'.mysqli_error($db));
}
mysqli_select_db($db, $mysql_database) or die('Failed to select database
'.mysqli_error($db));
mysqli_set_charset($db, 'utf8');
$username = $_POST['username'];
$sql = "SELECT * FROM ".$mysql_table." WHERE username = ? OR email = ?";
$stmt = mysqli_stmt_init($db);
if (!mysqli_stmt_prepare($stmt, $sql))
{
die('Failed to prepare statement
'.mysqli_error($db));
}
mysqli_stmt_bind_param($stmt, 'ss', $username, $username);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
if ($data = mysqli_fetch_array($result))
{
if ($crypt_pass == $data['password'] && $data['active'] != 0)
{
$found = true;
$db_email = $data['email'];
$db_fullname = $data['fullname'];
$db_username = $data['username'];
$db_role = $data['role'];
$folder = substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], '/') + 1);
$db_avatar = (isset($_SERVER['HTTPS']) ? "https" : "http") . "://$_SERVER[HTTP_HOST]$folder" . "Login/avatars/" . $data['avatar'];
}
}
mysqli_stmt_close($stmt);
mysqli_close($db);
if ($found == false)
{
header('Location: '.$error_page);
exit;
}
else
{
$_SESSION['email'] = $db_email;
$_SESSION['fullname'] = $db_fullname;
$_SESSION['username'] = $db_username;
$_SESSION['role'] = $db_role;
$_SESSION['avatar'] = $db_avatar;
$_SESSION['expires_by'] = time() + $session_timeout;
$_SESSION['expires_timeout'] = $session_timeout;
header('Location: '.$success_page);
exit;
}
}
$username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
$password = isset($_COOKIE['password']) ? $_COOKIE['password'] : '';
?>
Menue
