function actionLogin() { $error = ''; if (User::auth()) { header('Location: /user/'); } else { if (!isset($_POST['email'])) { $this->render('login'); } else { $email = trim($_POST['email']); $pass = trim($_POST['password']); if (!empty($pass) && !empty($email)) { $user = new User(); $res = $user->user_login($email, $pass); if ($res === 'OK') { header('Location: /user/'); } else { $error = $res; $this->render('login', array('error' => $error)); } } else { $error = 'Все поля необходимы для заполнения!'; $this->render('login', array('error' => $error)); } } } }
/** * Select User from its username or password * * @param User $user * @return array the selected row in the db */ public function selectOne($user, $where_filter_id = "", $filter_as_string = false) { if ($user->user_login() !== "") { //Check if the user is giving his username and that there is a value $sql = 'SELECT * FROM user where `user_login` = :user_login AND `user_password` = :user_password LIMIT 0, 1;'; } else { return NULL; } $sth = $this->dao->prepare($sql); $sth->bindValue(':user_login', $user->user_login(), \PDO::PARAM_STR); $sth->bindValue(':user_password', $user->user_password(), \PDO::PARAM_STR); $sth->execute(); $sth->setFetchMode(\PDO::FETCH_CLASS | \PDO::FETCH_PROPS_LATE, '\\Applications\\PMTool\\Models\\Dao\\User'); $user_out = $sth->fetchAll(); $sth->closeCursor(); return $user_out; }
/** * Function for user to login */ function user_login() { if (isset($_REQUEST['username']) & isset($_REQUEST['password'])) { include_once '../models/user_class.php'; $obj = new User(); $username = $_REQUEST['username']; $password = $_REQUEST['password']; $row = $obj->user_login($username, $password); if (!$row) { echo '{"result":0, "message":"Failed to login"}'; } else { // echo json_encode ( $row ); session_start(); $user_type = $row['user_type']; if ($user_type == 'admin') { echo '{"result":1, "username":"******"}'; $_SESSION['user_type'] = $user_type; $_SESSION['user_id'] = $row['user_id']; // header("Location: home.php"); // exit ( ); } else { if ($user_type == 'regular') { echo '{"result":1, "username":"******"}'; $_SESSION['user_type'] = $user_type; $_SESSION['user_id'] = $row['user_id']; $_SESSION['path'] = $row['path']; $_SESSION['username'] = $row['username']; // header("Location: home.php"); // exit ( ); } } } } }
<?php include_once "function/common_function.php"; $error_msg = ''; $error_set = ''; if (isset($_POST['email'])) { $email = mysql_real_escape_string($_POST['email']); $password = mysql_real_escape_string($_POST['password']); include_once 'function/user_class.php'; $obj_user = new User(); $check_user = $obj_user->user_login($email, $password); if (!$check_user) { $error_set = 1; $error_msg = "Email or Password detail incorrect"; } else { header("location:index.php"); } } ?> <!DOCTYPE html> <!--[if lt IE 7 ]><html class="ie ie6" lang="en"> <![endif]--> <!--[if IE 7 ]><html class="ie ie7" lang="en"> <![endif]--> <!--[if IE 8 ]><html class="ie ie8" lang="en"> <![endif]--> <!--[if (gte IE 9)|!(IE)]><!--><html lang="en"> <!--<![endif]--> <head> <?php $page_title = 'SchoolzAndMore: User login page'; require_once 'blocks/head.php'; ?> </head> <body>
<label for="username">Inlognaam</label> <input type="text" name="username" class="form-control" id="username" placeholder="Voer inlognaam in"> </div> <div class="form-group"> <label for="password">Password</label> <input type="password" name="password" class="form-control" id="password" placeholder="Voer wachtwoord aan "> </div> <div class="form-group"> <a href="register.php">Heb je nog geen account? Registreer je dan hier! </a> </div> <button type="submit" class="btn btn-default custombutton" name="submit">Submit</button> </form> <?php if (isset($_POST["submit"])) { $get_user = $user->get_single_user($_POST['username']); $login = $user->user_login($_POST['username'], $get_user['salt'], $_POST['password']); if ($login > 0) { $_SESSION["user_login"] = 1; $_SESSION['username'] = $_POST["username"]; echo '<script>location.href="."</script>'; } elseif (empty($_POST['username']) || empty($_POST['password'])) { echo 'Zorg dat alle velden zijn ingevuld.'; } else { echo 'Gebruikersnaam of wachtwoord fout.'; } } ?> </div> </div> </div> </body>
<div class="form-group"> <label for="password">Wachtwoord</label> <input type="password" class="form-control" id="password" name="password" placeholder="Voer wachtwoord in" required> </div> <div class="form-group"> <a href="register.php">Klik hier om aan te melden</a> </div> <div class="form-group"> <input type="submit" class="btn btn-default" name='submit' value='Login'> </div> </form> <?php if (isset($_POST['submit'])) { $user = new User(); $get_user = $user->get_user($_POST['name']); if ($user->user_login($_POST['name'], $get_user['salt'], $_POST['password']) > 0) { $_SESSION['login'] = 1; $_SESSION['user'] = $_POST['name']; header('location: login/'); } elseif ($user->user_login($get_user['email'], $get_user['salt'], $_POST['password']) == 0) { echo '<div class="alert alert-danger" role="alert"><b>Oh Oh! </b>Sorry pall, wrong username or password :(</div>'; } } ?> <!-- End login form --> </div> </div> </body> <!-- Jquery CDN --> <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js"></script> <!-- Latest compiled and minified JavaScript -->