Esempio n. 1
0
<?php

require_once './includes/configuration.php';
require_once './student/student_controller.php';
$display_message = FALSE;
$sc = new Student_controller();
if (isset($_POST['login'])) {
    $user = sanitize_text($_POST['user']);
    $pass = sanitize_text($_POST['pass']);
    $error_msg;
    if ($sc->validate_username($user) !== 1 || $sc->validate_password($pass) === FALSE) {
        $error_msg = "Invalid username or password";
        $display_message;
    } else {
        $answer = $sc->log_member_in($user, $pass);
        if ($answer !== FALSE && $answer !== TRUE) {
            $display_message = TRUE;
        } elseif ($answer === FALSE) {
            $display_message = TRUE;
        }
    }
    if (isset($_SESSION['logged_in'])) {
        if (!empty($_SESSION['tried_url'])) {
            $tried_url = $_SESSION['tried_url'];
            $_SESSION['tried_url'] = null;
            ?>
			<script>window.location = "<?php 
            echo $tried_url;
            ?>
";</script>
			<?php 
Esempio n. 2
0
    //First, let's check if token is correct!
    $form_token = $_POST['token'];
    $sess_token = retrieve_session_token();
    if ($form_token === $sess_token) {
        $pass1 = sanitize_text($_POST['password1']);
        $pass2 = sanitize_text($_POST['password2']);
        $answer = $sc->create_student($username, $firstname, $lastname, $email, $pass1, $pass2);
        if ($answer !== TRUE) {
            ?>
			<script>
				window.location = "#sign-up";
			</script>
			<?php 
            $error_message = "You have not filled out the form according to the requirements";
        } else {
            $sc->log_member_in($username, $pass1);
            ?>
			<script>
				alert('Welcome! :)');
				window.location = "<?php 
            echo W1BASE;
            ?>
member_area.php";
			</script>
			<?php 
        }
    } else {
        $error_message = "It seems as if the form has expired";
    }
}
?>