Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include_once "db.php";
- session_start();
- $pass=$username="";
- $login_err=$match_err="";
- if(isset($_POST['password'])) {
- //trim and anti-special the pass
- if (!preg_match("[$&+,:;=?@#|'<>.-^/*()%!]", trim($_POST['usn']))){
- $username=trim($_POST['usn']);
- } else {
- $login_err="tokios paskyros nera";
- }
- }
- if(isset($_POST['usn'])){
- ///trim and anti-spec it
- if (!preg_match("[$&+,:;=?@#|'<>.-^/*()%!]", trim($_POST['password']))){
- $pass=trim($_POST['password']);
- };
- }
- $use=$db->real_escape_string($username);
- $query= "SELECT * FROM prisijungimai WHERE username = '$use'";
- if(isset($pass) && !empty($_POST['pass'])) {
- if ($results = $db->query($query)) {
- //getting just one row matched to according UNIQUE username and fetching details needed to login
- $row = $db->fetch_assoc();
- $username = $row['username'];
- $c_pass = $row['Pass'];
- $lvl = $row["grp"];
- if ($pass == $c_pass) {
- //LOGIN
- $_SESSION['lvl'] = $lvl;
- $_SESSION['user'] = $username;
- header('location:nav.php');
- } else { //Wrong Password
- $match_err = "neteisingas vartotojo slaptazodis";
- }
- }
- { //if assoc is empty(no result)
- $login_err = "tokio vartotojo nera";
- }
- }
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="UTF-8">
- <title>Login</title>
- <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css">
- <style type="text/css">
- body{ font: 14px sans-serif; }
- .wrapper{ width: 350px; padding: 20px; }
- </style>
- </head>
- <body>
- <div class="wrapper">
- <h2>Login</h2>
- <p>Please fill in your credentials to login.</p>
- <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
- <div class="form-group <?php echo (!empty($login_err)) ? 'has-error' : ''; ?>">
- <label>Username</label>
- <input type="text" name="usn" class="form-control">
- <span class="help-block"><?php echo $login_err; ?></span>
- </div>
- <div class="form-group <?php echo (!empty($match_err)) ? 'has-error' : ''; ?>">
- <label>Password</label>
- <input type="password" name="password" class="form-control">
- <span class="help-block"><?php echo $match_err; ?></span>
- </div>
- <div class="form-group">
- <input type="submit" class="btn btn-primary" value="Login">
- </div>
- <p>Don't have an account? <a href="register.php">Sign up now</a>.</p>
- </form>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement