Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- include 'class.php';
- $con1=new Connect('root','','localhost','ablashimov');
- if(isset($_POST['enter'])){
- $data = array_map('trim', $_POST);
- $data = array_map('strip_tags', $data);
- $data['password'] = md5($data['password']);
- $user = $con1->selectLoginPassword('users', $data);
- if($user){
- $_SESSION = $user;
- }
- else{
- ?>
- <p style='color:red'>Неверный логин и/или пароль</p>
- <?php }
- }
- if(!isset($_SESSION['login'])):
- ?>
- <form method="POST">
- <input type='text' name='login' required />
- <input type='password' name='password' required />
- <input type="submit" name='enter' value='Войти'>
- </form>
- <?php else:?>
- ДОбро пожаловать на наш сайт,
- <?php
- echo $_SESSION['login'].'<br>';
- ?>
- <a href='profile.php'>ваш профиль</a><br>
- <a href='logout.php'>Выйти</a>
- <?php endif; ?>
- <?php
- class Connect
- {
- private $user;
- private $pass;
- private $host;
- private $db;
- private $dsn;
- private $pdo;
- public function __construct($userName, $userPassword, $host, $db)
- {
- $opt=array(
- PDO::ATTR_ERRMODE=>PDO::ERRMODE_EXCEPTION,
- PDO::ATTR_DEFAULT_FETCH_MODE=>PDO::FETCH_ASSOC
- );
- $this->user = $userName;
- $this->pass = $userPassword;
- $this->host = $host;
- $this->db = $db;
- $this->pdo = new PDO($this->settings(), $userName, $userPassword,$opt);
- }
- public function getUserName()
- {
- return $this->user;
- }
- public function getPass()
- {
- return $this->pass;
- }
- public function getHost()
- {
- return $this->host;
- }
- public function getDataBase()
- {
- return $this->db;
- }
- public function settings()
- {
- $this->dsn = "mysql:host={$this->host};dbname={$this->db}";
- return $this->dsn;
- }
- public function update($table, $column, $value,$param,$param2)
- {
- $sql="UPDATE $table SET $column='$value' WHERE $param=$param2";
- return $this->pdo->prepare($sql)->execute([':value' => $value]);
- }
- public function insert($table, $column, $value)
- {
- $sql = "INSERT INTO $table ($column) VALUES(:value);";
- return $this->pdo->prepare($sql)->execute([':value' => $value]);
- }
- public function delet($table,$param=null,$param2=null)
- {
- $sql="DELETE FROM $table WHERE $param=$param2";
- return $this->pdo->query($sql);
- }
- public function select($arr)
- {
- $sql = 'SELECT * From users WHERE `password` = "'.$arr['password'].'"';
- $stm=$this->pdo->query($sql);
- $value = $stm->fetch();
- return $value;
- }
- public function getAll($table) {
- $sql = "SELECT * From $table";
- $stm=$this->pdo->query($sql);
- return $users = $stm->fetchAll();
- }
- public function multipleSelect($table, $idArr) {
- $in=str_repeat('?,',count($idArr)-1).'?';
- $sql='SELECT * FROM $table WHERE id IN ($in)';
- $stm=$this->pdo->prepare($sql);
- $stm->execute($idArr);
- $data=$stm->fetchall();
- return $data;
- }
- public function selectLoginPassword($table, $arr) {
- $sql = 'SELECT * From `'.$table.'` WHERE `login` = "'.$arr['login'].'" AND `password` = "'.$arr['password'].'"';
- $stm=$this->pdo->query($sql);
- $value = $stm->fetch();
- return $value;
- }
- }
- ?>
- <?php
- session_start();
- session_destroy();
- header('Location: auth.php'); //переадресовываем пользователя на страницу авторизации
- ?>
- <?php
- session_start();
- if(!isset($_SESSION['login'])):
- echo "Доступ закрыт";
- else:
- ?>
- <h2>профиль пользователя</h2>
- <?php
- foreach($_SESSION as $key=> $val)
- echo $_SESSION[$key].'<br>';
- endif?>
Add Comment
Please, Sign In to add comment