Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- //initializing variables
- $username = "";
- $email = "";
- $errors = array();
- //connect to db
- $db = mysqli_connect('localhost','root','','login') or die("could not connect to database");
- //Register user
- if(isset($_POST['reg_user'])){
- $username = mysqli_real_escape_string($db, $_POST['username']);
- $email = mysqli_real_escape_string($db, $_POST['email']);
- $password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
- $password_2 = mysqli_real_escape_string($db, $_POST['password_2']);
- //form validation
- if(empty($username)){array_push($errors, "Username is required");}
- if(empty($email)){array_push($errors, "Email is required");}
- if(empty($password_1)){array_push($errors, "Password is required");}
- if($password_1 != $password_2){array_push($errors, "Passwords do not match");
- }
- // check db for existing user with same username
- $user_check_query = "SELECT * FROM user WHERE username = '$username' or email = '$email' LIMIT 1";
- $results = mysqli_query($db, $user_check_query);
- $user = mysqli_fetch_assoc($result);
- if($user){
- if($user['username'] === $username){
- array_push($errors, "Username already exists");
- }
- if($user['email'] === $email){
- array_push($errors, "This email id already has a registered username");
- }
- }
- //Register the userif no error
- if(count($errors) == 0){
- $password = md5($password_1); //this will encrypt password
- $query = "INSERT INTO user (username, email, password) VALUES ('$username', '$email', '$password')";
- mysqli_query($db,$query);
- $_SESSION['username'] = $username;
- $_SESSION['success'] = "You are now logged in";
- header('location: index.php');
- }
- }
- //Login user
- if(isset($_POST['login_user'])){
- $username = mysqli_real_escape_string($db, $_POST['username']);
- $password = mysqli_real_escape_string($db, $_POST['password_1']);
- if(empty($username)){
- array_push($errors, "Username is required");
- }
- if(empty($password)){
- array_push($errors, "Password is required");
- }
- if(count($errors) == 0){
- $password = md5($password);
- $query = "SELECT * FROM user WHERE username='$username' AND password='$password'";
- $results = mysqli_query($db, $query);
- if(mysqli_num_rows($results)){
- $_SESSION['username'] = $username;
- $_SESSION['succes'] = "Logged in successfully";
- header('location: index.php');
- }else{
- array_push($errors, "Wrong username/password combination. Please try again.");
- }
- }
- }
- ?>
- if(isset($_SESSION['username'])){
- $_SESSION['msg'] = "You must log in to view this page";
- header("location : login.php");
- }
- if(isset($_GET['logout'])){
- session_destroy();
- unset($_SESSION['username']);
- header("location : login.php");
- }
- ?>
- <!doctype html>
- <html>
- <head>
- <title>Home</title>
- </head>
- <body>
- <div class="header">
- <h2>Home Page</h2>
- </div>
- <div class="content">
- <!-- notification message -->
- <?php if(isset($_SESSION['success'])) : ?>
- <div class="error success" >
- <h3>
- <?php
- echo $_SESSION['success'];
- unset($_SESSION['success']);
- ?>
- </h3>
- </div>
- <?php endif ?>
- <!-- logged in user information -->
- <?php if (isset($_SESSION['username'])) : ?>
- <h3>Welcome</h3>
- }
- <button><a href="index.php?logout='1'"></a></button>
- <?php endif ?>
- </div>
- </body>
- </html>
Add Comment
Please, Sign In to add comment