/
process.php
80 lines (65 loc) · 1.81 KB
/
process.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
<?php
session_start();
require('connection.php');
if(isset($_POST['action']) && $_POST['action'] == 'register'){
register_user($_POST);
}
elseif(isset($_POST['action']) && $_POST['action'] == 'login'){
login_user($_POST);
}
else{
session_destroy();
header('location: index.php');
die();
}
function register_user($post){
// --------begin val checks---------------
$_SESSION['errors'] = array();
if(empty($post['first_name'])){
$_SESSION['errors'][] = "first name can't be blank";
}
if(empty($post['last_name'])){
$_SESSION['errors'][] = "last name can't be blank";
}
if(empty($post['password'])){
$_SESSION['errors'][] = "password can't be blank";
}
if($post['password'] !== $post['confirm_password']){
$_SESSION['errors'][] = "password must match";
}
if (!filter_var($post['email'], FILTER_VALIDATE_EMAIL)){
$_SESSION['errors'][] = "please use a valid email";
}
//-------end of validation checks
if(count($_SESSION['errors']) >0){ //if there's any errors at all
header('location: index.php');
die();
}
else{ //insert database
$query = "INSERT INTO users (first_name, last_name, email, password, created_at, updated_at)
VALUES ('{$post['first_name']}','{$post['last_name']}','{$post['email']}','{$post['password']}',NOW(),NOW())";
run_mysql_query($query);
$_SESSION['success_message'] = 'Yay, you did it!';
header('location: index.php');
die();
}
}
function login_user($post){
$query = "SELECT * FROM users WHERE users.password = '{$post['password']}'
AND users.email = '{$post['email']}'";
$user = fetch($query);
if(count($user) > 0)
{
$_SESSION['user_id'] = $user[0]['id'];
$_SESSION['first_name'] = $user[0]['first_name'];
$_SESSION['logged_in'] = TRUE;
header('location: success.php');
}
else
{
$_SESSION['errors'][] = "lies!";
header('location: index.php');
die();
}
}
?>