Social.Tune/Generation_01/login.php

<?php
	error_reporting(E_ALL);
	ini_set('display_errors', '1');
	require_once($_SERVER['DOCUMENT_ROOT'] . '/socialtune/includes/session.php'); 
	require_once($_SERVER['DOCUMENT_ROOT'] . '/socialtune/includes/config.php'); 
	$email = (!empty($_POST['email'])) ? $_POST['email'] : false;
	$password = (!empty($_POST['password'])) ? $_POST['password'] : false;
	if($email && $password){
		$connection = mysqli_connect($dbHost, $dbUser, $dbPass, $dbName);
		$email = mysqli_real_escape_string($connection, $email);
		$password = mysqli_real_escape_string($connection, $password);
		$query = "SELECT * FROM users WHERE email='$email'";
		$result = mysqli_query($connection, $query);
		if($result){
			$row = mysqli_fetch_array($result);
			$storedHash = $row[2];
		}
		$validateHash = $salt . $storedHash;
		for($i = 0; $i < 1; $i++){ $validateHash = hash('sha256', $validateHash);}
		$validateHash = $salt. $validateHash;
		$validateHash = substr($storedHash,0,64);
		$enteredHash = $salt . $password;
		for($i = 0; $i < 1; $i++){	$enteredHash = hash('sha256', $enteredHash);} // Look. Tiny code. I hope it's not too hard to understand. :|
		$userEnteredHash = substr($enteredHash,0,64);
		if($enteredHash == $validateHash){
			$_SESSION['username'] = $email;
			$_SESSION['password'] = $password;
			$_SESSION['Authenticated'] = true;
			$_SESSION['Expires'] = time() + 86400; // 24 hours.
			$_SESSION['isOnline'] = True; // omfg.

			$numberOne = 1;
			$isOnline = "UPDATE users SET isOnline='$numberOne' WHERE email='$email'";
				// Make online = True
			if(mysqli_query($connection, $isOnline)){
				echo 'User is online.';
			}else{
				echo 'Something went wrong...';
			}


			echo "Log in succesful.<br>Loading dashboard.";
			header("Location: dashboard.php");
		}else{header("Location: index.php?q=3");} // validated incorrectly.
	mysqli_close($connection);
	}else{ header("Location: index.php?q=2");} // Forgot to pass either: email || pass
?>