Hello,
I have the following function:
function makeLogin($user, $pass) {
$pdo = new PDO("mysql:host=".HOSTNAME.";dbname=".DATABASE.";charset=utf8;", USERNAME, PASSWORD);
$sql = $pdo->prepare("SELECT user, pass FROM users WHERE user = :user AND pass = :pass");
$sql->bindParam(":user", $user);
$sql->bindParam(":pass", $pass);
$sql->execute();
$users = $sql->fetchAll(PDO::FETCH_ASSOC);
if(count($users) <= 0) {
return "false";
} else {
return "true";
}
}
If found in the database, the user and the password, PHP returns true, otherwise false, but does not find the user and the password.
I'm using the following SQL:
CREATE TABLE IF NOT EXISTS 'users' (
'id' int(10) unsigned NOT NULL AUTO_INCREMENT,
'user' varchar(36) COLLATE utf8_unicode_ci DEFAULT NULL,
'pass' varchar(36) COLLATE utf8_unicode_ci NOT NULL,
PRIMARY KEY ('id')
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=3 ;
INSERT INTO 'users' ('id', 'user', 'pass') VALUES
(1, 'admin', 'admin');
Example usage:
if(makeLogin($_POST['usuario'], $_POST['senha']) == 'true') {
setcookie('logged', true, time() + 86400);
} else {
setcookie('logged', false, time() + 86400);
}
The post is admin
and admin
.
Thank you in advance.