Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- function login($username, $password){
- $user_id = user_id_from_username($username);
- global $con;
- $username = sanitize($username);
- $password = md5($password);
- return (mysqli_num_rows(mysqli_query($con, "SELECT COUNT(`user_id`) FROM `users` WHERE `username`='$username' AND `password`='$password'"))==1) ? $user_id : false;
- }
- ?>
- <?php
- function change_password($user_id, $password){
- $user_id = (int)$user_id;
- $password = md5($password);
- mysqli_query("UPDATE `users` SET `password` = '$password' WHERE `user_id` = $user_id");
- }
- function register_user($register_data){
- array_walk($register_data, 'array_sanitize');
- $register_data['password'] = md5($register_data['password']);
- $fields = '`' . implode('`, `', array_keys($register_data)) . '`';
- $data = ''' . implode('', '', $register_data) . ''';
- mysqli_query("INSERT INTO `users` ($fields) VALUES ($data)");
- }
- function user_count(){
- return mysqli_num_rows (mysqli_query("SELECT COUNT(`user_id`) FROM `users` WHERE `active` = 1"), 0);
- }
- function user_data($user_id){
- $data = array();
- $user_id = (int)$user_id;
- $func_num_args = func_num_args();
- $func_get_args = func_get_args();
- if ($func_get_args > 1){
- unset($func_get_args[0]);
- $fields = '`' . implode('`, `', $func_get_args) . '`';
- $data = mysqli_fetch_assoc(mysqli_query("SELECT $fields FROM `users` WHERE `user_id` = $user_id"));
- return $data;
- }
- }
- function logged_in(){
- return (isset($_SESSION['user_id'])) ? true : false;
- }
- function user_exists($username) {
- global $con;
- $stmt = mysqli_prepare($con, "SELECT COUNT(*) FROM users WHERE username = ?");
- mysqli_stmt_bind_param($stmt, "s", $username);
- mysqli_stmt_execute($stmt);
- mysqli_stmt_bind_result($stmt, $count);
- mysqli_stmt_fetch($stmt);
- return $count == 1;
- }
- function email_exists($email) {
- global $con;
- $stmt = mysqli_prepare($con, "SELECT COUNT(*) FROM users WHERE email = ?");
- mysqli_stmt_bind_param($stmt, "s", $email);
- mysqli_stmt_execute($stmt);
- mysqli_stmt_bind_result($stmt, $count);
- mysqli_stmt_fetch($stmt);
- return $count == 1;
- }
- function user_active($username) {
- global $con;
- $stmt = mysqli_prepare($con, "SELECT COUNT(*) FROM users WHERE username = ? AND active = 1");
- mysqli_stmt_bind_param($stmt, "s", $username);
- mysqli_stmt_execute($stmt);
- mysqli_stmt_bind_result($stmt, $count);
- mysqli_stmt_fetch($stmt);
- return $count == 1;
- }
- function user_id_from_username($username) {
- global $con;
- $stmt = mysqli_prepare($con, "SELECT COUNT(*) FROM users WHERE username = ?");
- mysqli_stmt_bind_param($stmt, "s", $username);
- mysqli_stmt_execute($stmt);
- mysqli_stmt_bind_result($stmt, $count);
- mysqli_stmt_fetch($stmt);
- return $count == 1;
- }
- function login($username, $password) {
- global $con;
- $password = md5($password);
- $stmt = mysqli_prepare($con, "SELECT COUNT(*) FROM users WHERE username = ? AND password = ?");
- mysqli_stmt_bind_param($stmt, 'ss', $username, $password);
- mysqli_stmt_execute($stmt);
- mysqli_stmt_bind_result($stmt, $count);
- mysqli_stmt_fetch($stmt);
- return $count == 1;
- }
- ?>
- <?php
- ob_start();
- include("connect.php");
- include("int.php");
- if(empty($_POST) === false){
- $username = $_POST['username'];
- $password = $_POST['password'];
- if (empty($username) === true || empty($password) === true){
- $errors[] = '<div class="error-notice">
- <div class="oaerror warning">
- <strong>Oops!</strong>
- You need to enter a username and a passsword!
- </div></div>';
- } else if(user_exists($username) === false){
- $errors[] = '<div class="error-notice">
- <div class="oaerror info">
- <strong>Hmm.</strong>
- Username not found. Have you registered first?
