<?phprequire_once 'connect.php';if((isset($_SESSION['user']) AND trim( $_SES

1. <?php
2. require_once 'connect.php';
3. if((isset($_SESSION['user']) AND trim( $_SESSION['user'] ) != "") OR ( isset($_COOKIE['remember_me']) AND trim($_COOKIE['remember_me'] ) != "" ) ) {
4. header('Location: profile.php');
5. exit;
6. }
7. $error = '';
8.  
9. try {
10. if (isset($_POST['login'])) {
11.  
12. $username = $_POST['username'];
13. $password = $_POST['password'];
14.  
15. //Retrieve the field values from our registration form.
16. // $username = !empty($_POST['username']) ? trim($_POST['username']) : null;
17. // $password = !empty($_POST['password']) ? trim($_POST['password']) : null;
18.  
19.  
20. //Construct the SQL statement and prepare it.
21. $sql = "SELECT
22. id AS id,
23. username AS username,
24. password AS password,
25. email AS email,
26. phone AS phone,
27. address AS address,
28. first_name AS first_name,
29. last_name AS last_name,
30. age AS age
31. FROM
32. users
33. WHERE
34. username = ?
35. ";
36. $stmt = $pdo->prepare($sql);
37. $stmt->execute([$username]);
38. $user = $stmt->fetch(PDO::FETCH_ASSOC);
39.  
40. $passwordHash = $user['password'];
41. if (!password_verify($password, $passwordHash)) {
42. setcookie('remember_me', '', time() - 100000);
43. throw new Exception("Wrong username or password!");
44. }
45. else {
46. if($_POST['remember']) {
47. $month = time() + 3600 * 24 * 30;
48. setcookie('remember_me', $_POST['username'], $month);
49. }
50. elseif(!$_POST['remember']) {
51. $past = time() - 100;
52. setcookie('remember_me', '', $past);
53. }
54.  
55. $hour = time() + 3600;
56. setcookie('ID_my_site', $_POST['username'], $hour);
57.  
58. $_SESSION['id'] = $user['id'];
59. $_SESSION['user'] = $user['username'];
60. header('Location: profile.php'); exit();
61. }
62.  
63. $_SESSION['id'] = '';
64. $_SESSION['user'] = '';
65. header('Location: login.php');
66. exit;
67.  
68. }
69. } catch (Exception $exception) {
70. $error = $exception->getMessage();
71. }
72.  
73. ?>
74.  
75.  
76.  
77. <!doctype html>
78. <html lang="en">
79. <head>
80. <meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
81. <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
82. <meta name="description" content="">
83. <meta name="author" content="">
84. <link rel="shortcut icon" href="images/logoNew_bubbles.png"/>
85.  
86. <title>Login</title>
87.  
88. <!-- Bootstrap core CSS -->
89. <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
90. <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
91. <link type="text/css" rel="stylesheet" media="screen" href="https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css">
92. <link href="css/styles.css" rel="stylesheet">
93. </head>
94.  
95. <body class="text-center" style="background-color:#eee">
96. <header>
97. <?php include_once "php_includes/header.php"; ?>
98. </header>
99.  
100. <article style="position: relative; margin-top: 250px">
101.  
102. <div class="col-sm-5"></div>
103. <div class="col-sm-2">
104.  
105. <?php if (isset($_SESSION['username'])): ?>
106. <div class="alert alert-success">
107. <strong>Registration success.</strong> Please Login and buy some beer. :)
108. </div>
109.  
110. <?php endif; ?>
111. <?php unset($_SESSION['username']); ?>
112.  
113. <?php if ($error) : ?>
114. <div class="alert alert-danger">
115. <strong> <?= $error ?></strong>
116. </div>
117.  
118. <?php endif; ?>
119. <?php $error = ''; ?>
120.  
121. <form id="loginForm" action="#" method="post" novalidate="novalidate">
122. <fieldset>
123. <legend class="extraPlace"> Please sign in</legend>
124.  
125. <div class="input-group margin">
126. <span class="input-group-addon"><i class="glyphicon glyphicon-user"></i></span>
127. <input type="text" id="inputEmail" name="username" class="form-control" placeholder="Username"
128. maxlength="40" value="<?php if(isset($_COOKIE['remember_me'])){
129. echo $_COOKIE['remember_me'];
130. }
131. else{
132. echo '';
133. }?>" required autofocus>
134. </div>
135.  
136. <div class="input-group margin">
137. <span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
138. <input type="password" id="password" name="password" class="form-control" placeholder="Password" required>
139. </div>
140.  
141. <div class="checkbox alignLeftContent">
142. <label>
143. <input type="checkbox" value="remember-me" name="remember" <?php if(isset($_COOKIE['remember_me'])) {
144. echo 'checked="checked"';
145. }
146. else {
147. echo '';
148. }
149. ?>> Remember me
150. </label>
151. </div>
152. <input class="btn btn-md btn-success btn-block" type="submit" name="login" value="Sign in">
153. </fieldset>
154. </form>
155. </div>
156. <div class="col-sm-5"></div>
157. </article>
158.  
159. <footer class="container fixed-bottom">
160. <?php include_once "php_includes/footer.php"; ?>
161. </footer>
162.  
163. <script src="https://code.jquery.com/jquery-3.3.1.min.js"></script>
164. <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/jquery.validate.min.js"></script>
165. <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/additional-methods.min.js"></script>
166. <!--<script rel="script" type="text/javascript" src="js/validationFE.js"></script>-->
167. <script rel="script" type="text/javascript" src="js/JSValidationLogin.js"></script>
168. </body>
169. </html>