HAVENT CHECKED

1. <?php
2. require 'user.php';
3.  
4. if(isset($_POST['submit']))
5. {
6. $name = $_POST['user'];
7. $pass = $_POST['password'];
8.  
9. $object = new Connect();
10. $object->login($name, $pass);
11. }
12.  
13. if(isset($_POST['register']))
14. {
15. $reg = new Connect();
16. $reg->register($name, $pass);
17. }
18. ?>
19.  
20. <!-- LOGIN STARTS -->
21. <h2>Login</h2>
22. <form action="" method="POST">
23. Username: <input type="text" name="user">
24. Password: <input type="text" name="password">
25. <input type="submit" name="submit" value="Login">
26. </form>
27.  
28. <!-- REGISTER STARTS -->
29. <h2>Register</h2>
30. <form action="" method="POST">
31. Username: <input type="text" name="reg_user">
32. Password: <input type="text" name="reg_pass">
33. <input type="submit" name="register" value="Register">
34. </form>
35.  
36.  
37. ///////////////////////////////////// THAT WAS INDEX.PHP ////////////////////////////
38.  
39.  
40.  
41. <?php
42. class Connect
43. {
44.  
45. public function __construct()
46. {
47. try
48. {
49. $this->db = new PDO("mysql:host=localhost;dbname=aaron_test",'aaron_test','d6G4X5S54');
50. }
51. catch(PDOException $e)
52. {
53. echo $e->getMessage();
54. }
55. }
56.  
57. public function login($name, $pass)
58. {
59. if(!empty($name) && !empty($pass))
60. {
61. $st = $this->db->prepare("SELECT * FROM users WHERE username= ? and password= ?");
62. $st->bindParam(1, $name);
63. $st->bindParam(2, $pass);
64. $st->execute();
65.  
66. if($st->rowCount() == 1)
67. {
68. echo "Access Granted.";
69. }
70. else
71. {
72. echo "incorrect username or password.";
73. }
74. }
75. else
76. {
77. echo "Please supply a username and password.";
78. }
79. }
80. public function register($name, $pass)
81. {
82. if(!empty($name) && !empty($pass))
83. {
84. $get = $this->db->prepare("SELECT * FROM users WHERE username = ?")
85. $get->bindParam(1, $name);
86. $st->execute();
87.  
88. if($get->rowCount() == 0)
89. {
90. $set = $this->db->prepare("INSERT INTO users (username, password) VALUES (:name, :password)");
91. $set->bindParam(':name', $_POST['reg_user']);
92. $set->bindParam(':pass', $_POST['reg_pass']);
93. $set->execute()
94. echo "Your details have now been registered.";
95. }
96. else
97. {
98. echo "An account with this username already exists.";
99. }
100. else
101. {
102. echo "Please fill in all of the fields.";
103. }
104. }
105. }
106. }
107.  
108. ?>