if (isset($_POST['withoutid'])) {
$_SESSION['withoutid'] = $_POST['withoutid'];
header("Location:basicsearch.php");
}
//checking for logged in user
if (isset($_POST['login'])) {
$username = strip_tags($_POST['username']);
$password = $_POST['password'];
if ($username == "" || $password == "") {
echo "<br /><font color='red'><b>Provide all the required fields!</b></font>";
} else {
if ($data->checkUsername($username) != null) {
//echo $data->checkUsername($username);
//foreach($data->getPassword($username) as $pwd) {
//$strPwd = implode($pwd);
$strPwd = $data->getPassword($username);
//}
//echo $strPwd;
if (password_verify($password, $strPwd)) {
$_SESSION['username'] = $username;
$_SESSION['login'] = $_POST['login'];
header("Location:basicsearch.php");
} else {
echo "<br /><font color='red'><b>Password doesn't match!</b></font>";
}
} else {
echo "<br /><font color='red'><b>Username doesn't exist!</b></font>";
}
}
}
?>
<?php
//moving to basic search page for guest user
if (isset($_POST['withoutid'])) {
$_SESSION['withoutid'] = $_POST['withoutid'];
header("Location:basicsearch.php");
}
//checking for logged in user
if (isset($_POST['login'])) {
$_SESSION['login'] = $_POST['login'];
$username = $_POST['username'];
$password = $_POST['password'];
if ($username == "" || $password == "") {
echo "<br />Provide all the required fields!";
} else {
if ($data->checkUsername($username) != null) {
foreach ($data->getPassword($username) as $pwd) {
$strPwd = implode($pwd);
}
if (password_verify($password, $strPwd)) {
$_SESSION['username'] = $username;
header("Location:basicsearch.php");
} else {
echo "<br />Password doesn't match!";
}
} else {
echo "<br />Username doesn't exist!";
}
}
}
?>
</section>
