Reply To: Need help with login form

[Anonymous]

I just need to check – please tell me that what you currently have on github is not production code:

https://github.com/lowheartrate/HeartFX.org/blob/master/login.php

As it stands, you’re just whitelisting anything. Anyone can log in as anything. Your pdo query is simply not checked or used. It’s executed but will never match anything and then you don’t check to see if it finds stuff anyway.