prepare("SELECT * FROM auth WHERE UPPER(username) LIKE UPPER(?)"); $stmt->execute([$user]); $result = $stmt->fetch(PDO::FETCH_ASSOC); if (!$result) return 'Username does not exist.'; $verified = password_verify($pass,$result['password']); if (!$verified) return 'Password is wrong.'; $token = bin2hex(random_bytes(32)); $stmt = $db->prepare("INSERT INTO token (username, token) VALUES (?, ?)"); $stmt->execute([$user,$token]); setcookie("token", $token, time()+3600*24); header("Location: /"); die(); } page_header(); $form_message = post_handler(); // TODO: form builder. this is lazy for testing purposes ?>

Join

Username Password