Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- require_once 'mydbms.php';
- $DBcon=mysqli_connect('localhost','batab','kina','kina');
- if (isset($_SESSION['userSession'])!="") {
- header("Location: home.php");
- exit;
- }
- include_once $_SERVER['DOCUMENT_ROOT'] . '/Kina/securimage/securimage.php';
- $securimage = new Securimage();
- if (isset($_POST['btn-login'])) {
- if ($securimage->check($_POST['captcha_code']) == false) {
- // the code was incorrect
- // you should handle the error so that the form processor doesn't continue
- // or you can use the following code if there is no validation or you do not know how
- echo "The security code entered was incorrect.<br /><br />";
- echo "Please go <a href='javascript:history.go(-1)'>back</a> and try again.";
- exit;
- }
- $username = strip_tags($_POST['username']);
- $password = strip_tags($_POST['password']);
- $username = $DBcon->real_escape_string($username);
- $password = $DBcon->real_escape_string($password);
- $query = $DBcon->query("SELECT user_id, username, password FROM users WHERE username='$username'");
- $row=$query->fetch_array();
- $_SESSION['user_id']=$row['user_id'];
- $_SESSION['role']=$row['role'];
- $count = $query->num_rows; // if email/password are correct returns must be 1 row
- if($count==1)
- {
- if ($row['role']=="administrator")
- {
- header ("location: home.php");
- }
- else if ($row['role']=="user")
- {
- $_SESSION['role']=$row['role'];
- header ("location: 404.php");
- }
- }
- if (password_verify($password, $row['password']) && $count==1) {
- $_SESSION['userSession'] = $row['user_id'];
- header("Location: index.php");
- } else {
- $msg = "<div class='alert alert-danger'>
- <span class='glyphicon glyphicon-info-sign'></span> Invalid Username or Password !
- </div>";
- }
- $DBcon->close();
- }
- ?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <script src='https://www.google.com/recaptcha/api.js'></script>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <title>Coding Cage - Login & Registration System</title>
- <link href="bootstrap/css/bootstrap.min.css" rel="stylesheet" media="screen">
- <link href="bootstrap/css/bootstrap-theme.min.css" rel="stylesheet" media="screen">
- <link rel="stylesheet" href="style.css" type="text/css" />
- </head>
- <body>
- <div class="signin-form">
- <div class="container">
- <form class="form-signin" method="post" id="login-form">
- <h2 class="form-signin-heading">Sign In.</h2><hr />
- <?php
- if(isset($msg)){
- echo $msg;
- }
- ?>
- <div class="form-group">
- <input type="text" class="form-control" placeholder="Felhasználónév" name="username" required />
- <span id="check-e"></span>
- </div>
- <div class="form-group">
- <input type="password" class="form-control" placeholder="Password" name="password" required />
- </div>
- <hr />
- <img id="captcha" src="/Kina/securimage/securimage_show.php" alt="CAPTCHA Image" />
- <input type="text" name="captcha_code" size="10" maxlength="6" />
- <a href="#" onclick="document.getElementById('captcha').src = '/Kina/securimage/securimage_show.php?' + Math.random(); return false">[ Different Image ]</a>
- <div class="form-group">
- <button type="submit" class="btn btn-default" name="btn-login" id="btn-login">
- <span class="glyphicon glyphicon-log-in"></span> Sign In
- </button>
- <a href="register.php" class="btn btn-default" style="float:right;">Sign UP Here</a>
- </div>
- </form>
- </div>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement