private function submit() { global $db, $template, $config, $user; //Submit $username_input = (isset($_POST['username_login_input'])) ? $_POST['username_login_input'] : ''; $password_input = (isset($_POST['password_login_input'])) ? $_POST['password_login_input'] : ''; if(strlen($username_input) < 3) { return 1; } if(strlen($password_input) < 8) { return 2; } $sql = "SELECT * FROM users WHERE user_name = '" . $db->sql_escape($username_input) . "'"; $result = $db->sql_query($sql); $user_info = $db->sql_fetchrow($result); if(empty($user_info)) { return 3; } $seeded_password = seed_password($username_input, $password_input); if($user_info['user_password'] != $seeded_password) { return 4; } if($user_info['user_approved'] == 0) { return 5; } $user->log_in($user_info['user_id']); return 0; }
private function submit() { global $db, $template, $config; //Submit $username_input = (isset($_POST['username_input_field'])) ? $_POST['username_input_field'] : ''; //Errorno 1 $email_input = (isset($_POST['email_input_field'])) ? $_POST['email_input_field'] : ''; //Errorno 2 $password_input = (isset($_POST['password_input_field'])) ? $_POST['password_input_field'] : ''; //Errorno 3 if(strlen($username_input) < 3) { return 1; } if(check_email_address($email_input) == false) { return 2; } if(strlen($password_input) < 8) { return 3; } if($config->user_name_exists($username_input)) { return 4; } if($config->user_email_exists($email_input)) { return 5; } $new_password = seed_password($username_input, $password_input); $sql = "INSERT INTO users (user_name, user_email, user_password, user_admin, user_approved) VALUES ('" . $db->sql_escape($username_input) . "', '" . $db->sql_escape($email_input) . "', '" . $db->sql_escape($new_password) . "', 0, 0)"; $db->sql_query($sql); return 0; }