<?php
include "sanitization.php";
$return = "fail";
//the value that is returned to Ajax
if (isset($_POST['name']) && isset($_POST['password'])) {
$username = sanitizeMYSQL($connection, $_POST['name']);
//sanitize the username
$password = md5(sanitizeMYSQL($connection, $_POST['password']));
//sanitize the password, and encrypt it
$query = "SELECT * FROM Customer WHERE Name='" . $username . "' AND Password='******'";
$result = mysqli_query($connection, $query);
if ($result) {
$row_count = mysqli_num_rows($result);
if ($row_count == 1) {
//start a session
$row = mysqli_fetch_array($result);
session_start();
//we start a session
$_SESSION['start'] = time();
//we set that to make the session expire after some time
$_SESSION['username'] = $row["name"];
//we save the customer name here.
$_SESSION['ID'] = $row["ID"];
// Also save the user's ID for updates and fast SQL queries.
ini_set('session.use_only_cookies', 1);
//use cookies only, prevent session hijacking
$return = "success";
//login succeeded
}
}
<!--Site Controller-->
<?php
include "sanitization.php";
$result = "";
// We don't want to do anything unless there is an active session
if (isset($_POST['type']) && is_session_active()) {
// What kind of request is this?
// Make sure it's not something nasty
$request_type = sanitizeMYSQL($connection, $_POST['type']);
// What do we want to do with it?
switch ($request_type) {
case "logout":
logout();
$result = "success";
break;
case "search":
// If the search query didn't make it through we don't want to do anything.
if (isset($_POST['value'])) {
$search_string = $_POST['value'];
$result = find_cars($connection, $search_string);
} else {
$result = "failure";
}
break;
case "rent":
if (isset($_POST['value'])) {
// This should work
$result = rent_car($connection, $_POST['value']);
} else {
$result = "failure";
}
