$username = "******";
$password = "******";
$dbname = "personal_finance";
session_start();
// username and password sent from form
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["username"])) {
header("location: ./index.php");
} else {
echo "***** test **** **** " . $_POST["username"] . " ****";
$myusername = cleanuserdata($_POST['username']);
}
if (empty($_POST["username"])) {
header("location: ./index.php");
} else {
$mypassword = cleanuserdata($_POST['userPassword']);
}
}
try {
$conn = new PDO("mysql:host={$servername};dbname={$dbname}", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$stmt = $conn->prepare("SELECT user_username, user_password FROM user WHERE (user_password = :myusername AND user_username = :mypassword)");
$stmt->bindParam(':myusername', $myusername);
$stmt->bindParam(':mypassword', $mypassword);
$success = $stmt->execute();
$row_count = $stmt->rowCount();
echo "the row count is " . $row_count;
echo " !!!**** Success <br>";
print $success;
// while ($row = $stmt->fetch()) {
// print_r($row);
header("Location: ./login.php");
exit;
} else {
$usersname = cleanuserdata($_POST["user_username"]);
}
if (empty($_POST["user_password"])) {
header("Location: ./login.php");
exit;
} else {
$userspassword = cleanuserdata($_POST["user_password"]);
}
if (empty($_POST["user_email"])) {
header("Location: ./login.php");
exit;
} else {
$usersemail = cleanuserdata($_POST["user_email"]);
}
}
$entdate = $todaysdate;
$stmt->execute();
echo "new User Created " . $usersname;
$_SESSION["username"] = $usersname;
} catch (PDOException $e) {
echo "Error: " . $e->getMessage();
}
$conn = null;
?>
<?php
function cleanuserdata($data)
{
