function login() { $controller = new UserTools(); $db = new DB(); $db->connect(); if (!isset($_POST['apikey'])) { echo "bad api key"; return NULL; } if (isset($_POST['username']) && isset($_POST['password'])) { $user = $_POST['username']; $pass = $_POST['password']; $result = $controller->login($user, $pass); echo $result; /* $query = $db->select('users', 'username=$user,pass_hash=$pass'); if(mysql_num_rows($query) == 1){ //success $_SESSION['logged_in'] = $query['id']; } else { //fail echo "invalid username or password"; } */ } }
if ($success) { //prep the data for saving in a new user object $data['first_name'] = $firstname; $data['last_name'] = $lastname; $data['password'] = md5($password); //encrypt the password for storage $data['email'] = $email; if (!empty($avatar)) { $data['avatar'] = $avatar; } //create the new user object $newUser = new User($data); //save the new user to the database $newUser->save(true); //log them in $userTools->login($email, $password); //redirect them to a welcome page header("Location: index.php"); } } //If the form wasn't submitted, or didn't validate //then we show the registration form again ?> <html> <head> <title>Registration</title> </head> <body> <?php require_once "partials/header.php";
<?php //login.php require_once 'includes/global.inc.php'; $error = ""; $username = ""; $password = ""; //check to see if they've submitted the login form if (isset($_POST['submit-login'])) { $username = $_POST['username']; $password = $_POST['password']; $userTools = new UserTools(); if ($userTools->login($username, $password)) { //successful login, redirect them to a page header("Location: index.php"); } else { $error = "Incorrect username or password. Please try again."; } } ?> <html> <head> <title>Login</title> </head> <body> <?php if ($error != "") { echo $error . "<br/>"; } ?>
<?php /** * Created by PhpStorm. * User: Alexandr * Date: 01.02.16 * Time: 13:44 */ $config::$menu = "login"; config::$page = "Авторизация"; if (isset($_POST['sub']) && $_POST['captcha'] == $_SESSION['captcha']) { $login = new UserTools(); $login->login($_POST); } elseif (isset($_POST['sub']) && $_POST['captcha'] !== $_SESSION['captcha']) { $_SESSION['reg_error_captcha'] = "Не верный код капчи"; } //echo $_COOKIE['auth'];
if (filter_var($emailId, FILTER_VALIDATE_EMAIL) != true) { header ("Location: error.php?message=Email Validation Failed"); } $row = mysql_fetch_object(mysql_query("SELECT * FROM USERS WHERE emailId = '$emailId' AND isActive = 1")); if (!empty($_POST)) { $currentpassword = Validation::xss_clean(DB::makeSafe($_POST["currentpassword"])); $newpassword = Validation::xss_clean(DB::makeSafe($_POST["newpassword"])); $confirmnewpassword = Validation::xss_clean(DB::makeSafe($_POST["confirmnewpassword"])); // Check if current password is correct $userTools = new UserTools(); if (!$userTools->login($emailId, $currentpassword)) { header ("Location: error.php?message=Current Password Wrong"); return; } if ($newpassword != $confirmnewpassword) { header ("Location: error.php?message=Confirm Password Wrong"); return; } $updateDate = array( "password" => "'". $newpassword ."'" ); if ($db->update ($updateDate, "ACCOUNTS", "userId = '".$emailId."'")) { ?>