prepare("SELECT * FROM main.auth WHERE UPPER(username) LIKE UPPER(?)"); $stmt->execute([$user]); $result = $stmt->fetch(PDO::FETCH_ASSOC); if (!$result) { return 'Username does not exist.'; } $verified = password_verify($pass, $result['password']); if (!$verified) { return 'Password is wrong.'; } $token = bin2hex(random_bytes(32)); $stmt = $db->prepare("INSERT INTO main.token (username, token) VALUES (?, ?)"); $stmt->execute([$user,$token]); setcookie("token", $token, time() + 3600 * 24); if (isset($_GET['next'])) { $gett = htmlspecialchars($_GET['next'] . '?token=' . $token); echo ""; page_footer(); die(); } header("Location: /"); die(); } page_header(); $form_message = post_handler(); form("Log in (Register?)", $form_message, array( array('key' => 'Username', 'type' => 'text', 'name' => 'user', 'default' => ''), array('key' => 'Password', 'type' => 'password', 'name' => 'pass', 'default' => '') )); page_footer();