Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include '../Connection.php';
- session_start();
- $Err="";
- if(isset($_POST['button'])){
- $Username = filter_input(INPUT_POST,'Username', FILTER_SANITIZE_STRING);
- $Password = filter_input (INPUT_POST,'Password', FILTER_SANITIZE_STRING);
- if(isset($_POST['g-recaptcha-response']))
- $captcha=$_POST['g-recaptcha-response'];
- $response=json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=6Le_LnQUAAAAACKn-eiJgSVNYrS-7yOB4sl7Qqqs&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']), true);
- if($response['success'] == false)
- {
- echo "Please check the captcha form.";
- }
- else
- {
- //Check no fields are empty, if empty display error message.
- if(empty($_POST["Username"]) || empty($_POST["Password"])){ echo "<center>Please ensure all fields are filled in.</center>";}else{
- $Salt = "cf01passwordSalt";
- $Password = $Password . $Salt;
- $Password = sha1($Password);
- //encrypt password
- $sql = "SELECT * FROM users WHERE Username = :Username
- AND Password = :Password";
- $stmt = $con->prepare($sql);
- $success = $stmt->execute(['Username'=> $Username, 'Password' => $Password]);
- if($success && $stmt->rowCount() > 0){
- $User = $stmt->fetch(PDO::FETCH_OBJ);
- $Admin = $User->Admin;
- $Reporter = $User->Reporter;
- // Check if user is an admin or not.
- if($Admin == 'Y'){
- $_SESSION['Admin'] = true;
- }
- else {
- $_SESSION['Admin']= false;
- }
- //Check if user is a reporter or not.
- if($Reporter == 'Y'){
- $_SESSION['Reporter'] = true;
- }
- else {
- $_SESSION['Reporter']= false;
- }
- header("Location: ../View/Newspaper.php");
- $_SESSION['loggedIn'] = true;
- $_SESSION['Username'] = $Username;
- }
- else
- {
- $Err = "<center>Username or Password is incorrect, Please try again.</center>";
- $_SESSION['loggedIn'] = false;
- }
- }
- }
- }
- $cookie_name = "Username";
- $cookie_value = $un;
- setcookie($cookie_name, $cookie_value, time() + (86400 * 30), "/"); // 86400 = 1 day
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement