Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- //include ircmaxell's password_compat library
- require 'lib/password.php';
- //include MySQL conn
- require 'phpscripts/connect.php';
- $database = new DB;
- $database->dbConn();
- class Login {
- private $errors = array();
- function login() {
- if (isset($_POST['login'])) {
- $username = !empty($_POST['username']) ? trim($_POST['username']) : null;
- $password = !empty($_POST['password']) ? trim($_POST['password']) : null;
- //retrive the user information for the username
- $sql = "SELECT id, username, password FROM users WHERE username = :username";
- $stmt = $database->db->prepare($sql);
- $stmt->bindValue(':username', $username);
- $stmt->execute();
- $result = $stmt->fetch(PDO::FETCH_ASSOC);
- if($result !== FALSE) {
- //compare the passwords
- $validPassword = password_verify($password, $result['password']);
- if ($validPassword == TRUE) {
- $_SESSION['user_id'] = $result['id'];
- $_SESSION['user'] = $result['username'];
- $_SESSION['now_logged'] = TRUE;
- $_SESSION['logged_in'] = time();
- header('Location: index.php');
- }
- else {
- //passwords don't match
- $stmt = NULL;
- $db = NULL;
- $result = NULL;
- array_push($this->errors, "Invalid password!");
- }
- }
- else {
- $stmt = NULL;
- $db = NULL;
- $result = NULL;
- array_push($this->errors, "Invalid username!");
- }
- }
- }
- }
- $login = new Login;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
