64 || strlen($u) === 0) { $err = "Username must be 1-64 chars"; } else if (!preg_match("/^[a-z0-9_-]{1,64}$/", $u)) { $err = "Username can only include a-z, 0-9, _, and -"; } else { $query = "SELECT password_hash FROM users WHERE username='$u' LIMIT 1;"; $response = pg_query($db, $query); if (pg_num_rows($response) === 0) { $err = "User '" . htmlspecialchars($u) . "' not found"; } else { $user = pg_fetch_array($response); if (password_verify($p, $user["password_hash"])) { $token = get_token($u, $user["password_hash"]); setcookie( "token", $token, time() + 60 * 60 * 24 * 30 * 265 // 1 year from now ); header("Location: index.php"); exit(); } else { $err = "Incorrect password"; } } } } $title = "Log In"; include "boilerplate/head.php"; ?>

Sign up instead?

"; } include "boilerplate/foot.php"; ?>