arif98741 · June 18, 2018 11:05 · Kaperskyguru · Jun 18, 2018 · arif98741 · Jun 18, 2018
diff --git a/UserExist.php b/UserExist.php
 <?php 
 //phpdark.com
 //[email protected]
 if (isset($_POST['login'])) {

 	$con = new mysqli("localhost","root","","database"); //database connection
 	if ($con) {
 		$username = mysqli_real_escape_string($con, $_POST['$username']);
 		$password = mysqli_real_escape_string($con, $_POST['$password']);
 		$hashed_password = password_hash($password, PASSWORD_DEFAULT);

 		

 		if (empty($username) || empty($password) ) { //check wheather it is empty or not
 			echo "Field must not be empty";
 		} else {
 			$sql = "select * from table where username='$username'";
 			$check = $con->query($sql) or die($con->error)." error at line number ".__LINE__;
 			if ($check) {
 				$row = $check->num_rows;
 				if ($row > 0) {
 					echo "User already exist in database";
 				} else {
 					$sql = "select * from table where username='$username' and password='$password'";
 					$stmt = $con->query($sql) or die($con->error)." error at line number ".__LINE__;

 					if ($stmt) {
 						$row = $stmt->num_rows;
 						if ($row > 0) {
 							$database_pass = $stmt->fetch_assoc()['password'];
 							if (password_verify($database_pass, $hashed_password)) {
 								
 								session_start();
 								$_SESSION['login'] = true;
 								$_SESSION['username'] = $username;
 								header("location: index.php"); //after successful login
 							}
 							
 						}
 					} else {
 						echo "Failed to login";
 					}
 				}
 			}

 		}
 	} else {
 		echo "Database connnection failed";
 	}

 	

 }
	<?php
	//phpdark.com
	//[email protected]
	if (isset($_POST['login'])) {

	$con = new mysqli("localhost","root","","database"); //database connection
	if ($con) {
	$username = mysqli_real_escape_string($con, $_POST['$username']);
	$password = mysqli_real_escape_string($con, $_POST['$password']);
	$hashed_password = password_hash($password, PASSWORD_DEFAULT);



	if (empty($username) \|\| empty($password) ) { //check wheather it is empty or not
	echo "Field must not be empty";
	} else {
	$sql = "select * from table where username='$username'";
	$check = $con->query($sql) or die($con->error)." error at line number ".__LINE__;
	if ($check) {
	$row = $check->num_rows;
	if ($row > 0) {
	echo "User already exist in database";
	} else {
	$sql = "select * from table where username='$username' and password='$password'";
	$stmt = $con->query($sql) or die($con->error)." error at line number ".__LINE__;

	if ($stmt) {
	$row = $stmt->num_rows;
	if ($row > 0) {
	$database_pass = $stmt->fetch_assoc()['password'];
	if (password_verify($database_pass, $hashed_password)) {

	session_start();
	$_SESSION['login'] = true;
	$_SESSION['username'] = $username;
	header("location: index.php"); //after successful login
	}

	}
	} else {
	echo "Failed to login";
	}
	}
	}

	}
	} else {
	echo "Database connnection failed";
	}



	}