I am having problem logging in, below is a login code. When I submit login info it says Incorrect Information, I have gone wrong somewhere in code and can't figure it out. I have used password_hash()
function, checked my database and it works well. Surely somethings wrong with login code. Now I tried echo
ing $pass_db
and on submitting info I see the password is echoed correctly but incorrect information is also displayed and I am not redirected to main.php
as I should be.
login.php
<?php
if(isset($_POST['login'])){
$username = $_POST['user_login'];
$password = $_POST['password_login'];
$stmt = $db->prepare("SELECT * FROM userss WHERE username = :username AND password = :password");
$stmt->execute(array(':username'=>$username,':password'=>$password));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$user_db = $row['username'];
$pass_db = $row['password'];
if(password_verify($password, $pass_db)) {
$_SESSION['username']=$username;
if (isset($_POST['rememberme'])) {
setcookie('username', $username,time()+31556926);
}
header("Location:main.php");
}
else {
echo "Incorrect Information!";
}
}
?>
register code
$pswd = password_hash($pswd, PASSWORD_DEFAULT);
$pswd2 = password_hash($pswd2, PASSWORD_DEFAULT);
$stmt = $db->prepare("INSERT INTO userss (username,first_name,last_name,email,password,password2) VALUES (:username,:first_name,:last_name,:email,:password,:password2,)");
$stmt->execute( array(':username'=>$un,':first_name'=>$fn,':last_name'=>$ln,':email'=>$em,':password'=>$pswd,':password2'=>$pswd2));
if ($stmt->rowCount() == 1) {
header("Location: login.php");
}
else {
echo "error";
}