API tools faq
paste
Guest User

Untitled

a guest
Mar 7th, 2018
109
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.50 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.     //Start session
  3.     session_start();
  4.  
  5.     //Array voor validatie-errors
  6.     $errmsg_arr = array();
  7.  
  8.     //Validatie error flag
  9.     $errflag    = false;
  10.  
  11.     include_once('dblogin.inc.php');
  12.  
  13.    
  14.     function clean($str) {
  15.         $str = trim($str);          //whitespaces e.d. aan het eind van de string weghalen
  16.         if(get_magic_quotes_gpc()) {    //
  17.             $str = stripslashes($str);
  18.         }
  19.         //encodeer vreemde tekens voor gebruik in SQL-queries
  20.         return mysql_real_escape_string($str);
  21.     }
  22.  
  23.     //Sanitize the POST values
  24.     $login      = clean($_POST['login']);
  25.     $password   = clean($_POST['password']);
  26.  
  27.     //Input valideren
  28.     if($username == '') {
  29.         $errmsg_arr[] = 'Gebruikersnaam ontbreekt';
  30.         $errflag = true;
  31.     }
  32.     if($password == '') {
  33.         $errmsg_arr[] = 'Wachtwoord ontbreekt';
  34.         $errflag = true;
  35.     }
  36.  
  37.     //Als er input validation errors zijn, redirect de gebruiker terug naar het login-scherm
  38.     if($errflag) {
  39.         $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
  40.         session_write_close();
  41.         header("location: login-form.php");
  42.         exit();
  43.     }
  44.  
  45.     //Maak queries voor tabellen 'student' en 'werknemer'
  46.     //query 'student'
  47.     $result_student = mysql_query("SELECT * FROM student WHERE username='$login' AND password='".md5($_POST['password'])."'",$db);
  48.     //query 'werkgever'
  49.     $result_werkgever = mysql_query("SELECT * FROM werkgever WHERE username='$login' AND password='".md5($_POST['password'])."'",$db);
  50.     //Check of student query succesvol verlopen is
  51.     if($result_student) {
  52.         if(mysql_num_rows($result_student) == 1) {
  53.             //Login succesvol
  54.             $member = mysql_fetch_assoc($result_student);
  55.             $_SESSION['SESS_STUDENTNUMMER'] =   $member['studentnummer'];
  56.             $_SESSION['SESS_USERNAME'] =        $member['username'];
  57.             $_SESSION['SESS_NAME'] =            $member['naam'];
  58.             $_SESSION['SESS_ACCOUNT_TYPE'] =    "student";
  59.             session_write_close();
  60.             header("location: member-index.php");
  61.             exit();
  62.         }else if (!isset($_SESSION['SESS_USERNAME'])){
  63.             //Login mislukt
  64.             header("location: login-failed.php");
  65.             exit();
  66.         }
  67.     }else if($result_werkgever){
  68.         if(mysql_num_rows($result_student) == 1) {
  69.             //Login succesvol
  70.             $member = mysql_fetch_assoc($result_werkgever);
  71.             $_SESSION['SESS_USERNAME'] =        $member['username'];
  72.             $_SESSION['SESS_NAME'] =            $member['naam'];
  73.             $_SESSION['SESS_ACCOUNT_TYPE'] =    "werkgever";
  74.             session_write_close();
  75.             header("location: member-index.php");
  76.             exit();
  77.         }else if (!isset($_SESSION['SESS_USERNAME'])){
  78.                 //Login mislukt
  79.                 header("location: login-failed.php");
  80.                 exit();
  81.         }
  82.     }else{
  83.         die("Query mislukt");
  84.     }
  85.  
  86. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!