Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- // variable declaration
- $username = "";
- $email = "";
- $errors = array();
- $_SESSION['success'] = "";
- // connect to database
- $db = mysqli_connect('localhost', 'iotaeyjx_login', 'amitsaha1993', 'iotaeyjx_login');
- // REGISTER USER
- if (isset($_POST['reg_user'])) {
- // receive all input values from the form
- $username = mysqli_real_escape_string($db, $_POST['username']);
- $email = mysqli_real_escape_string($db, $_POST['email']);
- $password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
- $password_2 = mysqli_real_escape_string($db, $_POST['password_2']);
- // form validation: ensure that the form is correctly filled
- if (empty($username)) { array_push($errors, "Username is required"); }
- if (empty($email)) { array_push($errors, "Email is required"); }
- if (empty($password_1)) { array_push($errors, "Password is required"); }
- if ($password_1 != $password_2) {
- array_push($errors, "The two passwords do not match");
- }
- // register user if there are no errors in the form
- if (count($errors) == 0) {
- $password = md5($password_1);//encrypt the password before saving in the database
- $query = "INSERT INTO users (username, email, password)
- VALUES('$username', '$email', '$password')";
- mysqli_query($db, $query);
- $_SESSION['username'] = $username;
- $_SESSION['success'] = "You are now logged in";
- header('location: index.php');
- }
- }
- // ...
- // LOGIN USER
- if (isset($_POST['login_user'])) {
- $username = mysqli_real_escape_string($db, $_POST['username']);
- $password = mysqli_real_escape_string($db, $_POST['password']);
- if (empty($username)) {
- array_push($errors, "Username is required");
- }
- if (empty($password)) {
- array_push($errors, "Password is required");
- }
- if (count($errors) == 0) {
- $password = md5($password);
- $query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
- $results = mysqli_query($db, $query);
- if (mysqli_num_rows($results) == 1) {
- $sql_2 = "INSERT INTO login_logs(username) VALUES ('" . $username . "')";
- $results2 = mysqli_query($db, $sql_2);
- $_SESSION['username'] = $username;
- $_SESSION['success'] = "You are now logged in";
- header('location: index.php');
- }else {
- array_push($errors, "Wrong username/password combination");
- }
- }
- }
- if (isset($_GET['logout'])) {
- session_destroy();
- unset($_SESSION['username']);
- $sql_3 = "UPDATE login_logs SET logout_time = current_timestamp where username ='$username'";
- $results3 = mysqli_query($db, $sql_3);
- $_SESSION['success'] = "You are now logged out";
- header('location: login.php');
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement