API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 19th, 2016
59
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.16 KB | None | 0 0
raw download clone embed print report
  1. if (isset($_POST['Login'])) {
  2. $username = $_POST['email'];
  3. $store_password = $_POST['pword'];
  4. check($username, $store_password);
  5. }
  6. function check($username, $pword){
  7. $conn = mysqli_connect('localhost', 'root', 'root', 'Registrar');
  8. $check = "SELECT * FROM Users WHERE email='$username'";
  9. $check_q = mysqli_query($conn, $check) or die("<div class='loginmsg'>Error on checking Username<div>");
  10. if (mysqli_num_rows($check_q) == 1) {
  11. login($username, $pword);
  12. }
  13. else{
  14. echo "<div id='loginmsg'>Wrong Email or Password</div>";
  15. }
  16. }
  17.  
  18.  
  19. function login($username, $pword){
  20. $conn = mysqli_connect('localhost', 'root', 'root', 'Registrar');
  21. $login = "SELECT * FROM Users WHERE email='$username' and pword='$pword'";
  22. $login_q = mysqli_query($conn, $login) or die('Error on checking Username and Password');
  23. if (mysqli_num_rows($login_q) == 1){
  24. header('Location: account.php');
  25. echo"<div id='loginmsg'> Logged in as $username </div>";
  26. $_SESSION['username'] = $username;
  27. }
  28. else {
  29. echo "<div id='loginmsg'>Wrong Password </div>";
  30. }
  31. }
  32.  
  33. $uname = $_POST['uname'];
  34. $email = $_POST['email'];
  35. $pword = $_POST['pword'];
  36. $store_password = password_hash('pword', PASSWORD_BCRYPT, array('cost' => 10));
  37.  
  38. if (password_verify($given_password, $stored_password)) {
  39. echo 'Password is valid!';
  40. } else {
  41. echo 'Invalid password.';
  42. }
  43.  
  44. function login($username, $pword){
  45. $conn = mysqli_connect('localhost', 'root', 'root', 'Registrar');
  46. $login = "SELECT email, pword FROM Users WHERE email='$username'";
  47. $login_q = mysqli_query($conn, $login) or die('Error on checking Username and Password');
  48. if (mysqli_num_rows($login_q) == 1){
  49. if(password_verify($pword, mysqli_fetch_field($login_q,1))){
  50. header('Location: account.php');
  51. echo"<div id='loginmsg'> Logged in as $username </div>";
  52. $_SESSION['username'] = $username;
  53. }
  54. else {
  55. echo "<div id='loginmsg'>Wrong Password </div>";
  56. }
  57. }
  58. else {
  59. echo "<div id='loginmsg'>Unknown Username </div>";
  60. }
  61. }
  62.  
  63. // This is just simple but you can make this as elaborate as you want, but
  64. // if you always use the same function to connect, you will will find troubleshooting
  65. // that much easier.
  66. function connection()
  67. {
  68. return new PDO('mysql:host=localhost;dbname=Registrar','root','root');
  69. }
  70. // You want to make a simple validation function where that's all it does,
  71. // you don't want to put a bunch of html in here because you can reuse this function
  72. // elsewhere in other scripts if need be.
  73. function validate($email,$password,$con)
  74. {
  75. // Just look up by email only
  76. $sql = "SELECT * FROM `Users` WHERE `email`= ?";
  77. $query = $con->prepare($sql);
  78. $query->execute(array($email));
  79. $result = $query->fetch(PDO::FETCH_ASSOC);
  80. // If you don't get a row, just return false (didn't validate)
  81. if(empty($result['email']))
  82. return false;
  83. // $result['password'] should have been stored as a hash using password_hash()
  84. return password_verify($password,$result['password']);
  85. }
  86. // Do a quick updater to make it easier on yourself.
  87. // You don't use this in this script but it gives you an idea about what to
  88. // do when you are saving passwords via password_hash()
  89. function updatePassword($email,$password,$con)
  90. {
  91. $hash = password_hash($password, PASSWORD_DEFAULT);
  92. $sql = 'UPDATE `Users` set `password` = ? where `email` = ?';
  93. $query = $con->prepare($sql);
  94. $query->execute(array($hash,$email));
  95. }
  96.  
  97. session_start();
  98. $con = connection();
  99. // Check there is a post and that post is valid email address
  100. // At this point you can add more messaging for errors...
  101. if(!empty($_POST['email']) && filter_var($_POST['email'],FILTER_VALIDATE_EMAIL)) {
  102. // Run our validation function
  103. $valid = validate($_POST['email'],$_POST['password'],$con);
  104. if($valid) {
  105. $_SESSION['username'] = $_POST['email'];
  106. header('Location: account.php');
  107. exit;
  108. }
  109. else {
  110. die("<div id='loginmsg'>Wrong Password</div>");
  111. }
  112. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!