forked from AyatsujiTsukasa/Ant-Planner
-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.php
68 lines (62 loc) · 1.9 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
<?php
$servername = "localhost";
$name = "antinc";
$password = "AntInc_AntInc123";
$dbname = "Ant_Planner";
$conn = mysqli_connect($servername, $name, $password, $dbname);
if (!$conn) {
die("Connection failed: ".mysqli_connect_error());
}
if(!$_GET) {
die("This file cannot be accessed directly!");
}
$email = $_GET["email"];
$password = $_GET["password"];
if(isset($_GET["remember"])) {
$time = 3600*24*90;
} else {
$time = 300;
}
$valid = true;
$errorMsg = "<div class='alert alert-danger' role='alert'><ul>";
$emailValidation = '/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[_a-z0-9-]+)*(\.[a-z]{2,4})$/';
$passwordValidation = '/^(?=.*[a-zA-Z])(?=.*[0-9])/';
if(preg_match($emailValidation, $email) !== 1) {
$errorMsg .= "<li>Please enter a valid email address</li>";
$valid = false;
}
if(!(preg_match($passwordValidation, $password))){
$errorMsg .= "<li>The password should contain both letters and numbers</li>";
$valid = false;
}
if (strlen($password) < 6) {
$errorMsg .= "<li>The password should contain at least 6 characters</li>";
$valid = false;
}
if (strlen($password) > 15) {
$errorMsg .= "<li>The password should contain at most 15 characters</li>";
$valid = false;
}
$EmailCheckQuery = "select * from Users where email='".$email."'";
$EmailResult = $conn->query($EmailCheckQuery);
if($EmailResult->num_rows === 0){
$errorMsg .= "<li>The email does not match any account</li>";
$valid = false;
} else {
$row = mysqli_fetch_array($EmailResult);
if($row['password'] !== $password) {
$errorMsg .= "<li>The email and password do not match</li>";
$valid = false;
}
}
if($valid){
$username = $row['username'];
$id = $row['id'];
setcookie("username", $username, time()+$time, "/");
setcookie("ownerId", $id, time()+$time, "/");
setcookie("password", $password, time()+$time, "/");
echo "V";
} else {
echo $errorMsg."</ul><div>";
}
?>