prepare("SELECT id FROM login_users WHERE username = ? AND password = ?");
if ($stmt === false) {
// Fail closed (do not leak details in production).
die("Prepare failed.");
}
$stmt->bind_param("ss", $username, $password);
$stmt->execute();
$stmt->store_result(); // Needed to use $stmt->num_rows
unset($_POST['username']);
unset($_POST['password']);
if ($stmt->num_rows >= 1) {
// Regenerate session ID to prevent session fixation!
//session_regenerate_id(true);
// Successfully logged in
$_SESSION['username'] = $username;
$_SESSION['loggedin'] = true;
//while ($row = $result -> fetch_assoc()) {
// print_r($row);
// $_SESSION['user_id'] = $row['id'];
//}
// Close
$stmt->close();
$conn -> close();
// Redirect to a dashboard page
header("Location: dashboard.php");
exit;
} else {
$login_message = "Invalid username or password";
}
$stmt->close();
$conn -> close();
}
}
?>
Login Form
Password Manager
$login_message"; } ?>
Register new user
Home page