As it stands, you’re just whitelisting anything. Anyone can log in as anything. Your pdo query is simply not checked or used. It’s executed but will never match anything and then you don’t check to see if it finds stuff anyway.
Unfortunately yes that is the production code at this very moment. Did not mean to do that what so ever though. To my understanding it was working just fine only because I was testing it with a username and password that was already stored into the database. I was not testing the login module with a username that has not existed.
Trying to pick this back up and would love some assistance. I have posted the project as to where I left off here. Not sure if I am still stuck in the same position as I was when I left this off or not? Hope to hear back from some of you earlier on this project. It is quite rediculous that I still have not come to conclusion to this problem but I honestly have not touched it since.