Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include 'functions.php';
- /*
- * First we retrieve each of the relevant variables and remove any
- * non-alphanumeric characters filter them to protect against things such
- * as SQL Injection.
- */
- $username = isset($_POST['username']) ? $_POST['username'] : '';
- $username = preg_replace("/[^A-Za-z0-9]/", "", $username);
- $password = isset($_POST['password']) ? $_POST['password'] : '';
- $password = preg_replace("/[^A-Za-z0-9]/", "", $password);
- $phoneNum = isset($_POST['phone_number']) ? $_POST['phone_number'] : '';
- $phoneNum = preg_replace("/[^0-9]/", "", $phoneNum);
- $action = isset($_POST['action']) ? $_POST['action'] : '';
- switch ($action) {
- case 'token':
- $message = user_generate_token($username, $phoneNum);
- break;
- case 'login':
- $message = user_login($username, $password);
- break;
- default:
- echo 'do nothing';
- }
- header("Location: index.php?message=" . urlencode($message) . "&action=" . $action);
- ?>
Add Comment
Please, Sign In to add comment