<?php session_start(); require_once 'dbConnection.php'; $connection = new dbConnection(); $email = $connection->escape($_POST['email']); $pass = $connection->escape($_POST['pass']); $fname = $connection->escape($_POST['fname']); $lname = $connection->escape($_POST['lname']); $phone = $connection->escape($_POST['phone']); $err = 0; # проверяем, не сущестует ли пользователя с таким именем $result = $connection->select("SELECT COUNT(UserID) FROM Users WHERE Email='" . $email . "'"); $row = $result->fetch_row(); if ($row[0] !== 0) { $err = 1; } //"Пользователь с таким логином уже существует в базе данных" if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $err = 2; } //" invalid emailaddress # Если нет ошибок, то добавляем в БД нового пользователя if ($err == 0) { $result = $connection->insert("INSERT INTO `Users`(`Email`, `Password`, `FirstName`, `LastName`, `Phone`) VALUES ('" . $email . "','" . $pass . "','" . $fname . "','" . $lname . "','" . $phone . "')"); if ($result != 0) { echo 0; session_regenerate_id(); $_SESSION['UserID'] = $connection->getLastInsertedID(); $_SESSION['Login'] = $email; }
<?php session_start(); require_once 'dbConnection.php'; $connection = new dbConnection(); session_regenerate_id(); $email = $connection->escape($_POST['email']); $pass = $connection->escape($_POST['pass']); $result = $connection->select("SELECT UserID, Email, Password FROM `Users` WHERE `Email`='{$email}' AND `Password`='{$pass}'"); if (mysqli_num_rows($result) == 0) { echo 0; } else { echo 1; $row = $result->fetch_assoc(); $_SESSION['Login'] = $email; $_SESSION['UserID'] = $row['UserID']; }
<?php require_once 'dbConnection.php'; $connection = new dbConnection(); $result = $connection->select("SELECT * FROM `wishcomments` WHERE WishID = " . $_POST['wishID']); while ($row = $result->fetch_assoc()) { ?> <div class="singleComment"> <h6 class="comment-name">Evgeny Mikhalev</h6> <h6 class="comment-time"><?php echo $row['CommentTime']; ?> </h6><br/> <p><?php echo $row['Text']; ?> </p> </div> <?php }