<?phpsession_start();session_id("userID");if(!isset($_SESSION['login'])) {

1. <?php
2. session_start();
3. session_id("userID");
4.  
5. if(!isset($_SESSION['login'])) {
6. $_SESSION['login'] = false;
7. } elseif($_SESSION['login'] === true) {
8. $query = "SELECT * FROM users WHERE username='{$_SESSION['l-user']}' LIMIT 1";
9. $set = mysqli_query($db->connection, $query);
10. $get = mysqli_fetch_assoc($set);
11.  
12. $_SESSION['l-avatar'] = "{$get['avatar']}";
13. }
14.  
15.  
16. class Registery {
17.  
18. // variables
19. public $login;
20. public $user;
21. private $reg;
22. private $log;
23.  
24. public function register() {
25.  
26. $db = new MySQLDatabase();
27.  
28. if($_SESSION['login'] === false) {
29. $s_user = strip_tags($_POST['user']);
30. $s_pass = strip_tags($_POST['pass']);
31. $s_bio = strip_tags($_POST['content'], "<p><b><i><img><br><a>");
32. $s_gend = strip_tags($_POST['gender']);
33. $s_age = strip_tags($_POST['age']);
34. $s_u = mysqli_real_escape_string($db->connection, $s_user);
35. $s_p = mysqli_real_escape_string($db->connection, $s_pass);
36. $s_b = mysqli_real_escape_string($db->connection, $s_bio);
37. $s_g = mysqli_real_escape_string($db->connection, $s_gend);
38. $s_a = mysqli_real_escape_string($db->connection, $s_age);
39.  
40. $sql = "INSERT INTO users (id, username, password, content, tag, gender, rank, age, date, time) VALUES (NULL, '{$s_u}', '".sha1($s_p)."', '{$s_b}', 'I'm new! And my name is {$s_u}', '{$s_g}', 'member', '{$s_a}', CURDATE(), NOW())";
41. $this->reg = mysqli_query($db->connection, $sql);
42.  
43. if($this->reg === true) {
44. $_SESSION['login'] = true;
45. $_SESSION['l-user'] = "{$s_u}";
46. }
47. }
48. }
49.  
50. public function confirm_reg() {
51. if($this->reg === true) {
52. $success = "<div class="success">";
53. $success .= "<p><b><i class="fi-info"></i></b> Successfully registered.</p>";
54. $success .= "</div>";
55. echo "{$success}";
56. } else {
57. $error = "<div class="error">";
58. $error .= "<p><b><i class="fi-info"></i></b> Failed to register.<br /><b>NOTE:</b> You may have entered a username that already exists.</p>";
59. $error .= "</div>";
60. echo "{$error}";
61. }
62. }
63.  
64. public function login() {
65.  
66. $db = new MYSQLDatabase();
67.  
68. if($_SESSION['login'] === false) {
69. $s_user = strip_tags($_POST['user']);
70. $s_pass = strip_tags($_POST['pass']);
71. $s_u = mysqli_real_escape_string($db->connection, $s_user);
72. $s_p = mysqli_real_escape_string($db->connection, $s_pass);
73. $sql = "SELECT * FROM users WHERE username='{$s_u}' AND password='".sha1($s_p)."' LIMIT 1";
74. $this->log = mysqli_query($db->connection, $sql);
75.  
76. if(mysqli_num_rows($this->log) === 1) {
77. $_SESSION['login'] = true;
78. $_SESSION['l-user'] = "{$s_u}";
79. }
80. }
81. }
82.  
83. public function confirm_log() {
84. if(mysqli_num_rows($this->log) === 1) {
85. $success = "<div class="success">";
86. $success .= "<p><b><i class="fi-info"></i></b> Successfully logged in.</p>";
87. $success .= "</div>";
88. echo "{$success}";
89. } else {
90. $error = "<div class="error">";
91. $error .= "<p><b><i class="fi-info"></i></b> Failed to login.<br /><b>NOTE:</b> You entered the wrong username or password, make sure your capslock is off.</p>";
92. $error .= "</div>";
93. echo "{$error}";
94. }
95. }
96.  
97. public function logout() {
98. $_SESSION['login'] = false;
99. $_SESSION['l-user'] = "";
100. }
101.  
102. } // end of class
103.  
104. $user = new Registery();
105. ?>