API tools faq
paste
Advertisement
chrisenoch

login.php

chrisenoch
Dec 8th, 2019
486
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.88 KB | None | 0 0
raw download clone embed print report
  1. <?php # Script 18.8 - login.php
  2. // This is the login page for the site.
  3. require('includes/config.inc.php');
  4. $page_title = 'Login';
  5. include('includes/header.html');
  6. echo "COOKIE TEST"; //Debugging
  7.  
  8. setcookie('COOKIE_TEST', true, time()+3600, '/', '', 0, 0);
  9.  
  10. if ($_SERVER['REQUEST_METHOD'] == 'POST') {
  11. require(MYSQL);
  12. // Validate the email address:
  13. if (!empty($_POST['email'])) {
  14. $e = mysqli_real_escape_string($dbc, $_POST['email']);
  15. } else {
  16. $e = FALSE;
  17. echo '<p class="error">You forgot to enter your email address!</p>';
  18. }
  19. // Validate the password:
  20. if (!empty($_POST['pass'])) {
  21. $p = trim($_POST['pass']);
  22. } else {
  23. $p = FALSE;
  24. echo '<p class="error">You forgot to enter your password!</p>';
  25. }
  26. if ($e && $p) { // If everything's OK.
  27. // Query the database:
  28. $q = "SELECT user_id, first_name, user_level, pass FROM users WHERE email='$e' AND active IS NULL";
  29. $r = mysqli_query($dbc, $q) or trigger_error("Query: $q\n<br>MySQL Error: " . mysqli_error($dbc));
  30. if (@mysqli_num_rows($r) == 1) { // A match was made.
  31. // Fetch the values:
  32. list($user_id, $first_name, $user_level, $pass) = mysqli_fetch_array($r, MYSQLI_NUM);
  33. mysqli_free_result($r);
  34. // Check the password:
  35. if (password_verify($p, $pass)) {
  36. // Store the info in the session:
  37. $_SESSION['user_id'] = $user_id;
  38. $_SESSION['first_name'] = $first_name;
  39. $_SESSION['user_level'] = $user_level;
  40. mysqli_close($dbc);
  41. // Redirect the user:
  42. $url = BASE_URL . 'index.php'; // Define the URL.
  43. ob_end_clean(); // Delete the buffer.
  44. header("Location: $url");
  45. exit(); // Quit the script.
  46. } else {
  47. echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>';
  48. }
  49. } else { // No match was made.
  50. echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>';
  51. }
  52. } else { // If everything wasn't OK.
  53. echo '<p class="error">Please try again.</p>';
  54. }
  55. mysqli_close($dbc);
  56. } // End of SUBMIT conditional.
  57. ?>
  58.  
  59. <h1>Login</h1>
  60. <p>Your browser must allow cookies in order to log in.</p>
  61. <form action="login.php" method="post">
  62. <fieldset>
  63. <p><strong>Email Address:</strong> <input type="email" name="email" size="20" maxlength="60"></p>
  64. <p><strong>Password:</strong> <input type="password" name="pass" size="20"></p>
  65. <div align="center"><input type="submit" name="submit" value="Login"></div>
  66. </fieldset>
  67. </form>
  68.  
  69. <?php include('includes/footer.html'); ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!