if (isset($_POST['go'])) { $username = mysqli_real_escape_string($dbConect, htmlspecialchars($_POST['username'])); $password = mysqli_real_escape_string($dbConect, htmlspecialchars($_POST['password'])); if (strlen($username) < 5) { $error = generateErrorMessage("Username should be atleast 5 charaters!"); } if (strlen($password) < 5) { $error = generateErrorMessage("Password should be atleast 5 charaters!"); } $check = mysqli_query($dbConect, "SELECT username FROM users WHERE username = '******'"); $result = $check->num_rows; if ($result > 0) { $error = generateErrorMessage("User already exists"); } else { if ($result == 0) { $insert = mysqli_query($dbConect, "INSERT INTO `users`(`username`, `password`) VALUES ('{$username}', '{$password}')"); if ($insert) { echo generateErrorMessage("Resistred! Enter <a href='index.php'>here</a>!"); } else { echo generateErrorMessage("Failed. Pleaase try again!"); } } } if (isset($error)) { echo $error; } } ?> <?php include './includes/footer.php';
<input class="btn btn-primary" type="submit" name="login" value="Enter" /><a class="btn btn-info" href="register.php">Register</a> </form> <?php if (isset($_POST['login'])) { $username = htmlspecialchars($_POST['username']); $password = htmlspecialchars($_POST['password']); if (strlen($username) < 5) { $error = generateErrorMessage("Username should not be shorter that 5 characters!"); } if (strlen($password) < 5) { $error = generateErrorMessage("Password should not be shorter that 5 characters!"); } if (isset($error)) { echo $error; } else { $check = mysqli_query($dbConect, 'SELECT * FROM users WHERE username = "******" AND password = "******"'); $num = $check->num_rows; if ($num != 0) { $_SESSION['isLogged'] = $username; header("Location: all-messages.php"); } else { $error = generateErrorMessage("Wrong username or password!"); } } } ?> <?php include_once "includes/footer.php";
<a class="btn btn-info" href="all-messages.php">All Messages</a> </div> </div> </form> <?php if (isset($_POST['msg'])) { $content = mysqli_real_escape_string($dbConect, htmlspecialchars($_POST['content'])); $author = mysqli_real_escape_string($dbConect, htmlspecialchars($_SESSION['isLogged'])); if (strlen($content) < 3) { $error = generateErrorMessage("Message is too short"); } if (strlen($content) > 250) { $error = "Message is too long!"; } if (isset($error)) { echo $error; } else { $today = date("d.m.y"); $query = mysqli_query($dbConect, 'INSERT INTO `messages` (`content`, `author`, `post_date`) VALUES ("' . $content . '", "' . $author . '", "' . $today . '")'); if ($query) { header("Location: all-messages.php"); } else { echo generateErrorMessage("Error!"); } } } ?> <?php include './includes/footer.php';