?> </div> <?php } ?> </div> <?php } ?> <div id="friends"> <h3>Current Users:</h3> <?php $users = readUsers(); foreach ($users as $u) { if (!isPendingUser($u->username)) { $uname = $u->username; $picture = $u->pic; if (!in_array($u->username, getFriends($_SESSION['username']))) { ?> <div class="user"> <?php echo '<a href="profile.php?uname=' . $uname . '"><img class="thumbnails" src="' . $picture . '" alt="user1" /></a>'; ?> <?php echo $uname; ?> </div> <?php } }
<?php $pageTitle = 'Log In / Log Out'; include 'header.php'; /* * TODO: Authenticate the user by salting & hashing the entered password and comparing it with the salted hashed password for that username */ $error = ""; if (isset($_POST['username'])) { if (isPendingUser($_POST['username'])) { $error = "Sorry, you are still a pending user. You may not login."; } else { $uname = sanitize($_POST['username']); $pass = ""; if (isset($_POST['enteredPassword'])) { $pass = $_POST['enteredPassword']; } // authentication $users = readUsers(); foreach ($users as $user) { if ($user->username == $uname) { if (saltedHash($pass, $uname) == $user->passwd) { // authentication successful! $_SESSION['username'] = $uname; $success = "User {$uname} logged in successfully!"; } else { $error = "Invalid password for user {$uname}. Try again."; } break; } }