API tools faq
paste
Guest User

Untitled

a guest
Nov 17th, 2018
134
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.77 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. include_once 'config/db.php';
  3.  
  4.  
  5.  
  6. function validate($string) {
  7. $a = $string;
  8. $a = str_replace("'", "", $a);
  9. $a = str_replace('"', "", $a);
  10.  
  11. $a = htmlspecialchars($a);
  12.  
  13.  
  14. return $a;
  15. }
  16.  
  17.  
  18. if($_SERVER["REQUEST_METHOD"] == "GET")
  19. {
  20. $name=$password="";
  21. $nameErr=$passwordErr="";
  22. $signup="";
  23. }
  24.  
  25.  
  26.  
  27.  
  28. if($_SERVER["REQUEST_METHOD"] == "POST")
  29. {
  30. $name = validate($_POST["name"]);
  31. $password = $_POST["password"];
  32.  
  33.  
  34. if(empty($name))
  35. {
  36. $nameErr = "missing username!";
  37. }
  38. else
  39. {
  40.  
  41. $stmt = $db->prepare("SELECT * FROM users WHERE username= :username");
  42. $stmt->bindValue(':username', $name);
  43.  
  44. $result = $stmt->execute();
  45.  
  46. if($result->fetchArray(SQLITE3_ASSOC)["username"] == "") {
  47. $nameErr = "user name does not exist!";
  48. $signup = "<br><br><p>don't have an account? <a href='/signup'>sign up</a></p>";
  49. }
  50. $stmt->close();
  51. }
  52.  
  53. if(empty($password))
  54. {
  55. $passwordErr = "missing password!";
  56. }
  57. else
  58. {
  59.  
  60.  
  61. $stmt = $db->prepare("SELECT * FROM users WHERE username= :username");
  62. $stmt->bindValue(':username', $name);
  63.  
  64. $result = $stmt->execute();
  65. $hash = $result->fetchArray(SQLITE3_ASSOC)["hash"];
  66.  
  67.  
  68. var_dump($hash);
  69. var_dump($password);
  70.  
  71.  
  72.  
  73.  
  74. if(password_verify($password, $hash)) {
  75.  
  76. $nameErr="Passwords match!";
  77.  
  78. } else {
  79.  
  80. $passwordErr = "wrong password!" ;
  81.  
  82. }
  83.  
  84.  
  85. }
  86.  
  87. if($nameErr == "" && $passwordErr == "")
  88. {
  89. header("location: home");
  90. }
  91. }
  92.  
  93.  
  94.  
  95.  
  96.  
  97. ?>
  98.  
  99. <!DOCTYPE html>
  100.  
  101.  
  102. <html>
  103.  
  104. <head>
  105.  
  106. <?php
  107. $title = "LOG IN";
  108. include("layout/head.php");
  109. ?>
  110. </head>
  111. <body>
  112. <?php include("layout/body.php");?>
  113.  
  114. <main class="container p-5">
  115.  
  116. <form method="POST" action = "">
  117. <div class="form-group">
  118. <span class="error">*</span><input type="text" class="form-control" placeholder="username" name="name" value = <?php echo $name;?>>
  119. <br><span class="error"><?php echo $nameErr; ?></span>
  120. </div>
  121. <div class="form-group">
  122. <span class="error">*</span><input type="password" class="form-control" placeholder="password" name="password" value = "">
  123. <br><span class="error"><?php echo $passwordErr; ?></span>
  124. </div>
  125.  
  126. <button class="btn btn-primary">Log In</button>
  127. <?=$signup?>
  128.  
  129. </form>
  130.  
  131. </main>
  132.  
  133. </body>
  134. </html>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!