<?php
include_once 'connections.php';
$fname = $lname = $email = $password = $gender = $address = $phone = $msg = "";
if (isset($_POST['register']) && $_POST['register'] == "Register") {
$fname = secure_input($_POST["fname"]);
$lname = secure_input($_POST["lname"]);
$email = secure_input($_POST["email"]);
$password = md5($_POST["password"]);
$gender = secure_input($_POST["gender"]);
$address = secure_input($_POST["address"]);
$phone = secure_input($_POST["phone"]);
$sql = "INSERT INTO Users " . "(fname, lname, email, password, gender, address, phone ) " . "VALUES " . "('{$fname}','{$lname}','{$email}', '{$password}', '{$gender}', '{$address}', '{$phone}')";
$retval = mysql_query($sql);
if (!$retval) {
die('Oops, Some error! Please contact support team for more details ' . mysql_error());
} else {
$_SESSION['msg'] = "You have registerd Succesfully!";
header('Location:login.php');
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Practical Task</title>
<meta charset="utf-8">
<?php
include_once 'connections.php';
$email = $password = "";
if (isset($_POST['login']) && $_POST['login'] == "Login") {
$email = secure_input($_POST["email"]);
$password = md5($_POST["password"]);
$sql = "SELECT * FROM Users WHERE email ='{$email}' and password='******'";
$result = mysql_query($sql);
// Mysql_num_row is counting table row
$count = mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if ($count == 1) {
$_SESSION['login'] = $email;
header("location:index.php");
} else {
$_SESSION['msg'] = "Login details are Incorrect!";
header('Location:login.php');
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Login</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0">
