<?php if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; // processing remember me option and setting cookie with long expiry date if (isset($_POST['remember'])) { session_set_cookie_params('604800'); //one week (value in seconds) session_regenerate_id(true); } $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME); # check connection if ($mysqli->connect_errno) { echo "MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}"; exit(); } $sql = "SELECT * from users WHERE username LIKE '{$username}' AND password LIKE '{$password}' LIMIT 1"; $result = $mysqli->query($sql); if ($result->num_rows != 1) { echo "Error: Invalid username/password combination"; } else { $user = $result->fetch_array(); $_SESSION['user_id'] = $user['id']; $_SESSION['username'] = $user['username']; $timestamp = time(); $sql = "UPDATE users SET status={$timestamp} WHERE id={$_SESSION['user_id']}"; $result = $mysqli->query($sql); redirect_to("index.php?id={$_SESSION['user_id']}"); } } if (isset($_GET['msg'])) { echo "" . $_GET['msg'] . ""; } if (logged_in() == true) { echo "You have Logged in successfully. Click here to go to the main page"; } else { echo "Oh! No account? Register here!"; } ?>