API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 21st, 2017
135
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.45 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. require_once('SQLFunctions.php');
  3. session_start();
  4.  
  5. /* Check if the user is already logged in */
  6. if(isset( $_SESSION['user_id'] ))
  7. {
  8.     $message = 'User is already logged in';
  9. }
  10. /* Check that username and password are populated */
  11. if(!isset( $_POST['username'], $_POST['pwd']))
  12. {
  13.     $message = 'Please enter a valid username and password';
  14. }
  15. /* Check username length */
  16. elseif (strlen( $_POST['username']) > 20 || strlen($_POST['username']) < 4)
  17. {
  18.     $message = 'Incorrect Length for Username';
  19. }
  20. /* Check password length */
  21. elseif (strlen( $_POST['pwd']) > 20 || strlen($_POST['pwd']) < 4)
  22. {
  23.     $message = 'Incorrect Length for Password';
  24. }
  25. /* Check username for alpha numeric characters */
  26. elseif (ctype_alnum($_POST['username']) != true)
  27. {
  28.     $message = "Username must be alpha numeric";
  29. }
  30. /* Check password for alpha numeric characters */
  31. elseif (ctype_alnum($_POST['pwd']) != true)
  32. {
  33.         $message = "Password must be alpha numeric";
  34. }
  35. else
  36. {
  37.     /* Store username and pwds as variables*/
  38.     $username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
  39.     $pwd = filter_var($_POST['pwd'], FILTER_SANITIZE_STRING);
  40.  
  41.     /* Encrypt password with sha1*/
  42.     $pwd = sha1( $pwd );
  43.    
  44.     try
  45.     {
  46.          /*Connect to CRUD Database  mysqli(Server,User,Password,Database)*/
  47.         $link = connectDB();
  48.  
  49.         /* Prep SQL statement which will compare the user credentials with what is stored in the database*/
  50.         $sql = "SELECT * FROM users WHERE username = '".$username."' AND pwd = '".$pwd."'";
  51.         /*echo $sql."<br>";*/
  52.        
  53.         /*Run the query*/
  54.         if($result=mysqli_query($link,$sql))
  55.         {
  56.           /*assign the User_id from the database to the session user_id*/
  57.           while($row = mysqli_fetch_assoc($result)) {
  58.             $user_id = $row['user_id'];
  59.             /*echo "<br>user_id=".$user_id;*/
  60.  
  61.             /* Set the session user_id parameter */
  62.             $_SESSION['user_id'] = $user_id;
  63.             $_SESSION['timeout'] = time();
  64.             header("Location: ToDoApp.php")
  65.             $message = 'You are now logged in';
  66.           }        
  67.         }
  68.           if($user_id == false)
  69.           {
  70.             $message = 'Login Failed';
  71.           }
  72.     }    
  73.     catch(Exception $e)
  74.     {
  75.         $message = 'Unable to process request';
  76.     }
  77. }
  78. ?>
  79.  
  80. <html>
  81. <head>
  82. <title>LoginSubmit</title>
  83. </head>
  84. <body>
  85. <p><?php echo $message; ?>
  86. </body>
  87. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!