Untitled

<!DOCTYPE HTML>
<html lang="pl">
<head>

    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
    <title>grammo</title>

    <meta name="description" content="mmo" />
    <meta name="keywords" content="mmo" />

    <link href="" rel="stylesheet" type="text/css" />
    <link href="" rel="stylesheet" type="text/css" />

</head>
<body>

<?php
header('refresh: ; url=http://localhost'); // Przekierowanie strony + odświeżenie
?>
<?php

?>


<?php
    $page = $_GET['action'];
    if(is_null($page)) {
        $page = $_POST['action'];
    }

    if($page == "login") {

    }

    if($page == "register") {

    }
?>

<?php if($page == "login"): ?>
<form method="POST" action="">
    <input type="hidden" name="action" value="login" />
    <input type="text" name="user_login" value="" placeholder="login..." /> <br/>
    <input type="password" name="user_pass" value="" placeholder="haslo..." /> <br/>
    <input type="submit" value="Loguj" />
</form>
<?php elseif($page == "register"): ?>
<form method="POST" action="">
    <input type="hidden" name="action" value="register" />
    <input type="text" name="user_login" value="" placeholder="login..." /> <br/>
    <input type="password" name="user_pass_01" value="" placeholder="haslo..." /> <br/>
    <input type="password" name="user_pass_02" value="" placeholder="powtorz haslo..." /> <br/>
    <input type="text" name="user_email" value="" placeholder="e-mail..." /> <br/>
    <input type="submit" value="Rejstruj" />
</form>
<?php endif; ?>


<?php
    $servername = 'localhost';
    $username = 'root';
    $password = '';
    $dbname = 'players';

    $page = $_GET['action'];
    if(is_null($page)) {
        $page = $_POST['action'];
    }

    if($page == "login") {

    }

    if($page == "register") {
        if ($_SERVER['REQUEST_METHOD'] === 'POST') {

            $login = trim(strip_tags($_POST['user_login']));
            $password1 = trim(strip_tags($_POST['user_pass_01']));
            $password2 = trim(strip_tags($_POST['user_pass_02']));
            $email = trim(strip_tags($_POST['user_email']));

            if($password1 != $password2) {
                die("Passwords are different");
            }

            $conn = new mysqli($servername, $username, $password, $dbname);
            // Check connection
            if ($conn->connect_error) {
                die("Connection failed: " . $conn->connect_error);
            }

            $sql = "INSERT INTO players (login, pass, email) VALUES ('".$login."', '".md5($password1)."', '".$email."')";

            if ($conn->query($sql) === TRUE) {
                $result = array('status' => 1, 'msg' => "Success");
            } else {
                $result = array('status' => 0, 'msg' => $conn->error);

            }

            echo json_encode($result);
            $conn->close();
            die;
        }


    if ($_SERVER['REQUEST_METHOD'] === 'POST') {

    $login = trim(strip_tags($_POST['user_login']));
    $passwd = trim(strip_tags($_POST['user_pass']));

    $conn = new mysqli($servername, $username, $password, $dbname);

    if ($conn->connect_error) {
        die("Connection failed: " . $conn->connect_error);
    }

    $sql = "SELECT * FROM players WHERE login LIKE '" . $login . "'";
    $result = $conn->query($sql);

    if ($result->num_rows > 0) {
        $user = $result->fetch_assoc();

        if(md5($passwd) != $user['pass']) {
            $result = array('status' => 0, 'msg' => "Wrong Password");
        } else {
            $result = array('status' => 1, 'msg' => "Success!");
        }
    } else {
        $result = array('status' => 0, 'msg' => "There is no such user");
    }

    echo json_encode($result);
    $conn->close();
    die;
}
?>

<br/>
<a href="?action=register">Register</a> |
<a href="?action=login">Login</a>
</body>
</html>