-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.php
67 lines (52 loc) · 1.48 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
<?php
//include_once 'db_connection.php';
$sql = "SELECT ID, Pass, Email FROM Users";
$result = $conn->query($sql);
$pass = $email = "";
$passErr = $emailErr = $Error = "";
$countOfSuccesfulFields = 0;
if ($_SERVER["REQUEST_METHOD"] == "POST") {/*copied from www.w3school.com */
//session_start();
// EMAIL
if (empty($_POST["email"])) {
$emailErr = "Email is required";
} else if (!filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
else{
$email = test_input($_POST["email"]);
$countOfSuccesfulFields ++;
}
// PASS
if (empty($_POST["pass"])) {
$passErr = "Last name is required";
} else {
$pass = test_input($_POST["pass"]);
$countOfSuccesfulFields ++;
}
if($countOfSuccesfulFields == 2)
{
$_SESSION["loggedIn"] = 0;
while($row = $result->fetch_assoc())
if($row["Email"] == $email && password_verify($pass, $row["Pass"]))
{
$_SESSION["loggedIn"] = 1;
$_SESSION["id"] = $row["ID"];
$_SESSION["name"] = $row["Name"];
$_SESSION["email"] = $email;
header('Location: index.php');
}
if($_SESSION["loggedIn"] == 0)
{
$Error = "Wrong email or password";
//header('Location: index.php');
}
}//if
}//if
function test_input($data) {/*copied from www.w3school.com */
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>