$username = "******"; $password = "******"; $dbname = "personal_finance"; session_start(); // username and password sent from form if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST["username"])) { header("location: ./index.php"); } else { echo "***** test **** **** " . $_POST["username"] . " ****"; $myusername = cleanuserdata($_POST['username']); } if (empty($_POST["username"])) { header("location: ./index.php"); } else { $mypassword = cleanuserdata($_POST['userPassword']); } } try { $conn = new PDO("mysql:host={$servername};dbname={$dbname}", $username, $password); $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $stmt = $conn->prepare("SELECT user_username, user_password FROM user WHERE (user_password = :myusername AND user_username = :mypassword)"); $stmt->bindParam(':myusername', $myusername); $stmt->bindParam(':mypassword', $mypassword); $success = $stmt->execute(); $row_count = $stmt->rowCount(); echo "the row count is " . $row_count; echo " !!!**** Success <br>"; print $success; // while ($row = $stmt->fetch()) { // print_r($row);
header("Location: ./login.php"); exit; } else { $usersname = cleanuserdata($_POST["user_username"]); } if (empty($_POST["user_password"])) { header("Location: ./login.php"); exit; } else { $userspassword = cleanuserdata($_POST["user_password"]); } if (empty($_POST["user_email"])) { header("Location: ./login.php"); exit; } else { $usersemail = cleanuserdata($_POST["user_email"]); } } $entdate = $todaysdate; $stmt->execute(); echo "new User Created " . $usersname; $_SESSION["username"] = $usersname; } catch (PDOException $e) { echo "Error: " . $e->getMessage(); } $conn = null; ?> <?php function cleanuserdata($data) {