Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- // Anslut till databasen
- $db = new PDO('mysql:host=localhost;dbname=emildeveloping7;charset=utf8mb4', 'root', '');
- // Definera alla variablar
- $username = "";
- $email = "";
- $name = "";
- $errors = array();
- // Registrera användare om man trycker på register_btn
- if (isset($_POST['register_btn'])) {
- register();
- }
- // Logga in användare om man trycker på login_btn
- if (isset($_POST['login_btn'])) {
- login();
- }
- // Logga ut användare om man trycker på logout
- if (isset($_GET['logout'])) {
- session_destroy();
- unset($_SESSION['user']);
- header("location: ../login.php");
- }
- // Registrera Användare
- function register(){
- global $db, $errors;
- // Ta ut alla värden från register formuläret
- $username = $_POST['username'];
- $name = $_POST['name'];
- $email = $_POST['email'];
- $password_1 = $_POST['password_1'];
- $password_2 = $_POST['password_2'];
- $verification = md5(rand(0,1000));
- // Verifikations Mejl
- $to = $email;
- $subject = "Your New Account | Emil Developing";
- $message = "
- <html>
- <head>
- </head>
- <body>
- <p>Thanks for creating an account on Emil Developing!</p>
- <p>Before you start to use your account please verify your e-mail adress. Click the link below to activate your account.</p>
- <p>For any problems please contact us through our Support System.</p>
- <br>
- <p>Please click the link to activate your account.</p>
- <a href='https://emildeveloping.com/inc/verify.php?email='.$email.'&verification='.$verification.''>https://emildeveloping.com/inc/verify.php?email='.$email.'&verification='.$verification.'</a>
- </body>
- </html>
- ";
- $headers = "From: noreply@emildeveloping.com";
- $headers .= 'Content-type: text/html; charset=iso-8859-1';
- mail($to,$subject,$message,$headers);
- // Kolla så alla inputs är ifyllda
- if (empty($username)) {
- array_push($errors, "Username is required");
- }
- if (empty($email)) {
- array_push($errors, "Email is required");
- }
- if (empty($password_1)) {
- array_push($errors, "Password is required");
- }
- if ($password_1 != $password_2) {
- array_push($errors, "The two passwords do not match");
- }
- // Registrera användare om inga fel upptäcktes, samt kryptera lösenordet
- if (count($errors) == 0){
- $password = md5($password_1);
- try {
- if(isset($_POST['user_type'])){
- $user_type = $_POST['user_type'];
- // Registrera om personens user_type är admin
- $query = "INSERT INTO users (username, name, email, user_type, password, verification) VALUES (:username,:name,:email,:user_type,:password,:verification)";
- $stmt = $db->prepare($query);
- $stmt->bindparam(":username",$username);
- $stmt->bindparam(":name",$name);
- $stmt->bindparam(":email",$email);
- $stmt->bindparam(":user_type",$user_type);
- $stmt->bindparam(":password",$password);
- $stmt->bindparam(":verification",$verification);
- $stmt->execute();
- $_SESSION['success'] = "User was created.";
- header ('Location: account/admin/index.php');
- // Registrera om personens user_type är user
- }else{
- $query2 = "INSERT INTO users (username, name, email, user_type, password, verification) VALUES (:username,:name,:email,'user',:password,:verification)";
- $stmt = $db->prepare($query2);
- $stmt->bindparam(":username",$username);
- $stmt->bindparam(":name",$name);
- $stmt->bindparam(":email",$email);
- $stmt->bindparam(":password",$password);
- $stmt->bindparam(":verification",$verification);
- $stmt->execute();
- // Lägg in personens ID i en SESSION
- $logged_in_user_id = $db->lastInsertId();
- $_SESSION['user'] = getUserByID($logged_in_user_id);
- $_SESSION['success'] = "You got logged in.";
- header ('Location: account/index.php');
- }
- }catch(exception $e){}
- }
- // Get User By ID
- function getUserByID($id){
- global $db;
- $query3 = "SELECT * FROM users WHERE id = :id";
- $stmt = $db->prepare($query3);
- $stmt->bindparam(":id",$id);
- $stmt->execute();
- $user = $stmt->fetch(PDO::FETCH_ASSOC);
- return $user;
- }
- // Logga in användare
- function login(){
- global $db, $username, $errors;
- $username = $_POST['username'];
- $password = $_POST['password'];
- if (empty($username)){
- array_push($errors, "Username is requierd.");
- }
- if (empty($password)){
- array_push($errors, "Password is requierd.");
- }
- if (count($errors) == 0){
- $password = md5($password);
- $query4 = "SELECT * FROM users WHERE username=:username AND password=:pasword LIMIT 1";
- $stmt = $db->prepare($query4);
- $stmt->bindparam(":username",$username);
- $stmt->bindparam(":password",$password);
- $stmt->execute();
- if ($stmt->fetchColumn() == 1) {
- $logged_in_user = $stmt->fetch(PDO::FETCH_ASSOC);
- if ($logged_in_user['user_type'] == 'admin'){
- $_SESSION['user'] = $logged_in_user;
- $_SESSION['success'] = "Logged in as Admin.";
- header ('Location: account/admin/index.php');
- }else{
- $_SESSION['user'] = $logged_in_user;
- $_SESSION['user'] = "Logged in as User.";
- header ('Location: account/index.php');
- }
- }else{
- array_push($errors, "Wrong username/password combination.");
- }
- }
- function isLoggedIn(){
- if (isset($_SESSION['user'])){
- return true;
- }else{
- return false;
- }
- }
- function isAdmin(){
- if (isset($_SESSION['user']) && $_SESSION['user']['user_type'] == 'admin'){
- return true;
- }else{
- return false;
- }
- }
- function display_error(){
- global $errors;
- if (count($errors) > 0){
- echo '<div class="error">';
- foreach ($errors as $error){
- echo $error .'<br';
- }
- echo '</div>';
- }
- }
- exit();
- #}
- #catch(PDOException $exception){
- # die('ERROR: ' . $exception->getMessage());
- # }
- #}
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement