API tools faq
paste
Advertisement
sbucholtz

PHP Login Form - mySQLi - old - v2

sbucholtz
Aug 23rd, 2019
563
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.08 KB | None | 0 0
raw download clone embed print report
  1. // ------------------------------ //
  2. // https://pastebin.com/996xp0kj  //
  3. // ------------------------------ //
  4.  
  5. require '../php/session.php';
  6. require '../php/config.php';
  7.  
  8. // LOGIN FORM
  9. if(isset($_POST['login'])){
  10.     // INPUT CAPTURE
  11.     $username = trim($_POST['login_username']);
  12.     $userpass = $_POST['login_userpass'];
  13.    
  14.     // ERRORS ARRAY
  15.     $errors = [];
  16.    
  17.     // Username Check
  18.     if(!$username){
  19.         $errors[] = "Empty Username";
  20.     }elseif(!filter_var($username, FILTER_SANITIZE_STRING) || !preg_match("/^[\w]{4,16}$/", $username)){
  21.         $errors[] = "Invalid Username";
  22.         $username = "";
  23.     }
  24.     // Password Check
  25.     if(!$userpass){
  26.         $errors[] = "Empty Password";
  27.     }
  28.     // Verify Account Existence if both username AND verification exist
  29.     if($username && $userpass){
  30.         $sql        = "SELECT user_id,user_name,user_pass,user_type FROM users WHERE user_name = ? AND user_verified = ?";
  31.         $verify = 1;
  32.         $stmt   = prepareQuery($con, $sql, [$username, $verify]);
  33.         $stmt -> store_result();
  34.         $num = $stmt -> num_rows();
  35.         // Check if account exists
  36.         if($num === $verify){
  37.            
  38.             // Bind results to variables
  39.             $stmt -> bind_result($uid, $uname, $uhash, $utype);
  40.             while($stmt -> fetch()){
  41.                 $userid     = $uid;
  42.                 $username = $uname;
  43.                 $userhash = $uhash;
  44.                 $usertype = $utype;
  45.             }
  46.            
  47.             // Finally check the password
  48.             if(password_verify($userpass, $userhash)){
  49.                 $stmt -> close();
  50.                 // LOGIN ACCOUNT
  51.                 $_SESSION['uID']        = $userid;
  52.                 $_SESSION['pID']        = $username;
  53.                 $_SESSION['TYPE']   = $usertype;
  54.                 $_SESSION['LOGIN']  = $date;
  55.                 $_SESSION['ERROR']  = "Successfully logged in!";
  56.                 // LOG ACTIVITY
  57.                 $sql    = "UPDATE users SET user_status = ?, user_lastlogin = ? WHERE user_name = ?";
  58.                 $stmt = prepareQuery($con, $sql, [$verify, $date, $username]);
  59.                 redir("/cpanel.php");
  60.             }
  61.         }
  62.         $errors[] = "Username or password does not match our records";
  63.         $con -> close();
  64.     }
  65.    
  66.     // CHECK FOR ERRORS
  67.     if($errors){
  68.         $_SESSION['ERROR'] = $errors;
  69.         $mins   = time() + 120;
  70.         $path       = "/login.php";
  71.         setcookie("username", $username, $mins, $path);
  72.         redir($path);
  73.     }
  74. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!