- </div></div>';
- } else if(user_active($username) === false){
- $errors[] = '<div class="error-notice">
- <div class="oaerror warning">
- <strong>Oops!</strong>
- Your account is not activated! Be sure to check your mail!
- </div></div>';
- } else{
- if (strlen($password) > 32){
- $errors[] ='<div class="error-notice">
- <div class="oaerror warning">
- <strong>Oops!</strong>
- Your password is too long!
- </div></div>';
- }
- $login = login($username, $password);
- if($login === false){
- $errors[] ='<div class="error-notice">
- <div class="oaerror danger">
- <strong>Uh oh!</strong>
- Your Username/Password is incorrect!
- </div></div>';
- } else{
- // set the user sesssion
- $_SESSION['user_id'] = $login;
- // redirect user to home
- header("Location: index.php");
- ob_end_flush();
- exit();
- }
- }
- } else{
- }
- echo output_errors($errors);
- if (logged_in() === true){
- header("Location: index.php");
- exit();
- }else{
- }
- ?>
- if (empty($_POST) === false){
- $required_fields = array('username', 'password', 'password_again', 'first_name', 'email');
- foreach($_POST as $key=>$value){
- if (empty($value) && in_array($key, $required_fields) === true){
- $errors[] = '<div class="error-notice">
- <div class="oaerror danger">
- <strong>Uh oh!</strong>
- Fields marked with an asterisk(*) are required.
- </div></div>';
- break 1;
- }
- }
- if (empty($errors) === true) {
- if (user_exists($_POST['username']) === true){
- $errors[] = '<div class="error-notice">
- <div class="oaerror danger">
- <strong>Uh oh!</strong>
- Sorry, the username '' . htmlentities($_POST['username']) . '' is already taken.
- </div></div>';
- }
- if (preg_match("/\s/", $_POST['username']) == true){
- $errors[] = '<div class="error-notice">
- <div class="oaerror danger">
- <strong>Uh oh!</strong>
- Your username must not contain any spaces.
- </div></div>';
- }
- if (strlen($_POST['password']) <= 6){
- $errors[] = '<div class="error-notice">
- <div class="oaerror danger">
- <strong>Uh oh!</strong>
- Your password needs to be at least 6 characters long.
- </div></div>';
- }
- if ($_POST['password'] !== $_POST['password_again']){
- $errors[] = '<div class="error-notice">
- <div class="oaerror danger">
- <strong>Uh oh!</strong>
- Your passwords do not match.
- </div></div>';
- }
- if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false){
- $errors[] = '<div class="error-notice">
- <div class="oaerror danger">
- <strong>Uh oh!</strong>
- A valid email is required.
- </div></div>';
- }
- if (email_exists($_POST['email']) === true){
- $errors[] = '<div class="error-notice">
- <div class="oaerror danger">
- <strong>Uh oh!</strong>
- Sorry, the E-Mail '' .($_POST['email']) . '' is already in use.
- </div></div>';
- }
- }
- }
- if (isset($_GET['success']) && empty($_GET['success'])){
- echo '<div class="error-notice">
- <div class="oaerror success">
- <strong>Wooh!</strong>
- You've been successfully registered!
- </div></div>';
- }else{
- if (empty($_POST) === false && empty($errors) === true){
- $register_data = array(
- 'username' => $_POST['username'],
- 'password' => $_POST['password'],
- 'first_name' => $_POST['first_name'],
- 'last_name' => $_POST['last_name'],
- 'email' => $_POST['email'],
- 'quote' => $_POST['quote'],
- 'who' => $_POST['who']
- );
- register_user($register_data);
- header("Location: quotin_register_page.php?success");
- exit();
- }else if(empty($errors) === false){
- echo output_errors($errors);
- }
- <?php
- $con = mysqli_connect("gator4159.hostgator.com", "", "password", "DB");
- // Check connection
- if (mysqli_connect_errno())
- {
- echo "Failed to connect to MySQL: " . mysqli_connect_error();
- }
- ?>
- <?php
- session_start();
- //error_reporting(0);
- require("connect.php");
- require("general.php");
- require("users.php");
- $errors = array();
- ?>
- <?php
- function array_sanitize(&$item){
- global $con;
- $item = mysqli_real_escape_string($con, $item);
- }
- function sanitize($data){
- global $con;
- return mysqli_real_escape_string($con, $data);
- }
- function output_errors($errors){
- $output = array();
- foreach($errors as $error){
- $output[] = $error;
- }
- return implode('', $output);
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement