<?php
session_start();
require_once "../php-assets/class.user.php";
$login = new USER();
if ($login->is_loggedin() != "") {
$login->redirect('advert-overview.php');
}
if (isset($_POST['login-button'])) {
$user_email = strip_tags($_POST['user-email']);
$user_password = strip_tags($_POST['user-password']);
if ($login->doLogin($user_email, $user_password)) {
$login->redirect('advert-overview.php');
} else {
$error[] = "Je inloggegevens zijn niet correct.";
}
}
?>
<!doctype html>
<html class="no-js" lang="nl">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Aanmelden</title>
<link rel="stylesheet" href="../css/minimum-viable-product.min.css">
</head>
<body>
<div class="full-width full-width-login">
<div class="half-height-gradient"></div>
<div class="row">
<div class="large-4 medium-6 small-12 small-centered columns login-input-panel">
$user->redirect('advert-overview.php');
}
if (isset($_POST['register-button'])) {
$user_first_name = strip_tags(htmlentities($_POST['user-first-name'], ENT_COMPAT, 'UTF-8'));
$user_last_name = strip_tags(htmlentities($_POST['user-last-name'], ENT_COMPAT, 'UTF-8'));
$user_email = strip_tags($_POST['user-email']);
$user_password = strip_tags($_POST['user-password']);
try {
$stmt = $user->runQuery("SELECT user_firstname, user_email FROM tbl_user WHERE user_firstname=:user_first_name OR user_email=:user_email");
$stmt->execute(array(':user_first_name' => $user_first_name, ':user_email' => $user_email));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row['user_email'] == $user_email) {
$error[] = "Er is al een account aangemaakt met dit e-mail adres.";
} else {
if ($user->register($user_first_name, $user_last_name, $user_email, $user_password)) {
$user->doLogin($user_email, $user_password);
$user->redirect('advert-overview.php');
}
}
} catch (PDOException $e) {
echo $e->getMessage();
}
}
?>
<!doctype html>
<html class="no-js" lang="nl">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Account aanmaken</title>
<link rel="stylesheet" href="../css/minimum-viable-product.min.css">
</head>
switch ($_GET['act']) {
case 'login':
case 'logout':
//-------------------
// LOGIN/LOGOUT
//-------------------
if (isset($_GET['act']) && $_GET['act'] == "logout") {
logout();
}
// Process the input
if (!empty($_GET['tkl'])) {
if (isset($_POST['username']) && preg_match('/^[a-z0-9_?]{1,20}$/iD', $_POST['username']) && strlen($_POST['password']) < 40) {
$DB->query("SELECT\n\t\t\t\t\tID,\n\t\t\t\t\tPassword,\n\t\t\t\t\tSecret,\n\t\t\t\t\tEnabled\n\t\t\t\t\tFROM users WHERE Username='******'username']) . "'\n\t\t\t\t\tAND Username<>''");
list($UserID, $PassHash, $Secret, $Enabled) = $DB->next_record();
if ($UserID && $PassHash == make_hash($_POST['password'], $Secret) && $Enabled == 1) {
$User->doLogin($UserID);
if (empty($_POST['ref_page'])) {
header("Location: index.php");
} else {
$URL = base64_decode($_POST['ref_page']);
if (preg_match('/^\\/[a-zA-Z0-9]+\\.php/i', $URL)) {
header("Location: {$URL}");
} else {
header("Location: index.php");
}
}
exit;
} else {
echo "<font color='red'><strong>BAD USERNAME/PASSWORD, try again</strong></font>";
}
} else {
<?php
session_start();
require_once "class.user.php";
$login = new USER();
if ($login->is_loggedin() != "") {
$login->redirect('home.php');
}
if (isset($_POST['btn-login'])) {
$uname = strip_tags($_POST['username']);
$umail = strip_tags($_POST['username']);
$upass = strip_tags($_POST['password']);
if ($login->doLogin($uname, $umail, $upass)) {
$login->redirect('home.php');
} else {
$error = "Wrong Details !";
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Login - PAPS</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<meta name="apple-mobile-web-app-capable" content="yes">
<link href="css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<link href="css/bootstrap-responsive.min.css" rel="stylesheet" type="text/css" />
$stmt = $user->runQuery("SELECT * FROM tbl_user WHERE user_email=:user_email");
$stmt->execute(array(":user_email" => $email_decoded));
$userRow = $stmt->fetch(PDO::FETCH_ASSOC);
// Changing the password and updating the database
if (isset($_POST['password-reset-button'])) {
$user_new_password = strip_tags($_POST['user-password']);
$_SESSION['user_password'] = strip_tags($_POST['user-password']);
if ($user->resetPassword($email_decoded, $user_new_password)) {
$success_message = "Wachtwoord gewijzigd!";
} else {
$error_message = "Je wachtwoord is niet gewijzigd.";
}
}
// Redirecting user after successful password change
if (isset($_POST['password-reset-login-button'])) {
if ($user->doLogin($email_decoded, $_SESSION['user_password'])) {
$user->redirect('advert-overview.php');
}
}
?>
<!doctype html>
<html class="no-js" lang="nl">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Wachtwoord wijzigen</title>
<link rel="stylesheet" href="../css/minimum-viable-product.min.css">
<link href="https://file.myfontastic.com/QxAJVhmfbQ2t7NGCUAnz9P/icons.css" rel="stylesheet">
</head>
<body>
<div class="full-width full-width-password-reset">
