public function __construct() { $dbinfo = MyDatabase::getConnectionDetails(); $host = $dbinfo["host"]; $database = $dbinfo["database"]; $username = $dbinfo["username"]; $password = $dbinfo["password"]; $db = new MyDatabase($host, $database, $username, $password); $this->conn = $db->get_connection(); }
<?php if (isset($_POST["submit"])) { $username = trim($_POST["username"]); $password = trim($_POST["password"]); if (strlen($username) == 0 || strlen($password) == 0) { echo '<script type="text/javascript">' . '$(".error-message").removeClass("hidden");' . '$(".error-message p strong").html("You\'ve got an empty field");' . 'setTimeout(function() {$(".error-message").hide();}, 3000);' . '</script>'; return; } $dbinfo = MyDatabase::getConnectionDetails(); $host = $dbinfo["host"]; $database = $dbinfo["database"]; $db_username = $dbinfo["username"]; $db_password = $dbinfo["password"]; $db = new MyDatabase($host, $database, $db_username, $db_password); $conn = $db->get_connection(); $query = "SELECT * FROM authentication WHERE username = ?"; $stmt = $conn->prepare($query); $stmt->bindParam("1", $username); $stmt->execute(); $result = $stmt->fetch(PDO::FETCH_ASSOC); /*echo(var_dump($result));*/ if ($result == false) { echo '<script type="text/javascript">' . '$(".error-message").removeClass("hidden");' . '$(".error-message p strong").html("Your username or password is wrong");' . 'setTimeout(function() {$(".error-message").hide();}, 3000);' . '</script>'; } else { if (password_verify($password, $result["password"])) { if ($result["locked"] == 0) { $_SESSION["auth"] = true; $_SESSION["role"] = $result["role"]; $_SESSION["locked"] = $result["locked"]; header("LOCATION:index.php");
</div> </div> <?php if (isset($_POST["addUser"])) { // echo("something"); $username = trim($_POST["username"]); $password = trim($_POST["password"]); $confirmPassword = trim($_POST["confirmPassword"]); if (strlen($username) == 0 || strlen($password) == 0 || strlen($confirmPassword) == 0) { echo '<script>' . '$("#alert-message").removeClass("hidden");' . '$("#alert-message").addClass("alert-danger");' . '$("#alert-message p strong").html("You have an empty field");' . 'setTimeout(function() {$("#alert-message").addClass("hidden");$("#alert-message").removeClass("alert-danger");}, 5000);' . '</script>'; } else { if ($password != $confirmPassword) { echo '<script>' . '$("#alert-message").removeClass("hidden");' . '$("#alert-message").addClass("alert-danger");' . '$("#alert-message p strong").html("Please type in the same password");' . 'setTimeout(function() {$("#alert-message").addClass("hidden");$("#alert-message").removeClass("alert-danger");}, 5000);' . '</script>'; } else { $conn = $db->get_connection(); $returned_code = 00; $enc_password = password_hash($password, PASSWORD_DEFAULT); $query = "INSERT INTO authentication (username, password) VALUES (?,?)"; $stmt = $conn->prepare($query); $stmt->bindParam("1", $username); $stmt->bindParam("2", $enc_password); try { $stmt->execute(); } catch (PDOException $e) { //echo($e->getCode()); $returned_code = $e->getCode(); } if ($returned_code == 00) { echo '<script>' . '$("#alert-message").removeClass("hidden");' . '$("#alert-message").addClass("alert-success");' . '$("#alert-message p strong").html("User successfully inserted");' . 'setTimeout(function() {$("#alert-message").addClass("hidden");$("#alert-message").removeClass("alert-success");}, 5000);' . '</script>'; } else {