Example #1
0
<?php

$error = '';
if (isset($_POST['submit_username'])) {
    if (empty($_POST['newusername']) || empty($_POST['password1']) || !password_verify($_POST['password1'], getUserByID($_SESSION['user_id'])['password'])) {
        $error = 'Username is invalid!';
    } else {
        $Userid = $_SESSION['user_id'];
        $newusername = $_POST['newusername'];
        if (existsUserByName($newusername)) {
            echo '<span class="message">Username "' . $newusername . '" is already taken!</span>';
            exit;
        }
        changeUsername($Userid, $newusername);
        $_SESSION['login_user'] = $newusername;
        echo '<script>window.location = "profile.php"</script>';
    }
}
Example #2
0
<?php

$error = '';
if (isset($_POST['signup'])) {
    if (empty($_POST['username_signup']) || empty($_POST['password_signup'])) {
        $error = 'Username or Password is invalid!';
    } else {
        $username = $_POST['username_signup'];
        if (existsUserByName($username)) {
            echo '<span class="message">User name "' . $username . '" is already taken!</span>';
            exit;
        }
        $password = $_POST['password_signup'];
        $options = ['cost' => strlen($username)];
        $hashedpass = password_hash($password, PASSWORD_DEFAULT, $options);
        insertIntoUser($username, $hashedpass);
        $user = getUserByUserName($username);
        session_start();
        $_SESSION['login_user'] = $username;
        $_SESSION['user_id'] = $user['id'];
        if (!isset($_SESSION['csrf_token'])) {
            $_SESSION['csrf'] = getToken(16);
        }
        echo '<script>window.location = "profile.php"</script>';
    }
}