prepare("SELECT * FROM auth WHERE UPPER(username) LIKE UPPER(?)"); $stmt->execute([$user]); $result = $stmt->fetch(PDO::FETCH_ASSOC); if (!$result) return 'Username does not exist.'; $verified = password_verify($pass,$result['password']); if (!$verified) return 'Password is wrong.'; $token = bin2hex(random_bytes(32)); $stmt = $db->prepare("INSERT INTO token (username, token) VALUES (?, ?)"); $stmt->execute([$user,$token]); setcookie("token", $token, time()+3600*24); header("Location: /"); die(); } page_header(); $form_message = post_handler(); form("Log in", $form_message, array( array('key' => 'Username', 'type' => 'text', 'name' => 'user', 'default' => ''), array('key' => 'Password', 'type' => 'password', 'name' => 'pass', 'default' => '') )); page_footer(); ?>