Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /* begin session */
- session_start();
- /*first check that both the username,password and form token have been sent */
- if(!isset($_POST['user_login'], $_POST['pass']))
- {
- return 'please enter a valid username and password';
- }
- /* check the form token is valid */
- elseif
- ($_POST['register'] != $_SESSION['register'])
- {
- return 'invalid for submission';
- }
- else{
- $user_login= filter_var($_POST['user'], FILTER_SANITIZE_STRING);
- $pass = filter_var($_POST['pwd'], FILTER_SANITIZE_STRING);
- /*Encrypt password */
- /* $pass = sha1 ($pass); */
- /*connect to the db */
- $mysql_hostname='localhost';
- $mysql_username='james';
- $mysql_password='password';
- $mysql_dbname='king_db';
- try {
- //conection to the database
- $dbh = new PDO('mysql:host=localhost;dbname=king_db;charset=utf8', 'james', 'password');
- $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- // prepare statement for the selection of data from my sql tables
- $statement = $dbh->prepare('INSERT INTO logins (email, password) VALUES (:user_login , passwrd)');
- //binds the email coloum to the user_login input for checking data
- $statement->bindParam(':email', $_POST['user_login'], PDO::PARAM_STR);
- // this statement is not needed, when you encrypt passwords it dose not following the exact same string
- $statement->bindParam(':password', $_POST['passwrd'], PDO::PARAM_STR);
- //executes the above statments
- $statement->execute();
- unset($_SESSION['register']);
- // is a statment that fetches the array from the databaese, the fetch_assoc only pulls the data that
- // has the string of the the coloum name with it instead of the both the ones with ids ie [email] fadf@dfa.com, or [1]fadf@fads.com
- $results = $statement->fetchAll(PDO::FETCH_ASSOC);
- //setting a session for 'email' then
- $_SESSION['register'] = $_POST['adduser'];
- //echoing the $session
- echo "<pre>";
- print_r($_SESSION);
- echo "</pre>";
- }
- //catches the try statment in other terms stop the error reporting.
- catch (Exception $e)
- {
- echo $e->getMessage();
- // check if username already exists
- //($e->getCode() ==23000)
- //{
- /** if we are here, something has gone wrong with your database */
- // $message= 'we are unable to process your request. please try agin later';
- //echo 'Error:';
- }
- }
- ?>
- <html>
- <head>
- <title> King Login </title>
- </head>
- <body>
- <p>
- <?php
- ?>
- </p>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement