Okay so this is the code and it work perfect. And the > was just a typo sorry. Thanks Bun for your super easy code.
Does this look okay? Or just plain wrong. I'm a bit unsure of the if code or is this the way to go!?
<?php
session_start();
function validateUser(){
session_regenerate_id (); //this is a security measure
$_SESSION['valid'] = 1;
$_SESSION['username'] = $username;
}
$username = $_POST['username'];
$password = $_POST['password'];
require('config.inc.php');
$db = new PDO("mysql:host=$dbhost;dbname=$dbname",$dbuser,$dbpass);
$stmt = $db->prepare("SELECT active, password_hash FROM users WHERE username = :username");
$stmt->bindParam(':username', $username, PDO::PARAM_STR, 32);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$db =null;
if($result['active']){
$dbhash = $result['password_hash'];
if ($dbhash == crypt($password, $dbhash))
validateUser();
header('Location: ../main.php');
}
else{
header('Location: ../index.php?invalidcreds=1');
die();
}
?>
But now if I would like to do a admin column too and try to implement this here, how would I do this? I know there needs to be added perhaps a bit more code in other places also. Nothing pretty or advanced. It's just a simple login so. Any advice where I should direct my eyes at, private/public classes (I've tried this but I got lost in the code totaly)