Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- require("connect.php");
- if(isset($_SESSION["user"])){
- #Check to see if the user has requested to confirm there account from the code sent to there email
- if(isset($_POST["confirm"])){
- $confirmcode = $_POST["confirmcode"];
- #Retrieve users confirm code from database
- $sqlgetconfirm = "SELECT confirmcode FROM users WHERE username='".$_SESSION["user"]."'";
- $resgetconfirm = mysql_query($sqlgetconfirm);
- while($row = mysql_fetch_array($resgetconfirm)){
- $confirmcodegot = $row["confirmcode"];
- }
- if($confirmcodegot == $confirmcode){
- $sqlconfirmed = "UPDATE users SET confirmed=1 WHERE username='".$_SESSION["user"]."'";
- mysql_query($sqlconfirmed);
- header("location: index.php?confirmed=true");
- }else{
- echo "<h1 style='color:red;'>Incorrect confirmation code!</h1>";
- }
- }
- echo "Welcome ".$_SESSION["user"];
- echo "<form action='' method='post'><input type='submit' placeholder='logout' name='logout' value='Logout'></form>";
- $user = $_SESSION["user"];
- #Check to see if account has been confirmed
- $sqlconfirm = "SELECT confirmed, email FROM users WHERE username='".$user."'";
- $resconfirm = mysql_query($sqlconfirm);
- while($row = mysql_fetch_array($resconfirm)){
- $confirmed = $row["confirmed"];
- $email = $row["email"];
- }
- if($confirmed == 0){
- echo '<h1 style="color:red">Please confirm your account. An email has been sent to '.$email.'</h1>';
- echo '
- <form action="" method="post">
- <input type="text" name="confirmcode" palceholder="Confirm Code">
- <input type="submit" value="Confirm" name="confirm">
- </form>
- ';
- }
- } else {
- echo '<html>
- <form action="" method="post">
- <h2>Login</h2>
- <input type="text" name="username" placeholder="Username">
- <input type="password" name="password" placeholder="Password">
- <input type="submit" name="submit">
- <h4><i>Dont have an account yet? <a href="register.php">Sign up</a>
- </form>
- </html>';
- }
- #Check to see if the user has successfully confirmed there email
- if(isset($_GET["confirmed"])){
- echo '<h1 style="color:green">Successfully confirmed your email!</h1>';
- sleep(2);
- header("location: index.php");
- }
- #Check to see if user has requested to logout
- if(isset($_POST["logout"])){
- session_destroy();
- header("location: index.php?loggedout=true");
- }
- if(isset($_GET["loggedout"])){
- echo '<h1 style="color:red">Successfully logged out!</h1>';
- }
- #Login and create session
- if(isset($_POST["submit"])){
- $username = $_POST["username"];
- $password = $_POST["password"];
- $sql = "SELECT * FROM users WHERE username='".$username."' AND password='".$password."'";
- $res = mysql_query($sql);
- if(mysql_num_rows($res) < 1){
- echo '<h1 style="color:red">Account not found! Try again.</h1>';
- }else{
- echo "<h1 style='color:green;'>";
- echo "User account found...";
- echo "Creating session...";
- echo "</h1>";
- $_SESSION["user"] = $username;
- header("location: index.php");
- }
- }
- ?>
- -- Register page
- <?php
- require("connect.php");
- if(isset($_SESSION["user"])){
- echo "You are already logged in!";
- echo "Redirecting to home page...";
- sleep(3);
- header("location: index.php");
- }else{
- echo '
- <html>
- <form action="" method="post">
- <input type="text" name="username" placeholder="Username">
- <input type="email" name="email" placeholder="Email">
- <input type="email" name="emailretype" placeholder="Retype Email">
- <input type="password" name="password" placeholder="Password">
- <input type="password" name="passwordretype" placeholder="Retype Password">
- <input type="submit" name="submit">
- </form>
- ';
- if(isset($_POST["submit"])){
- $username = $_POST["username"];
- $email = $_POST["email"];
- $emailretype = $_POST["emailretype"];
- $password = $_POST["password"];
- $passwordretype = $_POST["passwordretype"];
- #Check if the user forgot any values
- if(empty($username) or empty($email) or empty($emailretype) or empty($password) or empty($passwordretype)){echo "<h1 style='color:red;'>You've forgot to input somthing!</h1>";} else {
- if($email == $emailretype){
- if($password == $passwordretype){
- #Generate a confirmation code
- $confirmationcode = rand(1,9).rand(1,9).rand(1,9).rand(1,9);
- echo $confirmationcode;
- #code to register
- $sql = "SELECT * FROM users WHERE username='".$username."' OR email='".$email."'";
- $res = mysql_query($sql);
- if(mysql_num_rows($res) > 0){
- echo "<h1 style='color:red;'>An account with this username or email already exists!</h1>";
- }else{
- $sql2 = "INSERT INTO users (username, email, password, confirmcode) VALUES ('".$username."', '".$email."', '".$password."', '".$confirmationcode."')";
- $res2 = mysql_query($sql2);
- if(!$res2){
- echo "<h1 style='color:red;'>An error occured! Please retry.</h1>";
- }else{
- echo "<h1 style='color:greed;'>Account created! Login <a href='index.php'>Here</a></h1>";
- #$to = $email;
- #$subject = "Please confirm your email!";
- #$txt = "Please confirm your email on the login page. This is your unique code: ". $confirmationcode;
- #$headers = "From: admin@willhelstrip.co.uk";
- #mail($to,$subject,$txt,$headers);
- }
- }
- }else{
- echo "<h1 style='color:red;'>Your passwords did not match!</h1>";
- }
- }else{
- echo "<h1 style='color:red;'>Your emails did not match!</h1>";
- }
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement