<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];


$pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
$statement = $pdo->prepare('SELECT id, authentication_algorithm, authentication_salt, authentication_string FROM users WHERE name = :username;');
$result = $statement->execute(array('username' => $username));
if ($statement->rowCount() > 0) {
  //existing user name
  $dbentry = $statement->fetch();
  //chechk for correct password
  if ($dbentry['authentication_string'] == hash($dbentry['authentication_algorithm'], $password . $dbentry['authentication_salt'])) {
    //password correct
    echo 1;
  } else {
    //password inorrect
    echo 0;
  }
} else {
  //wrong user name
  echo 0;
}
?>