<?php/*ERROR HANDLING*/declare(strict_types=1);ini_set('display_errors', '

1. <?php
2.  
3. /*
4. ERROR HANDLING
5. */
6. declare(strict_types=1);
7. ini_set('display_errors', '1');
8. ini_set('display_startup_errors', '1');
9. error_reporting(E_ALL);
10. mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
11.  
12. include 'config.php';
13.  
14. // check if user is already logged in
15. if (is_logged() === true)
16. {
17. //Redirect user to homepage page after 5 seconds.
18. header("refresh:2;url=home.php");
19. exit; //
20. }
21.  
22.  
23. if ($_SERVER['REQUEST_METHOD'] == "POST")
24. {
25. if (isset($_POST["login_username_or_email"]) &&
26. isset($_POST["login_password"]))
27. {
28. $username_or_email = trim($_POST["login_username_or_email"]); //
29. $password = $_POST["login_password"];
30.  
31. //Select Username or Email to check against Mysql DB if they are
32. already registered or not.
33. $stmt = mysqli_stmt_init($conn);
34.  
35. if(strpos("$username_or_email", "@"))
36. {
37. $email = $username_or_email;
38. $username = "";
39.  
40. $query = "SELECT ids, usernames, passwords, emails,
41. accounts_activations_statuses FROM users WHERE emails = ?";
42. $stmt = mysqli_prepare($conn, $query);
43. mysqli_stmt_bind_param($stmt, 's', $email);
44. mysqli_stmt_execute($stmt);
45. //$result = mysqli_stmt_get_result($stmt); //Which line to use ?
46. This line or the next ?
47. $result = mysqli_stmt_bind_result($stmt, $db_id, $db_username,
48. $db_password, $db_email, $db_account_activation_status); //
49. Which line to use ? This line or the one above ?
50. }
51. else
52. {
53. $username = $username_or_email;
54. $email = "";
55. $query = "SELECT ids, usernames, passwords, emails,
56. accounts_activations_statuses FROM users WHERE usernames = ?";
57. $stmt = mysqli_prepare($conn, $query);
58. mysqli_stmt_bind_param($stmt, 's', $username);
59. mysqli_stmt_execute($stmt);
60. //$result = mysqli_stmt_get_result($stmt); //Which line to use ?
61. This line or the next ?
62. $result = mysqli_stmt_bind_result($stmt, $db_id, $db_username,
63. $db_password, $db_email, $db_account_activation_status); //
64. Which line to use ? This line or the one above ?
65. }
66.  
67. $row = mysqli_stmt_fetch($stmt); //Which line to use ? This line or
68. 2 of the next 2 ?
69.  
70. mysqli_stmt_close($stmt);
71.  
72. printf("%s (%s)n",$row["usernames"],$row["passwords"]);
73.  
74. if ($result == false)
75. {
76. echo "No result!";// For debugging purpose!
77. exit();
78. }
79. elseif ($row['accounts_activations_statuses'] == '0')
80. {
81. {
82. echo "You have not activated your account yet! Check your
83. email for instructions on how to activate it.
84. Check your spam folder if you don't find an email from us.";
85. exit();
86. }
87. }
88. else
89. {
90.  
91. if (password_verify($password, $db_password))
92. {
93. echo "IF triggered for password_verify! password_verify ok";
94. // For debugging purpose!
95.  
96. $_SESSION["user"] = $username;
97. header("location:home.php?user=$username");
98. }
99. else
100. {
101. echo "Incorrect User Credentials !';<br>";
102. exit();
103. }
104. }
105. }