Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //No validations
- require 'config.php';
- class Login{
- private $conx;
- public function __construct(){
- try{
- $this->conx = new mysqli('127.0.0.1','root','','oop');
- if($conx->connect_errno){
- die("database failure".$conx->connect_error);
- }
- }catch(Exception $e){
- echo 'error'.$conx->connect_error;
- }
- }
- public function __destruct(){
- $this->conx->close();
- }
- /*
- *data is posted through prepared statements to minimise SQL injection
- *prepared statement is first defined;
- *parameters are then bound to the query statement
- *parameters are given arguments and query executed
- */
- public function register($fname,$lname,$email,$username,$pass){
- $username = $this->conx->real_escape_string($username);
- $pass = $this->conx->real_escape_string($pass);
- $query = $this->conx->prepare("INSERT INTO users (username,password,fname,lname,email) VALUES (?,?,?,?,?)");
- $query->bind_param("sssss",$uname,$psw,$fnam,$lnam,$mail);
- $uname = $username;
- $psw = $pass;
- $fnam = $fname;
- $lnam = $lname;
- $mail = $email;
- if($query->execute() && $query->affected_rows== true){
- echo 'success';
- }else{
- echo 'Error inserting data';
- }
- $query->close();
- }
- public function signin($username,$password){
- $username = $this->conx->real_escape_string($username);
- $password = $this->conx->real_escape_string($password);
- $query = $this->conx->prepare("SELECT uid FROM users WHERE username=? AND password=?");
- $query->bind_param("ss",$user,$pass);
- $user = $username;
- $pass = $password;
- if($query->execute()==true){
- if($query->num_rows>0){
- echo 'Login Successful';
- }else{
- echo 'no such user exists';
- }
- }else{
- echo 'oops!error'.$conx->connect_error;
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement