Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include 'session.inc';
- include 'account_type.php';
- $user_email = $_POST['email'];
- $user_password = $_POST['password'];
- if ($user_email && $user_password !== null) {
- $approved = auth_user($user_email, $user_password);
- if (isset($_SESSION['username'])) {
- header('Location:http://blog.agwconitsha.org/');
- }
- else if (!isset($_SESSION['error'])) {
- $_SESSION['username'] = $approved;
- foreach(unserialize(file_get_contents('all_users.php')) as $user => $value) {
- if ($value == $approved) {
- $user->set_last_login();
- }
- }
- header('Location: http://blog.agwconitsha.org/');
- }
- }
- function auth_user($email, $password){
- $mysqli = mysqli_connect("localhost", "root", "41657", "general_db");
- $query = "SELECT username, password FROM users WHERE email=$email";
- if (mysqli_connect_errno()) {
- die("Did not authenticate user because" . mysqli_connect_error());
- }
- else {
- if ($registered = mysqli_query($mysqli, $query)) {
- if (mysqli_num_rows($registered) == 0 || (!password_verify($password, mysqli_fetch_assoc($registered)['password']))) {
- return $_SESSION['error'] = 'incorrect email or password';
- }
- else {
- while ($row = mysqli_fetch_assoc($registered)){
- return $row['username'];
- };
- }
- mysqli_close($registered);
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement