Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <body>
- <h2></h2>
- <form action="" method="post">
- <input type="text" name="username">
- <input type="text" name="password">
- <input type="submit" value="Login">
- </form>
- </body>
- </html>
- <?php
- class Text {
- function __construct()
- {
- }
- private function sanitize($text) {
- $sanitizedText = htmlspecialchars($text, ENT_QUOTES);
- return $sanitizedText;
- }
- }
- ?>
- <?php
- class Connection {
- public function dbc() {
- $host = 'localhost';
- $db = 'database1';
- $user = 'root';
- $pass = 'password123';
- $charset = 'utf8';
- $dsn = "mysql:host=$host;dbname=$db;charset=$charset";
- $opt = [
- PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
- PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
- PDO::ATTR_EMULATE_PREPARES => false,
- ];
- return new PDO($dsn, $user, $pass, $opt);
- }
- }
- ?>
- <?php
- include_once('Text.class.php');
- class LoginController {
- private $model;
- public function __construct() {
- $this->model = new LoginModel();
- }
- public function login($usernameOrEmail, $password) {
- $usernameOrEmail = sanitize($usernameOrEmail);
- $password = sanitize($password);
- if(!empty($usernameOrEmail) && !empty($password)) {
- if(isset($_POST['usernameOrEmail']) && isset($_POST['password'])) {
- $usernameOrEmail = $_POST['usernameOrEmail'];
- $password = $_POST['password'];
- $this->model->loginUser($usernameOrEmail, $password);
- } else {
- return "Please enter a username or password.";
- die();
- }
- } else {
- return "Please enter a username or password.";
- die();
- }
- }
- }
- ?>
- <?php
- include_once('connection.php');
- class LoginModel() {
- private $dbc;
- private function loginUser($usernameOrEmail, $password) {
- $stmt = $this->dbc->prepare("SELECT username, password FROM users WHERE username = :usernameOrEmail OR email = :usernameOrEmail AND password = :password");
- $stmt->bindParam(':usernameOrEmail', $usernameOrEmail, PDO::PARAM_STR);
- $stmt->bindParam(':password', $password, PDO::PARAM_STR);
- $stmt->execute();
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- if($row) {
- return "Login successful!"
- } else {
- return "Wrong username or password.";
- die();
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement