Source of: /ADI/auth-db-sessions/login_action.php
<?php
include_once 'inc/db.php';
session_start();
if( !isset($_POST['uid']) or !isset($_POST['pwd']) )
header("Location: login_failed.html");
$uid = $_POST['uid'];
$pwd = $_POST['pwd'];
$db = dbconnect($hostname,$db_name,$db_user,$db_passwd);
$query = "SELECT * FROM users
WHERE userid = '$uid'
AND password = '$pwd'";
$result = @ mysqli_query($db,$query);
if (!$result)
error('A database error occurred while checking your login details.');
if (mysqli_num_rows($result) == 0) {
unset($_SESSION['uid']);
header("Location: login_failed.html");
}
else {
$tupple = mysqli_fetch_assoc($result);
$_SESSION['username'] = $tupple['fullname'];
$_SESSION['email'] = $tupple['email'];
$_SESSION['notes'] = $tupple['notes'];
$_SESSION['uid'] = $tupple['userid'];
}
mysqli_close($db);
header("Location: index.php");
?>