Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once "config.php";
- session_start();
- if (isset($_SESSION["username"]) and isset($_SESSION["auth_ok"])) {
- error_log("user authenticated");
- header("Location: pages/index.php");
- die();
- }
- if (isset($_POST['register-button'])) {
- $email = $_POST["email"];
- $pass = sha1($_POST["password"]);
- $query = $con->query("SELECT * FROM user WHERE username='" .$email . "'");
- $user = $query->fetch_array();
- if ($user["username"] == $email) {
- echo "<div class='alert alert-danger fade in'>User already exist</div>";
- }
- $send_username_password = $con->query("INSERT INTO user (username, password) VALUES ( '$email', '$pass' )");
- }
- if (isset($_POST['login-button'])) {
- if (isset($_POST["email"]) && isset($_POST["password"])) {
- $email = $_POST["email"];
- $pass = $_POST["password"];
- $query = $con->query("SELECT * FROM user WHERE username='" .$email . "'");
- if (!$query) {
- error_log("Error in query " . $con->error);
- } else {
- $count = $query->num_rows;
- if ($count == 1) {
- $user = $query->fetch_array();
- if ($user["password"] == sha1($pass)) {
- error_log("auth OK");
- $_SESSION["username"] = $_POST["email"];
- $_SESSION["id_user"] = $user['id'];
- $user_id = $_SESSION['id_user'];
- $_SESSION["auth_ok"] = 1;
- header("Location: pages/index.php");
- $update_last_login = $con->query("UPDATE user SET last_login = now() WHERE $user_id = user.id");
- die();
- } else {
- $_SESSION["email"] = '';
- $_SESSION["auth_ok"] = 0;
- echo "<div class='alert alert-danger fade in'>Wrong Password </div>";
- }
- } else {
- $_SESSION["email"] = '';
- $_SESSION["auth_ok"] = 0;
- echo "<div class='alert alert-danger fade in'>Username doesn't exist </div>";
- }
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
