Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- ERROR HANDLING
- */
- declare(strict_types=1);
- ini_set('display_errors', '1');
- ini_set('display_startup_errors', '1');
- error_reporting(E_ALL);
- mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
- include 'config.php';
- // check if user is already logged in
- if (is_logged() === true)
- {
- //Redirect user to homepage page after 5 seconds.
- header("refresh:2;url=home.php");
- exit;
- }
- if ($_SERVER['REQUEST_METHOD'] == "POST")
- {
- if (isset($_POST["login_username_or_email"]) &&
- isset($_POST["login_password"]))
- {
- $username_or_email = trim($_POST["login_username_or_email"]); //
- I rid the mysqli_real_escape_string based on Mac_Guyver's
- suggestion.
- $password = $_POST["login_password"];
- $hashed_password = password_hash($password, PASSWORD_DEFAULT);
- //Select Username or Email to check against Mysql DB if they are
- already registered or not.
- $stmt = mysqli_stmt_init($conn);
- $stmt = mysqli_prepare($conn, "SELECT usernames, emails FROM
- users WHERE usernames = ? OR emails = ?");
- mysqli_stmt_bind_param($stmt, 'ss', $username,
- $email_confirmation);
- mysqli_stmt_execute($stmt);
- $result = mysqli_stmt_get_result($stmt);
- $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
- */
- if(strpos("$username_or_email", "@") === true)
- {
- $email = $username_or_email;
- $username = "";
- $stmt = mysqli_prepare($conn, "SELECT emails FROM users
- WHERE emails = ?");
- mysqli_stmt_bind_param($stmt, 's', $email);
- }
- else
- {
- $username = $username_or_email;
- $email = "";
- $stmt = mysqli_prepare($conn, "SELECT usernames FROM
- users WHERE usernames = ?");
- mysqli_stmt_bind_param($stmt, 's', $username);
- }
- mysqli_stmt_execute($stmt);
- $result = mysqli_stmt_get_result($stmt);
- $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
- printf("%s (%s)n",$row["usernames"],$row["passwords"]);
- var_dump($row);
- // Check if inputted Username or Email is registered or not.
- if (!$result) // either this paragraph or ...
- {
- echo Incorrect User Credentials!";
- exit;
- }
- elseif (password_verify($password, $row['passwords']))
- {
- if($row['accounts_activations_statuses'] == '0')
- {
- echo "You have not activated your
- account yet! Check your email for instructions
- .";
- exit;
- }
- }
- else
- {
- //If 'Remember Me' check box is checked then set the
- cookie.
- //if (isset($_POST['login_remember']) &&
- $_post['login_remember'] == "on")
- {
- setcookie("login_username", $username, time()+
- (10*365*24*60*60));
- }
- else
- {
- //If Cookie is available then use it to auto log
- user into his/her account!
- if (isset($_COOKIE['login_username']))
- {
- setcookie("login_username","","");
- }
- }
- $_SESSION["user"] = $username;
- header("location:home.php?user=$username");
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement