API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 7th, 2017
152
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.74 KB | None | 0 0
raw download clone embed print report
  1. $email = $mysqli->escape_string($_POST['email']);
  2. $result = $mysqli->query("SELECT * FROM accounts WHERE email='$email'");
  3.  
  4. if ( $result->num_rows == 0 ){ // User doesn't exist
  5. $_SESSION['message'] = "User with that email doesn't exist!";
  6. header("location: error.php");
  7. }
  8.  
  9. else { //User exists
  10. $user = $result->fetch_assoc();
  11.  
  12. --> //$Act = $mysqli->query("SELECT $email FROM accounts WHERE active='1'");
  13.  
  14. --> if ( !$_SESSION['active'] = 1 )
  15. {
  16.  
  17. $_SESSION['message'] = "Your account has been activated and is being reviewed";
  18. header("location: error.php");
  19.  
  20. }
  21.  
  22. else
  23. if ( password_verify($_POST['password'], $user['password']) ) {
  24.  
  25. $_SESSION['email'] = $user['email'];
  26. $_SESSION['first_name'] = $user['first_name'];
  27. $_SESSION['last_name'] = $user['last_name'];
  28. $_SESSION['active'] = $user['active'];
  29.  
  30. // This is how we'll know the user is logged in
  31. $_SESSION['logged_in'] = true;
  32.  
  33. header("location: https://somepage.php");
  34. }
  35. else {
  36. $_SESSION['message'] = "You have entered wrong password, try again!";
  37. header("location: error.php");
  38. }
  39. }
  40. }
  41.  
  42. $email = $_POST['email'];
  43.  
  44. $stmt = $mysqli->prepare("SELECT * FROM accounts WHERE email = ?");
  45. $stmt->bind_param("s", $email)
  46. $stmt->execute();
  47. $result = $stmt->get_result();
  48. $num_of_rows = $result->num_rows;
  49.  
  50.  
  51. if ( !$result || $num_of_rows == 0 ) {
  52. $_SESSION['message'] = "User with that email doesn't exist!";
  53. header("location: error.php");
  54. die();
  55. }
  56.  
  57. $user = $result->fetch_assoc();
  58. if ( $user['active'] != 1 ) {
  59. $_SESSION['message'] = "Your account has been activated and is being reviewed";
  60. header("location: error.php");
  61. die();
  62. }
  63.  
  64. //password verification etc
  65.  
  66. if(empty($_SESSION) && !empty($_POST['email']))
  67. $email = $mysqli->escape_string($_POST['email']);
  68. else
  69. $email = $_SESSION['email'];
  70.  
  71. $result = $mysqli->query("SELECT * FROM accounts WHERE email='$email'");
  72.  
  73. if ( !$result || $result->num_rows == 0 ){ // User doesn't exist
  74. $_SESSION['message'] = "User with that email doesn't exist!";
  75. header("location: error.php");
  76. }
  77.  
  78. //User exists
  79. $user = $result->fetch_assoc();
  80. if($user['active'] != 1){//not active
  81. $_SESSION['email'] = $user['email'];
  82. $_SESSION['active'] = $user['active'];
  83. $_SESSION['message'] = "Your account has been activated and is being reviewed";
  84. header("location: error.php");
  85. }
  86.  
  87. if ( password_verify($_POST['password'], $user['password']) ) {//valid password
  88.  
  89. $_SESSION['email'] = $user['email'];
  90. $_SESSION['first_name'] = $user['first_name'];
  91. $_SESSION['last_name'] = $user['last_name'];
  92. $_SESSION['active'] = $user['active'];
  93.  
  94. // This is how we'll know the user is logged in
  95. $_SESSION['logged_in'] = true;
  96.  
  97. header("location: https://somepage.php");
  98. }
  99. $_SESSION['message'] = "You have entered wrong password, try again!";
  100. header("location: error.php");
  101.  
  102. //receive data
  103. $email = isset($_POST['email'])?$_POST['email']:null;
  104. $password = isset($_POST['password'])?$_POST['password']:null;
  105.  
  106. //connect to database
  107. $connection = new PDO("mysql:host=".$host.";dbname=".$dbName, $username, $password); //replace your credentials
  108. $query = "SELECT * FROM accounts WHERE email = :email";
  109. $statement = $connection->prepare($query);
  110. $statement->bindParam(':email',$email); //bind $email variable to ':email'
  111. $statemnet->execute(); //execute the query
  112. if($statement->rowCount() > 0){
  113. $row = $statement->fetch();
  114. if($row['active'])){
  115. //user is active
  116. if(password_verify($password,$row['password'])){
  117. //password is correct
  118. $location = "success.php";
  119. //do some staff
  120. }else{
  121. //password is incorrect
  122. $location = "error.php";
  123. }
  124. }else{
  125. //user is not active
  126. $location = "error.php";
  127. }
  128. }else{
  129. //user does no exists
  130. $location = "error.php";
  131. }
  132. header("Location: ".$location);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!