index.php<div id="view" class="login-box animated fadeInUp"> <div class="b

1. index.php
2. <div id="view" class="login-box animated fadeInUp">
3. <div class="box-header">
4. <h2>Login</h2>
5. </div>
6. <form name="form" class="form" method="POST">
7. <label for="username">Username</label>
8. <br/>
9. <input type="mail" id="username" name="user_email">
10. <input name="submit" onclick="submitForm()" id="submit" type="submit" value="Login">
11. </div>
12.  
13. index.js
14. /* login submit */
15. function submitForm(){
16. var data = $(".form").serialize();
17.  
18. $.ajax({
19.  
20. type : 'POST',
21. url : '../Slide_upload/database/signIn.php',
22. data : data,
23. success : function(response){
24. if(response=="ok"){
25. alert("Ok");
26. }
27. else{
28. alert("Nopeeeeee");
29. }
30. }
31. });
32. return false;
33. }
34.  
35. dbConnection.php
36. <?php
37.  
38. class Database{
39. private $host = "localhost";
40. private $db_name = "slide_uploader";
41. private $username = "";
42. private $password = "";
43. public $conn;
44.  
45. public function dbConnection(){
46.  
47. $this->conn = null;
48. try{
49. $this->conn = new PDO("mysql:host=" . $this->host . ";dbname=" . $this->db_name, $this->username, $this->password);
50. $this->conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
51. }
52. catch(PDOException $exception){
53. echo "Connection error: " . $exception->getMessage();
54. }
55.  
56. return $this->conn;
57. }
58. }
59. ?>
60.  
61. class.student.php
62. <?php
63.  
64. require_once('dbConnection.php');
65.  
66. class STUDENT{
67.  
68. private $conn;
69.  
70. public function __construct(){
71. $database = new Database();
72. $db = $database->dbConnection();
73. $this->conn = $db;
74. }
75.  
76. public function runQuery($sql){
77. $stmt = $this->conn->prepare($sql);
78. return $stmt;
79. }
80.  
81. public function register($uname,$matricola,$nome,$cognome){
82. try{
83. $stmt = $this->conn->prepare("INSERT INTO studente(Nome,Cognome,Matricola,Username)
84. VALUES($nome, $cognome, $matricola, $uname)");
85.  
86. $stmt->bindparam(":user_email", $uname);
87.  
88. $stmt->execute();
89.  
90. return $stmt;
91. }
92. catch(PDOException $e){
93. echo $e->getMessage();
94. }
95. }
96.  
97.  
98. public function doLogin($uname){
99. try{
100. $stmt = $this->conn->prepare("SELECT * FROM studenti_in_sessione WHERE Username=:user_email");
101. $stmt->execute(array(':user_email'=>$uname));
102. $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
103. if($stmt->rowCount() == 1){
104. $exit = array_values($userRow);
105. $this->register($exit[0],$exit[1],$exit[2],$uname);
106. $_SESSION['user_session'] = $userRow[$this->getStudID($uname)];
107. }
108. }
109. catch(PDOException $e){
110. echo $e->getMessage();
111. }
112. }
113.  
114. public function getStudID($uname){
115. try{
116. $stmt = $this->conn->prepare("SELECT ID_Studente WHERE Username='.$uname' ");
117.  
118. $stmt->bindparam(":user_email", $uname);
119.  
120. $stmt->execute();
121.  
122. return $stmt;
123. }
124. catch(PDOException $e){
125. echo $e->getMessage();
126. }
127. }
128.  
129. public function is_loggedin(){
130. if(isset($_SESSION['user_session'])){
131. return true;
132. }
133. }
134.  
135. public function redirect($url){
136. header("Location: $url");
137. }
138.  
139. public function doLogout(){
140. session_destroy();
141. unset($_SESSION['user_session']);
142. return true;
143. }
144. }
145. ?>
146.  
147. signIn.php
148. <?php
149. session_start();
150. require_once("class.student.php");
151. $login = new STUDENT();
152.  
153. if($login->is_loggedin()!=""){
154. $login->redirect('upload.php');
155. }
156.  
157. if(isset($_POST['submit'])){
158. $uname = strip_tags($_POST['user_email']);
159. if(filter_var($uname, FILTER_VALIDATE_EMAIL)===true && strpos(explode('@',$uname),"studio.unibo.it")!==false){
160. if($login->doLogin($uname)){
161. sendCode($username);
162. }
163. else{
164. $error = "Non hai i permessi necessari per accedere!";
165. }
166. }else{
167. $error = "La mail deve essere @studio.unibo.it";
168. }
169. }
170. ?>