$user = R::findOne('users', 'login = ?', array($_POST['login']));<?php
session_start();
require "db.php";
if(isset($_POST['do_login'])){
$err = array();
$user = R::findOne('users', 'login = ?', array($_POST['login']));
if($user){
if(password_verify($_POST['password'], $user->password)){
$_SESSION['logged_user'] = $user; // тут
header('Location: index2.php');
} else{
$err[] = 'Пароль введен неверно!';
}
}else{
$err[] = 'Пользователь с таким логином не найден!';
}
if(!empty($err)){
echo '<div style="color: red; ">' . array_shift($err). '</div><hr>';
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css">
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
</head>
<body>
<div class="container mt-4">
<div class="row">
<div class="col">
<h2>Форма авторизации</h2>
<form action="login.php" method="post">
<input type="text" class="form-control" name="login" id="login" placeholder="Введите логин" required><br>
<input type="password" class="form-control" name="password" id="pass" placeholder="Введите пароль" required><br>
<button class="btn btn-success" name="do_login" type="submit">Авторизоваться</button>
</form>
<br>
<p>Если вы еще не зарегистрированы, тогда нажмите <a href="signup.php">здесь</a>.</p>
</div>
</div>
</div>
</body>
</html>pass = '$pass'"password = '$pass'"
<?php
session_start();
require "connect/connect.php";
$login = $_POST['login'];
$pass = md5($_POST['pass']);
$user_valid = mysqli_query($connect, "SELECT * FROM users WHERE login = '$login' AND pass = '$pass'");
if(mysqli_num_rows($user_valid) > 0) { # mysqli_num_rows() expects parameter 1 to be mysqli_result, bool given in
$userarray = mysqli_fetch_assoc($user_valid);
} else{
header("location: auth.php"); #Cannot modify header information - headers already sent by (output started at
}