API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 16th, 2017
149
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.02 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /*
  4. ERROR HANDLING
  5. */
  6. declare(strict_types=1);
  7. ini_set('display_errors', '1');
  8. ini_set('display_startup_errors', '1');
  9. error_reporting(E_ALL);
  10. mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
  11.  
  12. include 'config.php';
  13.  
  14. // check if user is already logged in
  15. if (is_logged() === true)
  16. {
  17. //Redirect user to homepage page after 5 seconds.
  18. header("refresh:2;url=home.php");
  19. exit;
  20. }
  21.  
  22.  
  23. if ($_SERVER['REQUEST_METHOD'] == "POST")
  24. {
  25. if (isset($_POST["login_username_or_email"]) &&
  26. isset($_POST["login_password"]))
  27. {
  28. $username_or_email = trim($_POST["login_username_or_email"]); //
  29. I rid the mysqli_real_escape_string based on Mac_Guyver's
  30. suggestion.
  31. $password = $_POST["login_password"];
  32. $hashed_password = password_hash($password, PASSWORD_DEFAULT);
  33.  
  34. //Select Username or Email to check against Mysql DB if they are
  35. already registered or not.
  36. $stmt = mysqli_stmt_init($conn);
  37.  
  38. $stmt = mysqli_prepare($conn, "SELECT usernames, emails FROM
  39. users WHERE usernames = ? OR emails = ?");
  40. mysqli_stmt_bind_param($stmt, 'ss', $username,
  41. $email_confirmation);
  42. mysqli_stmt_execute($stmt);
  43. $result = mysqli_stmt_get_result($stmt);
  44.  
  45. $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
  46. */
  47.  
  48. if(strpos("$username_or_email", "@") === true)
  49. {
  50. $email = $username_or_email;
  51. $username = "";
  52. $stmt = mysqli_prepare($conn, "SELECT emails FROM users
  53. WHERE emails = ?");
  54. mysqli_stmt_bind_param($stmt, 's', $email);
  55. }
  56. else
  57. {
  58. $username = $username_or_email;
  59. $email = "";
  60. $stmt = mysqli_prepare($conn, "SELECT usernames FROM
  61. users WHERE usernames = ?");
  62. mysqli_stmt_bind_param($stmt, 's', $username);
  63. }
  64. mysqli_stmt_execute($stmt);
  65. $result = mysqli_stmt_get_result($stmt);
  66.  
  67. $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
  68. printf("%s (%s)n",$row["usernames"],$row["passwords"]);
  69. var_dump($row);
  70.  
  71. // Check if inputted Username or Email is registered or not.
  72.  
  73. if (!$result) // either this paragraph or ...
  74. {
  75. echo Incorrect User Credentials!";
  76. exit;
  77. }
  78. elseif (password_verify($password, $row['passwords']))
  79. {
  80. if($row['accounts_activations_statuses'] == '0')
  81. {
  82. echo "You have not activated your
  83. account yet! Check your email for instructions
  84. .";
  85. exit;
  86. }
  87. }
  88. else
  89. {
  90. //If 'Remember Me' check box is checked then set the
  91. cookie.
  92. //if (isset($_POST['login_remember']) &&
  93. $_post['login_remember'] == "on")
  94. {
  95. setcookie("login_username", $username, time()+
  96. (10*365*24*60*60));
  97. }
  98. else
  99. {
  100. //If Cookie is available then use it to auto log
  101. user into his/her account!
  102. if (isset($_COOKIE['login_username']))
  103. {
  104. setcookie("login_username","","");
  105. }
  106. }
  107. $_SESSION["user"] = $username;
  108. header("location:home.php?user=$username");
  109. }
  110. }
  111. }
  112.  
  113. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!