PDO::ERRMODE_EXCEPTION )); }catch (Exception $e){ die("Error : ".$e->getMessage()); } $req = $db->prepare('SELECT password FROM `authors` WHERE `username`=:username'); $req->execute(array( "username"=>$username, )); if ($data = $req->fetch()){ $password_hash = $data['password']; if (password_verify($userpw, $password_hash)) { return True; } else { return False; } } else { return False; } } $_SESSION['error_msg'] = ""; if (isset($_POST['submit'])) { if (isset($_POST['username'])) { $username = $_POST['username']; } else { $_SESSION['error_msg'] .= _('You did not enter a proper username.').'\n'; } if (isset($_POST['password'])) { $password = $_POST['password']; } else { $_SESSION['error_msg'] .= _('You did not enter a proper password.').'\n'; } } else { $_SESSION['error_msg'] .= _('You did not submit the register form.'); } if ($_SESSION['error_msg'] == "") { if (check_credentials($username, $password)) { $_SESSION['logged'] = True; $_SESSION['username'] = $username; header('Location: '."/"); } else { $_SESSION['error_msg'] = _('Incorrect password, please try again.').'\n'; header('Location: '."../../auth/login"); } } else { header('Location: '."../../auth/login"); } ?>