Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require('db.php');
- // should add better validation of form submission
- if (isset($_POST['username'])) {
- $hash = password_hash($_POST['password'], PASSWORD_BCRYPT, array('cost' => 10));
- $stmt = $con->prepare('INSERT into users (username, password, email, trn_date) VALUES (?, ?, ?, ?)');
- $stmt->bind_param('ssss', $_POST['username'], $hash, $_POST['email'], date("Y-m-d H:i:s"));
- $result = $stmt->execute();
- if($result){
- echo "<div class='content_landing'><div class='form'><h3>You are registered successfully.</h3><p>Click here to <a href='login_page.php'>Login</a></p></div></div>";
- }
- }else{ ?>
- <!-- header ends here -->
- <!-- ****************************************** -->
- <!-- enquiry / newsletter / login / register goes here -->
- <div class="container">
- </div>
- <div class="clear"></div>
- <!-- Main page content goes here -->
- <div class="content_landing">
- <p><div class="form">
- <h1>Registration</h1>
- <form name="registration" action="" method="post">
- <input type="text" name="username" placeholder="Username" required /><br>
- <input type="email" name="email" placeholder="Email" required /><br>
- <input type="password" name="password" placeholder="Password" required /><br>
- <input type="submit" name="submit" value="Register" />
- </form>
- </div></p>
- <?php } ?>
- </div>
- </div>
- <!-- Ends here -->
- <!-- ****************************************** -->
- <div class="clear"></div>
- <!-- *Footer goes here -->
- <?php include_once("footer.php");?>
- <!-- Footer ends here -->
- <?php
- require('db.php');
- // If form submitted, insert values into the database.
- if (isset($_POST['username'])){
- $username = stripslashes($_REQUEST['username']); // removes backslashes
- $username = mysqli_real_escape_string($con,$username); //escapes special characters in a string
- $password = stripslashes($_REQUEST['password']);
- $password = mysqli_real_escape_string($con,$password);
- //Checking is user existing in the database or not
- $query = "SELECT 'username' FROM 'users' WHERE username='?'";
- $result = mysqli_query($con,$query) or die(mysql_error());
- $rows = mysqli_num_rows($result);
- if($rows==1);
- if (password_verify($password, $row['password'])) {
- $_SESSION['username'] = $username;
- header("Location: shows.php"); // Redirect user to index.php
- }else{
- echo "<div class='form'><h3>Username/password is incorrect.</h3><br/>Click here to <a href='login.php'>Login</a></div>";
- }
- }else{
- ?>
- <div class="form">
- <h2>Log In to view Prices and Specials</h2>
- <form action="" method="post" name="login">
- <input type="text" name="username" placeholder="Username" required /><br>
- <input type="password" name="password" placeholder="Password" required /><br>
- <input name="submit" type="submit" value="Login" />
- </form>
- <p>Not registered yet? <a href='registration.php'>Register Here</a></p>
- </div>
- <?php } ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement