
$pdo = new PDO($dsn, $user, $pass, $opt);
$stmt = $pdo->prepare('SELECT * FROM users WHERE nom= :username AND pass= :password');
$stmt->execute(['username' => $username,'password'=>$pc]);
if($user = $stmt->fetch()){
$_SESSION['auth'] = $user;
header("location:home.php");
exit();
}else{
echo"<script> alert('LE NOM D UTILISATEUR OU LE MOTS DE PASSE INCORRECTE')</script>";
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.