I made a login form, and while the registration form is fully functional, the login form doesn't seem to be working. $user
and $pwd
get declared, but $pwd_hashed
stayes empty.
if(isset($_GET['login'])) {
$user = $_POST['user'];
$pwd = $_POST['pwd'];
$stmt = $pdo->prepare("SELECT * FROM users WHERE user = :user");
$result = $stmt->execute(array('user' => $user));
$pwd_hash = $stmt->fetch();
if ($pwd_hash !== false && password_verify($pwd, $pwd_hash['password'])) {
$_SESSION['userid'] = $pwd_hash['id'];
die('Login successful<br>');
} else {
$errorMessage = "Username or password doesn't match<br>";
}
}
if(isset($errorMessage)) {
echo $errorMessage;
}
Should the code work like this and I just got something wrong with naming, or is there an error in the code?