i am trying to built urer registration and user login page
the registration page works perfectly fine.(the enterted data is stored the the database with $hash password)
The problem arises when i try to login . the page gets redirected but the echo is not working ( like printing THIS user is loged in)
the registration page works perfectly fine.(the enterted data is stored the the database with $hash password)
Code:
<?php
$showError="false";
if($_SERVER["REQUEST_METHOD"] == "POST"){
include '_dbconnect.php';
$user_email = $_POST['signupemail'];
$pass = $_POST['signuppassword'];
$cpass = $_POST['signuppassword'];
// check wether this email exists
$existSql="select * from `users` where user_email = '$user_email'";
$result = mysqli_query($conn, $existSql);
$numRows = mysqli_num_rows($result);
if($numRows>0){
$showError = "Email already in use";
} else{
if($pass == $cpass){
$hash = password_hash($pass, PASSWORD_DEFAULT);
$sql =" INSERT INTO `users` ( `user_email`, `user_pass`, `timestamp`) VALUES (' $user_email', ' $hash', current_timestamp())";
$result = mysqli_query($conn, $sql);
if($result){
$showAlert=true;
header("Location:/wediscuss%20forum/index.php?signupsuccess=true");
exit();
}
}else{
$showError ="passwords do not match";
}
}
header("Location:/wediscuss%20forum/index.php?signupsuccess=false&error= $showError ");
}
?>
Code:
<?php
$showError = "false";
if($_SERVER["REQUEST_METHOD"] == "POST"){
include '_dbconnect.php';
$email = $_POST['loginEmail'];
$pass = $_POST['loginPass'];
$sql = "SELECT * FROM `users` where user_email='$email'";
$result = mysqli_query($conn, $sql);
$numRows = mysqli_num_rows($result);
if($numRows==1){
$row = mysqli_fetch_assoc($result);
if(password_verify( $email, $row['user_pass'])){
session_start();
$_SESSION['loggedin'] = true;
$_SESSION['slno'] = $row['slno'];
$_SESSION['useremail'] = $email;
echo "loggedin". $email;
}
else{
echo "unable to login";
}
}
?>
Comment