REGISTER________<?phprequire_once("dbconnect.php");$error = null;i

1. REGISTER
2. ________
3. <?php
4. require_once("dbconnect.php");
5.  
6. $error = null;
7.  
8. if(isset($POST['btn-register'])){
9. $email = trim($_POST['email']);
10. $email = strip_tags($email);
11. $email = htmlentities($email, ENT_QUOTES);
12.  
13. $pass = trim($_POST['password']);
14. $pass = strip_tags($pass);
15. $pass = htmlentities($pass, ENT_QUOTES);
16.  
17. $user = trim($_POST['user']);
18. $user = strip_tags($user);
19. $user = htmlentities($user, ENT_QUOTES);
20.  
21. $mysqli_query = sprintf("SELECT userEmail FROM users WHERE userEmail = '$email'", mysqli_real_escape_string($db, $email));
22. $conn = $db->query($mysqli_query);
23.  
24. if (strlen($pass) > 6) {
25. if ($conn->num_rows <= 0) {
26. $conn->close();
27. $mysqli_query = sprintf("SELECT userName FROM users WHERE userName = '$user'", mysqli_real_escape_string($db, $user));
28. $conn = $db->query($mysqli_query);
29. if ($conn->num_rows <= 0) {
30. $conn->close();
31. $stmt = $db->prepare("INSERT INTO users (userName, userPassword, userEmail) VALUES (?, ?, ?)");
32. $stmt->bind_param("sss", $user, $password, $email);
33. $password = password_hash($pass, PASSWORD_BCRYPT);
34. $stmt->execute();
35. echo "Successfully registered";
36. exit;
37. }
38. else {
39. $error = "Username is already taken";
40. echo $error;
41. exit;
42. }
43. }
44. else {
45. $error = "Email is already taken";
46. echo $error;
47. exit;
48. }
49. }
50. else {
51. $error = "Password most be higher than 6";
52. echo $error;
53. exit;
54. }
55. }
56. ?>
57.  
58. LOGIN
59. _____
60.  
61. <?php
62. session_start();
63. require_once("dbconnect.php");
64.  
65. $error = null;
66.  
67. if(isset($_POST['btn-login'])) {
68.  
69. $email = trim($_POST['email']);
70. $email = strip_tags($email);
71. $email = htmlentities($email, ENT_QUOTES);
72.  
73. $pass = trim($_POST['password']);
74. $pass = strip_tags($pass);
75. $pass = htmlentities($pass, ENT_QUOTES);
76.  
77. if(!empty($email && $pass)) {
78. $stmt = $db->prepare("SELECT userId, userName, userPass FROM users WHERE userEmail = '$email'");
79. $stmt->execute();
80. $row = $stmt->fetch();
81. $password = password_hash($pass, PASSWORD_BCRYPT);
82.  
83. if($stmt->num_rows >= 0 && $row['userPass'] == $password) {
84. $_SESSION['user'] = $row['userId'];
85. header('Location: home.php');
86. }
87. else {
88. $error = "Incorrect Credentials, Try again...";
89. echo $error;
90. exit;
91. }
92. }
93.  
94. if(empty($email)) {
95. $error = "Please enter your email address.";
96. echo $error;
97. exit;
98. }
99.  
100. elseif(!filter_var($email, FILTER_VALIDATE_EMAIL)) {
101. $error = "Please enter a valid email address.";
102. echo $error;
103. exit;
104. }
105.  
106. if(empty($pass)) {
107. $error = "Please enter your password.";
108. echo $error;
109. exit;
110. }
111. }
112. ?>
113.  
114. DBCONNECT
115. _________
116.  
117. <?php
118. $servername = "localhost";
119. $username = "root";
120. $password = "";
121. $dbname = "test";
122. $db = new mysqli($servername, $username, $password, $dbname);
123.  
124. if ($db->connect_error) {
125. die("Connection failed: " . $db->connect_error);
126. }
127. ?>