diff --git a/secondauth.php b/secondauth.php
new file mode 100644
index 0000000..3fa0089
--- /dev/null
+++ b/secondauth.php
@@ -0,0 +1,57 @@
+prepare("SELECT * FROM users WHERE username = :username");
+ $result = $statement->execute(array('username' => $username));
+ $user = $statement->fetch();
+
+ if ($user !== false && password_verify($password, $user['password'])) {
+ $_SESSION['userid'] = $user['id'];
+ $_SESSION['email'] = $user['email'];
+ $_SESSION['username'] = $user['username'];
+ $_SESSION['givenName'] = $user['givenName'];
+ $_SESSION['lastName'] = $user['lastName'];
+ die('successfull. go to: password change page');
+ } else {
+ $errorMessage = "somethings wrong (maybe wrong password or invalid session)
";
+ }
+
+}
+?>
+
+
+
+
+
+ 2nd Auth
+
+
+
+
+
+
+
+
+
+
+
+