if (isset($_POST['go'])) {
$username = mysqli_real_escape_string($dbConect, htmlspecialchars($_POST['username']));
$password = mysqli_real_escape_string($dbConect, htmlspecialchars($_POST['password']));
if (strlen($username) < 5) {
$error = generateErrorMessage("Username should be atleast 5 charaters!");
}
if (strlen($password) < 5) {
$error = generateErrorMessage("Password should be atleast 5 charaters!");
}
$check = mysqli_query($dbConect, "SELECT username FROM users WHERE username = '******'");
$result = $check->num_rows;
if ($result > 0) {
$error = generateErrorMessage("User already exists");
} else {
if ($result == 0) {
$insert = mysqli_query($dbConect, "INSERT INTO `users`(`username`, `password`) VALUES ('{$username}', '{$password}')");
if ($insert) {
echo generateErrorMessage("Resistred! Enter <a href='index.php'>here</a>!");
} else {
echo generateErrorMessage("Failed. Pleaase try again!");
}
}
}
if (isset($error)) {
echo $error;
}
}
?>
<?php
include './includes/footer.php';
<input class="btn btn-primary" type="submit" name="login" value="Enter" /><a class="btn btn-info" href="register.php">Register</a>
</form>
<?php
if (isset($_POST['login'])) {
$username = htmlspecialchars($_POST['username']);
$password = htmlspecialchars($_POST['password']);
if (strlen($username) < 5) {
$error = generateErrorMessage("Username should not be shorter that 5 characters!");
}
if (strlen($password) < 5) {
$error = generateErrorMessage("Password should not be shorter that 5 characters!");
}
if (isset($error)) {
echo $error;
} else {
$check = mysqli_query($dbConect, 'SELECT * FROM users WHERE username = "******" AND password = "******"');
$num = $check->num_rows;
if ($num != 0) {
$_SESSION['isLogged'] = $username;
header("Location: all-messages.php");
} else {
$error = generateErrorMessage("Wrong username or password!");
}
}
}
?>
<?php
include_once "includes/footer.php";
<a class="btn btn-info" href="all-messages.php">All Messages</a>
</div>
</div>
</form>
<?php
if (isset($_POST['msg'])) {
$content = mysqli_real_escape_string($dbConect, htmlspecialchars($_POST['content']));
$author = mysqli_real_escape_string($dbConect, htmlspecialchars($_SESSION['isLogged']));
if (strlen($content) < 3) {
$error = generateErrorMessage("Message is too short");
}
if (strlen($content) > 250) {
$error = "Message is too long!";
}
if (isset($error)) {
echo $error;
} else {
$today = date("d.m.y");
$query = mysqli_query($dbConect, 'INSERT INTO `messages` (`content`, `author`, `post_date`) VALUES ("' . $content . '", "' . $author . '", "' . $today . '")');
if ($query) {
header("Location: all-messages.php");
} else {
echo generateErrorMessage("Error!");
}
}
}
?>
<?php
include './includes/footer.php';
