session_start();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$name = $_POST['name'];
$row_password = $_POST['password'];
$errors = array();
// バリデーション
if ($name == '') {
$errors['name'] = 'ユーザネームが未入力です';
}
if ($row_password == '') {
$errors['password'] = '******';
}
if (is_registered($name)) {
$errors['registered_name'] = '既に登録されているユーザーネームなので変更してください';
}
$password = my_password_hash($row_password);
// バリデーション突破後
if (empty($errors)) {
$dbh = connectDatabase();
$sql = "insert into users (name, hashed_password, created_at) values\n (:name, :password, now());";
$stmt = $dbh->prepare($sql);
$stmt->bindParam(":name", $name);
$stmt->bindParam(":password", $password);
$stmt->execute();
var_dump($_POST);
echo '<hr>';
var_dump($errors);
header('Location: login.php');
exit;
}
}
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$name = $_POST['name'];
$password = $_POST['password'];
$errors = array();
// バリデーション
if ($name == '') {
$errors['name'] = 'ユーザネームが未入力です';
}
if ($password == '') {
$errors['password'] = '******';
}
// バリデーション突破後
if (empty($errors)) {
$dbh = connectDatabase();
$hashed_password = my_password_hash($password);
$sql = "select * from users where name = :name";
$stmt = $dbh->prepare($sql);
$stmt->bindParam(":name", $name);
$stmt->execute();
$row = $stmt->fetch();
var_dump($row);
if ($row) {
$hashed_password = $row["hashed_password"];
if (password_verify($password, $hashed_password)) {
$_SESSION['id'] = $row['id'];
header('Location: index.php');
exit;
} else {
echo 'ユーザネームかパスワードが間違っています';
}
