connect_error) {
return "Connection failed to user database " . $conn->connect_error;
}
$sql = "select passwd from users where sectionid=1 and loginname='". $_REQUEST["uname"] . "';";
//echo $sql . "
";
$result = $conn->query($sql);
if ($result) {
$row = $result->fetch_assoc();
if (password_verify($_REQUEST["passwd"], $row["passwd"])) {
$_SESSION["loggedin"]=true;
$_SESSION["sectionlog"]=1;
if ($_REQUEST["remember"]) {
$_SESSION["username"] = $_REQUEST["uname"];
}
else {
unset($_SESSION["username"]);
}
return "success";
} else {
$_SESSION["loggedin"]=false;
unset($_SESSION["sectionlog"]);
return "bad password";
}
} else {
$_SESSION["loggedin"]=false;
unset($_SESSION["sectionlog"]);
return "bad username";
}
}
?>