Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- function absolute_url($page = 'index.php') {
- //header('Location: http:\localhost');
- //exit(); //terminates the script
- $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
- $url = rtrim($url, '/\');
- $url .= '/' . $page;
- return $url;
- }
- function checkLogin($email = '', $password = '') {
- $errors = array();
- if (empty($email)){
- $errors[] = 'You must enter your email';
- }
- if (empty($password)){
- $errors[] = 'You must enter a password';
- }
- if (empty($errors)) {
- ////set up database econnection
- require_once 'DO_Classes/mysqli_connect.php';
- $db = new Database();
- $dbc = $db->getConnection();
- $stmt = $dbc->prepare("SELECT user_ID FROM User WHERE user_email=? AND AES_DECRYPT(user_password, 'p0ly')=?");
- if ($stmt) {
- $stmt->bind_param('ss', $email, $password);
- if ($stmt->execute()) {
- $stmt->store_result();
- $stmt->bind_result($user_ID);
- $stmt->fetch();
- $stmt->close();
- if(!empty($user_ID)){
- return array(true, $user_ID);
- }else{
- /*
- * <div class="alert alert-success alert-dismissable">
- <button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
- Invalid email or password
- </div>
- */
- $errors[] = '<div class="alert alert-danger alert-dismissable">
- <button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
- <p align="center">Invalid email or password</p>
- </div>';
- }
- } else {
- $errors[] = 'Passwords do not match';
- }
- }else {
- echo '<p class="error"> Oh dear. There was a databse error</p>';
- echo '<p class = "error">' . mysqli_error($stmt) . '</p>';
- }
- }
- return array(false, $errors);
- }
- ?>
- <?php
- if (isset($_POST['submitted'])) {
- //require_once is similar to 'include' but ensures the code is not copied multiple times
- require_once('Functions/loginFunctions.php');
- //list() is a way of assigning multiple values at the same time
- //checkLogin() function returns an array so list here assigns the values in the array to $check and $data
- list($check, $data) = checkLogin($_POST['email'], $_POST['password']);
- if ($check) {
- //setcookie('FName', $data['FName'], time()+ 900 ) ; //cookie expires after 15 mins
- //setcookie('LName', $data['LName'], time() + 900 ) ;
- session_start();
- require_once 'Classes/DO_Users.php';
- $user = new DO_User();
- $user->get($data);
- //use session variables instead of cookies
- //these variables should now be available to all pages in the application as long as the users session exists
- $_SESSION['userID'] = $user->userID;
- $_SESSION['userType'] = $user->userTypeID;
- $_SESSION['last_activity'] = time(); //your last activity was now, having logged in.
- $_SESSION['expire_time'] = 60 * 5; //expire time in seconds: three hours (you must change this)
- //to enable $_SESSION array to be populated we always need to call start_session() - this is done in header.php
- //print_r is will print out the contents of an array
- //print_r($_SESSION);
- //
- //Redirect to another page
- $url = absolute_url('index.php'); //function defined in Loginfunctions.php to give absolute path for required page
- //this version of the header function is used to redirect to another page
- header("Location: $url"); //since we have entered correct login details we are now being directed to the home page
- exit();
- } else {
- $errors = $data;
- }
- }
- if (!empty($errors)) {
- //foreach is a simplified version of the 'for' loop
- foreach ($errors as $err) {
- echo "$err <br />";
- }
- echo '</p>';
- }
- //display the form
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement