<?phpsession_start();// variable declaration$username = "";$email

1. <?php
2.  
3. session_start();
4.  
5. // variable declaration
6. $username = "";
7. $email = "";
8. $errors = array();
9. $_SESSION['success'] = "";
10.  
11. // connect to database
12. $db = mysqli_connect('localhost', 'root', '', 'onlineshop');
13.  
14. // REGISTER USER
15. if (isset($_POST['reg_user'])) {
16. // receive all input values from the form
17. $username = mysqli_real_escape_string($db, $_POST['username']);
18. $email = mysqli_real_escape_string($db, $_POST['email']);
19. $password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
20. $password_2 = mysqli_real_escape_string($db, $_POST['password_2']);
21.  
22. // form validation: ensure that the form is correctly filled
23. if (empty($username)) { array_push($errors, "Username is required"); }
24. if (empty($email)) { array_push($errors, "Email is required"); }
25. if (empty($password_1)) { array_push($errors, "Password is required"); }
26.  
27. if ($password_1 != $password_2) {
28. array_push($errors, "The two passwords do not match");
29. }
30.  
31. // register user if there are no errors in the form
32. if (count($errors) == 0) {
33. $password = $password_1;//encrypt the password before saving in the database (removed md5())
34. $query = "INSERT INTO klant (username, email, password)
35. VALUES('$username', '$email', '$password')";
36. mysqli_query($db, $query);
37.  
38. $_SESSION['username'] = $username;
39. $_SESSION['success'] = "You are now logged in";
40. header('location: index.php');
41. }
42. }
43.  
44. // LOGIN USER
45. if (isset($_POST['login_user'])) {
46. $username = mysqli_real_escape_string($db, $_POST['username']);
47. $password = mysqli_real_escape_string($db, $_POST['password']);
48.  
49. if (empty($username)) {
50. array_push($errors, "Username is required");
51. }
52. if (empty($password)) {
53. array_push($errors, "Password is required");
54. }
55.  
56. if (count($errors) == 0) {
57. /* $password = md5($password); */
58.  
59. if (isset($_POST['admin'])) {
60. $query = "SELECT * FROM medewerker WHERE username='$username' AND password='$password'";
61. }
62.  
63. else {
64. $query = "SELECT * FROM klant WHERE username='$username' AND password='$password'";
65. }
66.  
67. $results = mysqli_query($db, $query);
68.  
69. if (mysqli_num_rows($results) == 1) {
70. $_SESSION['username'] = $username;
71. $_SESSION['success'] = "You are now logged in";
72. header('location: index.php');
73. }
74. else{
75. array_push($errors, "Wrong username/password combination");
76.  
77. }
78. }
79.  
80. }
81.  
82. // Product Test
83.  
84. function getPro() {
85.  
86. global $db;
87.  
88. $get_pro = "select * from producten";
89.  
90. $run_pro = mysqli_query($db, $get_pro);
91.  
92. while( $row_pro = mysqli_fetch_array($run_pro)) {
93.  
94. $product_id = $row_pro['product_id'];
95. $product_title = $row_pro['product_title'];
96. $product_price = $row_pro['product_price'];
97. $product_desc = $row_pro['product_desc'];
98. $product_image = $row_pro['product_image'];
99.  
100. echo "<li><a href='#'>$product_title</a></li>";
101. echo "<li>prijs:$product_price</li>";
102. echo "<li>description:$product_desc</li>";
103. echo '<li><img src="' . $product_image . '"</li>';
104. echo "<li><a href='#' class=" . 'button' . ">Toevoegen</a></li>" . "<br />";
105.  
106. }
107.  
108.  
109. }
110.  
111. ?>