Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- function connect_to_db()
- {
- $conn = mysqli_connect("localhost", "root", "", "db_chamber_of_fashion_malta")
- or die("Unable to connect.");
- return $conn;
- }
- function disconnect_from_db(&$conn){
- mysqli_close($conn);
- }
- function insert_user($email, $password){
- $conn = connect_to_db();
- $email = mysqli_escape_string($conn, $email);
- $password = password_hash($password, CRYPT_BLOWFISH);
- $password = mysqli_escape_string($conn, $password);
- $query = "
- SELECT user_email, user_password
- FROM tbl_users
- WHERE user_email = '{$email}' AND user_password = '{$password}'
- ";
- $result = mysqli_query($conn, $query);
- if (mysqli_affected_rows($conn) != 1){
- $result = "The query was not successful: ";
- $result .= mysqli_error($conn);
- } else {
- $result = mysqli_insert_id($conn);
- }
- disconnect_from_db($conn);
- return $result;
- }
- function insert_user_details($id, $email, $password, $remember_password, $street, $house_no, $locality){
- $conn = connect_to_db();
- $id = mysqli_escape_string($conn, $id);
- $email = mysqli_escape_string($conn, $email);
- $password = mysqli_escape_string($conn, $password);
- $remember_password = mysqli_escape_string($conn, $remember_password);
- $street = mysqli_escape_string($conn, $street);
- $house_no = mysqli_escape_string($conn, $house_no);
- $locality = mysqli_escape_string($conn, $locality);
- $query = "
- INSERT INTO tbl_users
- (user_id, user_email, user_password, user_re-type_password, user_street, user_house_no, user_locality)
- VALUES
- ('{$id}', '{$email}', '{$password}', '{$remember_password}', '{$street}', '{$house_no}', '{$locality}')
- ";
- $result = mysqli_query($conn, $query);
- if(mysqli_affected_rows($conn) != 1){
- $result = "The query was not successfull: ";
- $result .= mysqli_error($conn);
- } else{
- $result = TRUE;
- }
- disconnect_from_db($conn);
- return $result;
- }
- function get_password($email){
- $conn = connect_to_db();
- $email = mysqli_escape_string($conn, $email);
- $query = "
- SELECT user_password
- FROM tbl_users
- WHERE user_email='{$email}'
- ";
- $result = mysqli_query($conn, $query);
- disconnect_from_db($conn);
- if(mysqli_num_rows($result) != 1){
- return FALSE;
- } else{
- $result = mysqli_fetch_assoc($result);
- return $result['user_password'];
- }
- }
- function check_login() {
- if(!array_key_exists('users', $_SESSION)){
- return FALSE;
- }
- $user = $_SESSION['users'];
- $conn = connect_to_db();
- $id = mysqli_escape_string($conn, $user['id']);
- $email = mysqli_escape_string($conn, $user['user_email']);
- $query = "
- SELECT id
- FROM tbl_users
- WHERE id = '{$id}' AND user_email = '{$email}'
- ";
- $result = mysqli_query($conn, $query);
- disconnect_from_db($conn);
- return mysqli_num_rows($result) == 1;
- }
- ?>
Add Comment
Please, Sign In to add comment