I have a bit of code here that returns "Username is not correct" when I input it, when it's supposed to output "Incorrect password," because I'm simply putting in a correct username, but an incorrect password.
if ($_POST['login']) {
$username = strip_tags($_POST['username']);
$password = strip_tags($_POST['password']);
$fetchme = $dbc->query('SELECT * FROM users WHERE username="$username"');
while($row = $fetchme->fetch(PDO::FETCH_ASSOC)) {
$lastlogin = $row['lastlogin'];
}
if (!$username||!$password) {
echo '<center>Please enter a valid username and password</center>';
}else{
$login = $dbc->query('SELECT * FROM users WHERE username="$username"');
$num_rows_login = ($login->fetchColumn() > 0) ? true : false;
if ($num_rows_login == 0) {
echo "<center>Username doesn't exist</center>";
}else{
while($login_row = $login->fetch(PDO::FETCH_ASSOC)) {
$password_db = $login_row['password'];
$password_db2 = hash('sha512', $password);
if ($password_db2 != $password_db) {
echo '<center>Incorrect password</center>';
}
}
}
}
}
This is my first time using PDO. Any help is appreciated!