<?php session_start(); // variable declaration $username = ""; $email

1. <?php
2. session_start();
3.  
4. // variable declaration
5. $username = "";
6. $email = "";
7. $errors = array();
8. $_SESSION['success'] = "You are now logged in";
9.  
10.  
11. // connect to database
12. $db = mysqli_connect('localhost', 'id5659948_waji12', 'cool.waji', 'id5659948_waji');
13.  
14. // REGISTER USER
15. if (isset($_POST['reg_user'])) {
16. // receive all input values from the form
17. $username = mysqli_real_escape_string($db, $_POST['username']);
18. $email = mysqli_real_escape_string($db, $_POST['email']);
19. $password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
20. $password_2 = mysqli_real_escape_string($db, $_POST['password_2']);
21.  
22. // form validation: ensure that the form is correctly filled
23. if (empty($username)) { array_push($errors, "Username is required"); }
24. if (empty($email)) { array_push($errors, "Email is required"); }
25. if (empty($password_1)) { array_push($errors, "Password is required"); }
26.  
27. if ($password_1 != $password_2) {
28. array_push($errors, "The two passwords do not match");
29. }
30.  
31. // register user if there are no errors in the form
32. if (count($errors) == 0) {
33. $password = md5($password_1);//encrypt the password before saving in the database
34. $query = "INSERT INTO users (username, email, password)
35. VALUES('$username', '$email', '$password')";
36. $query2 = "INSERT INTO faucetinabox_address (username)
37. VALUES('$username')";
38. mysqli_query($db, $query);
39. mysqli_query($db, $query2);
40.  
41. $_SESSION['username'] = $username;
42. $_SESSION['success'] = "You are now logged in";
43. header('location: index.php');
44. }
45.  
46. }
47.  
48. // ...
49.  
50. // LOGIN USER
51. if (isset($_POST['login_user'])) {
52. $username = mysqli_real_escape_string($db, $_POST['username']);
53. $password = mysqli_real_escape_string($db, $_POST['password']);
54.  
55. if (empty($username)) {
56. array_push($errors, "Username is required");
57. }
58. if (empty($password)) {
59. array_push($errors, "Password is required");
60. }
61.  
62. if (count($errors) == 0) {
63. $password = md5($password);
64. $query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
65. $results = mysqli_query($db, $query);
66.  
67. if (mysqli_num_rows($results) == 1) {
68. $_SESSION['username'] = $username;
69. $_SESSION['success'] = "You are now logged in";
70. header('location: index.php');
71. }else {
72. array_push($errors, "Wrong username/password combination");
73. }
74. }
75. }
76.  
77. ?>