<?php
session_start();
require_once 'dbConnection.php';
$connection = new dbConnection();
$email = $connection->escape($_POST['email']);
$pass = $connection->escape($_POST['pass']);
$fname = $connection->escape($_POST['fname']);
$lname = $connection->escape($_POST['lname']);
$phone = $connection->escape($_POST['phone']);
$err = 0;
# проверяем, не сущестует ли пользователя с таким именем
$result = $connection->select("SELECT COUNT(UserID) FROM Users WHERE Email='" . $email . "'");
$row = $result->fetch_row();
if ($row[0] !== 0) {
$err = 1;
}
//"Пользователь с таким логином уже существует в базе данных"
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$err = 2;
}
//" invalid emailaddress
# Если нет ошибок, то добавляем в БД нового пользователя
if ($err == 0) {
$result = $connection->insert("INSERT INTO `Users`(`Email`, `Password`, `FirstName`, `LastName`, `Phone`) VALUES ('" . $email . "','" . $pass . "','" . $fname . "','" . $lname . "','" . $phone . "')");
if ($result != 0) {
echo 0;
session_regenerate_id();
$_SESSION['UserID'] = $connection->getLastInsertedID();
$_SESSION['Login'] = $email;
}
<?php
session_start();
require_once 'dbConnection.php';
$connection = new dbConnection();
session_regenerate_id();
$email = $connection->escape($_POST['email']);
$pass = $connection->escape($_POST['pass']);
$result = $connection->select("SELECT UserID, Email, Password FROM `Users` WHERE `Email`='{$email}' AND `Password`='{$pass}'");
if (mysqli_num_rows($result) == 0) {
echo 0;
} else {
echo 1;
$row = $result->fetch_assoc();
$_SESSION['Login'] = $email;
$_SESSION['UserID'] = $row['UserID'];
}
<?php
require_once 'dbConnection.php';
$connection = new dbConnection();
$result = $connection->select("SELECT * FROM `wishcomments` WHERE WishID = " . $_POST['wishID']);
while ($row = $result->fetch_assoc()) {
?>
<div class="singleComment">
<h6 class="comment-name">Evgeny Mikhalev</h6> <h6 class="comment-time"><?php
echo $row['CommentTime'];
?>
</h6><br/>
<p><?php
echo $row['Text'];
?>
</p>
</div>
<?php
}
