<?php

include 'db.php';
session_start();
require 'clearDataFunctions.php';
if (isset($_POST['email'])) {
    $email = $_POST['email'];
    customUnset($email);
}
if (isset($_POST['password'])) {
    $password = $_POST['password'];
    customUnset($password);
}
clearString($email);
clearString($password);
$password = md5($password);
//md5 hashing
$result = mysqli_query($link, "SELECT * FROM user_profile WHERE email='{$email}'");
$myrow = mysqli_fetch_array($result);
if ($myrow['password'] == $password) {
    $_SESSION['fname'] = $myrow['fname'];
    $_SESSION['lname'] = $myrow['lname'];
    $_SESSION['email'] = $myrow['email'];
    $_SESSION['id'] = $myrow['id'];
}
header('Location: index.php');
Example #2
0
}
if (isset($_POST['password'])) {
    $password = $_POST['password'];
    customUnset($password);
}
if (isset($_POST['password_confirm'])) {
    $password_confirm = $_POST['password_confirm'];
    customUnset($password_confirm);
}
if (isset($_POST['fname'])) {
    $fname = $_POST['fname'];
    customUnset($fname);
}
if (isset($_POST['lname'])) {
    $lname = $_POST['lname'];
    customUnset($lname);
}
clearString($fname);
clearString($lname);
clearString($password);
clearString($password_confirm);
clearString($email);
$resultSel = mysqli_query($link, "SELECT id FROM user_profile WHERE email='{$email}'");
$myrow = mysqli_fetch_array($resultSel);
if (!empty($myrow['id'])) {
    exit("Извините, введённый вами логин уже зарегистрирован. Введите другой логин.");
}
$date = getdate(date("U"));
$dateStr = $date[mday] . '/' . $date[mon] . '/' . $date[year];
$password = md5($password);
$resultIns = mysqli_query($link, "INSERT INTO user_profile (email,password,fname,lname,registration_date, status) VALUES('{$email}','{$password}','{$fname}','{$lname}','{$dateStr}', 0)");