/
login.php
74 lines (56 loc) · 1.5 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
<?php
session_start();
require_once "datab.php";
//require_once "hashtest.php";
class login
{
private $password ;
private $username ;
private $db;
private $salt1 = 'hhsb%@!';
private $salt2 = 'fds$!@';
public function __construct($password, $username, $db)
{
//echo "password: ".$password. "<br>";
//echo "username: ".$username. "<br>";
$this->username = cleanString($username);
$password = cleanString($password);
$this->password = hashPasswords($password, $this->username);
//echo $this->password. "<br>";
$this->db = $db;
$this->sqlSelect();
}
public function getUsername()
{
return $this->username;
}
public function sqlSelect()
{
$sql = "SELECT * FROM users WHERE password = '$this->password'";
try
{
//printf("Connection Established!");
$command =$this->db->prepare($sql);
$command->execute();
$one = $command->fetch(PDO::FETCH_ASSOC);
//var_dump($one);
if (isset($one['password']) && $this->password === $one['password']){
printf("Connection Established!");
$first_name = $one['firstname'];
$last_name = $one['lastname'];
$_SESSION['username'] = $one['username'];
// printf("<br>Welcome %s %s",$first_name, $last_name );
// echo "<br><a href = 'home.php'>Home Page<a/>";
header("Location: alumni.php");
}
else
printf("Connection failed!");
//echo "<br>".$one['firstname'];
}
catch (Exception $e)
{
echo "Wrong Username/password";
}
}
}
$login = new login($_POST['password'],$_POST['username'],$db);