-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathauth.php
More file actions
66 lines (60 loc) · 2 KB
/
auth.php
File metadata and controls
66 lines (60 loc) · 2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
<?php
session_start();
$conn = new PDO("mysql:host=localhost;dbname=regform", 'root', '');
if (!$conn) {
echo "failed to connect to the dabatase";
}
function cleaner($data){
return htmlentities(stripslashes(stripcslashes(htmlspecialchars($data))));
}
if (isset($_POST['login'])) {
$email = cleaner($_POST['email']);
$pass = cleaner($_POST['password']);
if (!empty($email) && !empty($pass)) {
$login = $conn->prepare("SELECT * FROM `users` WHERE `email` = ? LIMIT 1");
$login->execute(array($email)); //getch the user record from the db
$row = $login->fetch(PDO::FETCH_ASSOC);
if ($login->rowCount() > 0) {
if (password_verify($pass, $row['password'])) {
$_SESSION['user'] = $row['userId'];
$_SESSION['name'] = $row['name'];
$_SESSION['email'] = $row['email'];
header('location: home.php');
}else{
$_SESSION['errors'] = 'Incorrect Password';
header('location: login.php');
}
}else{
$_SESSION['errors'] = "User not found, click <a href='./'>Here</a> To register";
header('location: login.php');
}
}else{
$_SESSION['errors'] = 'Please fill in all the details';
header('location: login.php');
}
}
if (isset($_POST['signup'])) {
$name = cleaner($_POST['name']);
$email = cleaner($_POST['email']);
$pass = cleaner($_POST['password']);
$verpass = cleaner($_POST['re_password']);
if (!empty($name) && !empty($email) && !empty($pass) && !empty($verpass)) {
if ($pass != $verpass) {
$_SESSION['error'] = "passowords do not match";
header('location: ./');
}
$password = password_hash($pass, PASSWORD_DEFAULT);
$add = $conn->prepare("INSERT INTO `users` (`name`, `email`, `password`) VALUES (?, ?, ?) ");
if ($add->execute(array($name, $email, $password))) {
$_SESSION['message'] = 'Succesful signed up please login to continue';
header('location: login.php');
}else{
$_SESSION['error'] = 'Failed to signup Please Try again';
header('location: ./');
}
}else{
$_SESSION['error'] = 'Please fill in all the fields';
header('location: ./');
}
}
?>