public static function login($loginName, $loginPswd) { session_unset(); $dbc = DB::getDBConnection(); $query = "SELECT * FROM User WHERE " . loginName . " = ? AND " . loginPswd . " = ? "; $stmt = $dbc->prepare($query); $stmt->bind_param("ss", $loginName, $loginPswd); $stmt->execute(); $result = $stmt->get_result(); $row = $result->fetch_assoc(); if ($result->num_rows <= 0) { return false; } $userNo = getUserNoByLoginName($loginName); if (!isset($userNo)) { return false; } if (session_status() != PHP_SESSION_ACTIVE) { session_start(); } $_SESSION["type"] = getUserType($userNo); UserControl::$type = getUserType($userNo); $_SESSION[userNo] = $userNo; $query = "UPDATE User SET " . loginSession . " = '" . session_id() . "' " . "WHERE " . userNo . " = '{$userNo}'"; if (DB::query($query)) { return true; } }
$custAddr = $_POST['custAddr']; if (count(getUserNoByLoginName($loginName)) != 0) { echo "<script> alert('The username already exist!, please change other one!')</script>"; } else { if ($loginPswd != $rePswd) { echo "<script> alert('Password and re-enter password must be same!')</script> "; } else { if ($custAddr == "") { echo "<script> alert('Please enter Address!')</script>"; } else { if (addUser($loginName, $loginPswd)) { if (regCustomer(getUserNoByLoginName($loginName), $custName, $custGender, $custDOB, $custTel, $custAddr, $distNo)) { echo "<script> alert('Successful register!')</script>"; unset($_POST); } else { delUser(getUserNoByLoginName($loginName)); echo "<script> alert('Unsuccessful register!')</script>"; } } else { echo "<script> alert('Unsuccessful register!')</script>"; } } } } } ?> <div class="outer"> <div class="middle"> <div class="inner col-50 col-m-100"> <h1>Register</h1>