function validate_fields($fields)
{
global $errors;
if (!has_presence($fields["email"])) {
$errors[] = "Email can't be blank";
}
if (!has_presence($fields["password"]) && !isset($_SESSION['id'])) {
$errors[] = "Password can't be blank";
}
if (has_presence($fields["password"]) && $fields["confirm_password"] !== $fields["password"]) {
$errors[] = "Confirm Password Has To be Identical to Password";
}
if (has_presence($fields["email"])) {
$current_user = "";
$result = find_user_by_email($fields["email"]);
$user = mysqli_fetch_row($result);
if (isset($_SESSION['id'])) {
$current_user = mysqli_fetch_row(find_user_by_id($_SESSION['id']));
}
if ($user && $user !== $current_user) {
// email is the 4th column in table user
$errors[] = "Email Already Exists";
}
}
// user regex to check email validity
}
<?php
require_once "./session.php";
require_once "./functions.php";
?>
<?php
if (isset($_POST["login"])) {
$email = mysqli_real_escape_string($db, $_POST["email"]);
$password = mysqli_real_escape_string($db, $_POST["password"]);
$results = find_user_by_email($email);
$user = mysqli_fetch_row($results);
if ($user) {
$hashed_pass = $user[4];
// position of the column (5th)
if (password_verify($password, $hashed_pass)) {
$_SESSION['id'] = $user[0];
$_SESSION['first_name'] = $user[1];
// redirect_to("index.php");
} else {
echo "<label id='error'> Bad email/password </label>";
}
} else {
echo "<label id='error'> Bad email/password </label>";
}
mysqli_free_result($results);
// free memory used to store the results
} elseif (isset($_POST["logout"])) {
// $_SESSION = array();
session_destroy();
// redirect_to("index.php");
function attempt_login($email, $password)
{
$user = find_user_by_email($email);
if ($user) {
// found user, now check password
if (password_check($password, $user["Password"])) {
// password matches
return $user;
} else {
// password does not match
return false;
}
} else {
// user not found
return false;
}
}
