Buongiorno ho un problema se un utente non registrato prova a fare l'accesso da pagina bianca come posso risolvere inserendo il tuo nome non risulta nel database posto il codice
Codice:
<?php
session_start();
# check if username & password submitted
if(isset($_POST['username']) &&
isset($_POST['password'])){
# database connection file
include '../db.conn.php';
# get data from POST request and store them in var
$password = $_POST['password'];
$username = $_POST['username'];
#simple form Validation
if(empty($username)){
# error message
$em = "inserisci il nome utente";
# redirect to 'index.php' and passing error message
header("Location: ../../index.php?error=$em");
}else if(empty($password)){
# error message
$em = "inserisci la password";
# redirect to 'index.php' and passing error message
header("Location: ../../index.php?error=$em");
}else {
$sql = "SELECT * FROM
users WHERE username=?";
$stmt = $conn->prepare($sql);
$stmt->execute([$username]);
# if the username is exist
if($stmt->rowCount() === 1){
# fetching user data
$user = $stmt->fetch();
# if both username's are strictly equal
if ($user['username'] === $username) {
# verifying the encrypted password
if (password_verify($password, $user['password'])) {
# successfully logged in
# creating the SESSION
$_SESSION['username'] = $user['username'];
$_SESSION['name'] = $user['name'];
$_SESSION['user_id'] = $user['user_id'];
# redirect to 'home.php'
header("Location: ../../home.php");
}else {
# error message
$em = "Nome utente o password errati";
# redirect to 'index.php' and passing error message
header("Location: ../../index.php?error=$em");
}
}else {
# error message
$em = "Nome utente o password errati";
# redirect to 'index.php' and passing error message
header("Location: ../../index.php?error=$em");
}
}
}
}else {
header("Location: ../../index.php");
exit;
}