function verifyUser($username, $password)
{
global $connection;
if (findUserAvailabilty($username)) {
$query = "select password from admins where username = '******'";
$result = mysqli_query($connection, $query);
confirm_query($result);
$value = mysqli_fetch_assoc($result);
//check for password equality
if ($value['password'] == $password) {
return true;
} else {
return false;
}
}
}
<?php
session_start();
require_once "../includes/dbconnection.php";
require_once "../includes/functions.php";
if (isset($_POST['submit'])) {
//grabing the values
$username = mysqlPrep($_POST['username']);
$password = mysqlPrep($_POST['password']);
$email = mysqlPrep($_POST['mailid']);
// Registering new Users
if ($username != null && $password != null && $email != null) {
//check for unique usernames here
$useravailable = findUserAvailabilty($username);
if ($useravailable) {
//set a global and print it or use validations
echo "<p style=\"color:seashell;background:#f04848;padding:10px;font- size:20px;font-family:Ubuntu\">Username is in use !\n please choose another username</p>";
} else {
//do the insert of new users
insertNewUser($username, $password, $email);
echo "<p style=\"color:seashell;background:#f04848;padding:10px;font- size:20px;font-family:Ubuntu\">Successfully registered ! Login to continue .</p>";
}
}
// Logging users
if ($username != null && $password != null && $email == null) {
if (verifyUser($username, $password)) {
//set the session and then redirect
$_SESSION["loggeduser"] = $username;
redirectTo("admin.php");
} else {
$_SESSION["loggeduser"] = null;
