I just wanted to ask if this is a secure code (doesn't really matter if it's optimal or not)
The code
if(!$_SESSION['logged']){
if(!$_POST['inputlogin']||!$_POST['inputpassword']){
require 'cpanellogin.php';
die();
}
else{
$con=mysqli_connect("localhost","root","","librarydb");
mysqli_query($con,'SET CHARACTER SET utf8');
mysqli_query($con,'SET collation_connection = latin2_general_ci');
$login = $_POST['inputlogin'];
$password = $_POST['inputpassword'];
$loginsquery = mysqli_query($con,"SELECT Konta_login, Konta_haslo FROM konta");
while($row = mysqli_fetch_array($loginsquery))
{
$logins[] = $row['Konta_login'];
$passwords[] = $row['Konta_haslo'];
}
$misslogin=0;
for($i=0;$i<count($logins);$i++){
if($login==$logins[$i]){
if(MD5($password)==$passwords[$i]){
$_SESSION['logged'] = $logins[$i];
require 'cpanel.php';
die();
}
else{
$_POST['logerror'] = "Wrong password";
require 'cpanellogin.php';
die();
}
}
else{
$misslogin++;
}
if($misslogin==count($logins)){
$_POST['logerror'] = "Wrong login";
require 'cpanellogin.php';
die();
}
}
}
}
haslo means password
konta means accounts
