API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 9th, 2019
163
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.49 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. // Initialize the session
  3. session_start();
  4.  
  5. // Check if the user is already logged in, if yes then redirect him to welcome page
  6. if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
  7. header("location: welcome.php");
  8. exit;
  9. }
  10.  
  11. // Include config file
  12. require_once "config.php";
  13.  
  14. // Define variables and initialize with empty values
  15. $username = $password = "";
  16. $email = $password = "";
  17. $username_err = $password_err = "";
  18. $email_err = $password_err = "";
  19.  
  20. // Processing form data when form is submitted
  21. if($_SERVER["REQUEST_METHOD"] == "POST"){
  22.  
  23. // Check if username is empty
  24. if(empty(trim($_POST["username"] OR ["email"]))){
  25. $username_err OR $email_err = "Please enter username or email";
  26. } else{
  27. $username OR $email = trim($_POST["username"] OR ["email"]);
  28. }
  29.  
  30. // Check if password is empty
  31. if(empty(trim($_POST["password"]))){
  32. $password_err = "Please enter your password.";
  33. } else{
  34. $password = trim($_POST["password"]);
  35. }
  36.  
  37. // Validate credentials
  38. if(empty($username_err) && empty($email_err) && empty($password_err)){
  39. // Prepare a select statement
  40. $sql = "SELECT id, username, email, password FROM users WHERE username OR email = ?, ?";
  41.  
  42. if($stmt = mysqli_prepare($link, $sql)){
  43. // Bind variables to the prepared statement as parameters
  44. mysqli_stmt_bind_param($stmt, "ss", $param_username, $param_email);
  45.  
  46. // Set parameters
  47. $param_username = $username;
  48. $param_email = $email;
  49.  
  50. // Attempt to execute the prepared statement
  51. if(mysqli_stmt_execute($stmt)){
  52. // Store result
  53. mysqli_stmt_store_result($stmt);
  54.  
  55. // Check if username exists, if yes then verify password
  56. if(mysqli_stmt_num_rows($stmt) == 1){
  57. // Bind result variables
  58. mysqli_stmt_bind_result($stmt, $id, $username, $email, $hashed_password);
  59. if(mysqli_stmt_fetch($stmt)){
  60. if(password_verify($password, $hashed_password)){
  61. // Password is correct, so start a new session
  62. session_start();
  63.  
  64. // Store data in session variables
  65. $_SESSION["loggedin"] = true;
  66. $_SESSION["id"] = $id;
  67. $_SESSION["username"] = $username;
  68. $_SESSION["email"] = $email;
  69.  
  70. // Redirect user to welcome page
  71. header("location: welcome.php");
  72. } else{
  73. // Display an error message if password is not valid
  74. $password_err = "The password you entered was not valid.";
  75. }
  76. }
  77. } else{
  78. // Display an error message if username doesn't exist
  79. $username_err = $email_err = "No account found with that username/email";
  80. }
  81. } else{
  82. echo "Oops! Something went wrong. Please try again later.";
  83. }
  84. }
  85.  
  86. // Close statement
  87. mysqli_stmt_close($stmt);
  88. }
  89.  
  90. // Close connection
  91. mysqli_close($link);
  92. }
  93. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!