Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include_once 'config/db.php';
- function validate($string) {
- $a = $string;
- $a = str_replace("'", "", $a);
- $a = str_replace('"', "", $a);
- $a = htmlspecialchars($a);
- return $a;
- }
- if($_SERVER["REQUEST_METHOD"] == "GET")
- {
- $name=$password="";
- $nameErr=$passwordErr="";
- $signup="";
- }
- if($_SERVER["REQUEST_METHOD"] == "POST")
- {
- $name = validate($_POST["name"]);
- $password = $_POST["password"];
- if(empty($name))
- {
- $nameErr = "missing username!";
- }
- else
- {
- $stmt = $db->prepare("SELECT * FROM users WHERE username= :username");
- $stmt->bindValue(':username', $name);
- $result = $stmt->execute();
- if($result->fetchArray(SQLITE3_ASSOC)["username"] == "") {
- $nameErr = "user name does not exist!";
- $signup = "<br><br><p>don't have an account? <a href='/signup'>sign up</a></p>";
- }
- $stmt->close();
- }
- if(empty($password))
- {
- $passwordErr = "missing password!";
- }
- else
- {
- $stmt = $db->prepare("SELECT * FROM users WHERE username= :username");
- $stmt->bindValue(':username', $name);
- $result = $stmt->execute();
- $hash = $result->fetchArray(SQLITE3_ASSOC)["hash"];
- var_dump($hash);
- var_dump($password);
- if(password_verify($password, $hash)) {
- $nameErr="Passwords match!";
- } else {
- $passwordErr = "wrong password!" ;
- }
- }
- if($nameErr == "" && $passwordErr == "")
- {
- header("location: home");
- }
- }
- ?>
- <!DOCTYPE html>
- <html>
- <head>
- <?php
- $title = "LOG IN";
- include("layout/head.php");
- ?>
- </head>
- <body>
- <?php include("layout/body.php");?>
- <main class="container p-5">
- <form method="POST" action = "">
- <div class="form-group">
- <span class="error">*</span><input type="text" class="form-control" placeholder="username" name="name" value = <?php echo $name;?>>
- <br><span class="error"><?php echo $nameErr; ?></span>
- </div>
- <div class="form-group">
- <span class="error">*</span><input type="password" class="form-control" placeholder="password" name="password" value = "">
- <br><span class="error"><?php echo $passwordErr; ?></span>
- </div>
- <button class="btn btn-primary">Log In</button>
- <?=$signup?>
- </form>
- </main>
- </body>
- </html>
Add Comment
Please, Sign In to add comment