session_start(); $error = false; $action = $_POST['action']; if ($action == "Login" ) { $usr = $_POST['username']; $submitted_password = $_POST['password']; $mysqli = new mysqli("localhost", "sienasel_sbxusr", "Sandbox@)!&", "sienasel_sandbox"); $result = $mysqli->query("SELECT password FROM ????? WHERE username='$usr'"); $row = $result->fetch_row(); $stored_password = $row[0]; $mysqli->close(); if ($stored_password != null && password_verify($submitted_password,$stored_password)) { $_SESSION['authenticated'] = true; echo '
You are authenticated.
'; echo 'Typically, we would redirect to a session protected page.
'; echo ''; die(); } else { $error = true; } } ?>