function checkUserPasswordByUsername($username, $password)
{
$user = findUserByUsername($username);
if (!isset($user)) {
return false;
}
// User not found
return password_verify($password, $user['password']);
}
function checkLogin($username, $password)
{
$res = findUserByUsername($username);
if (mysql_num_rows($res) == 0) {
return false;
} else {
$user = mysql_fetch_array($res);
if ($user["password"] == $password) {
return true;
} else {
return false;
}
}
}
?>
<!-- Page Content -->
<div class="container">
<div class="row">
<!-- Blog Entries Column -->
<div class="col-md-8">
<h1 class="page-header">
Author
<?php
if (isset($_GET['username'])) {
$username = $_GET['username'];
$user = findUserByUsername($username);
echo "<small>" . $user['username'] . "</small>";
}
?>
</h1>
<!-- Blog posts -->
<?php
if (isset($_GET['username'])) {
$username = $_GET['username'];
$posts = getPublishedPostsByAuthor($username);
if (count($posts) == 0) {
echo "<h3>No posts for this author</h3>";
}
foreach ($posts as $post) {
require "includes/post_data.php";
<?php
require_once "database/category_functions.php";
require_once "database/users_functions.php";
?>
<?php
/** LOGIN **/
if (isset($_POST['submit_login'])) {
$username = $_POST['username'];
$password = $_POST['password'];
if (checkUserPasswordByUsername($username, $password)) {
$_SESSION['user'] = findUserByUsername($username);
} else {
$loginFailed = true;
}
}
/** LOGOUT **/
if (isset($_POST['submit_logout'])) {
session_unset();
}
?>
<!-- Navigation -->
<nav class="navbar navbar-inverse navbar-fixed-top" role="navigation">
<div class="container">
<!-- Brand and toggle get grouped for better mobile display -->
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#navigation-bar">
<span class="sr-only">Toggle navigation</span>
</head>
<body>
<form action="uploadfile.php" method="post"
enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />
<br />
<input type="submit" name="submit" value="Submit" />
</form>
<?php
ini_set('date.timezone', 'Asia/Shanghai');
//$user=new User("winter","12345","winter木风");
//$res= addUser($user);
//if($res){
// echo '数据插入成功';
//}
//else{
// echo '数据插入失败';
//}
$res = findUserByUsername("winter");
echo mysql_num_rows($res);
while ($row = mysql_fetch_array($res)) {
echo $row['nicname'];
}
?>
</body>
</html>
session_start();
require 'dao.php';
$username_error = $password_error = $repassword_error = $nicname_error = $captcha_error = $nicname = $error = null;
$username = $password = $repassword = $nicname = $captcha = $msg = null;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$username = trim_input(filter_input(INPUT_POST, "username", FILTER_DEFAULT));
$nicname = trim_input(filter_input(INPUT_POST, "nicname", FILTER_DEFAULT));
$password = trim_input(filter_input(INPUT_POST, "password", FILTER_DEFAULT));
$repassword = trim_input(filter_input(INPUT_POST, "repassword", FILTER_DEFAULT));
$captcha = trim_input(filter_input(INPUT_POST, "Captcha", FILTER_DEFAULT));
$flag = true;
if (is_null($username)) {
$username_error = "用户名不能为空";
$flag = false;
} else {
if (mysql_num_rows(findUserByUsername($username)) > 0) {
$username_error = "用户名已存在";
$flag = false;
}
}
if (is_null($password)) {
$password_error = "密码不能为空";
$flag = false;
} else {
if ($password != $repassword) {
$repassword_error = "密码不一致";
$flag = false;
}
}
if ($_SESSION["Checknum"] != $captcha) {
$captcha_error = "验证码输入有误";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (is_null($username)) {
$username_error = "用户名不能为空";
$flag = false;
}
if (is_null($password)) {
$password_error = "密码不能为空";
$flag = false;
}
if (is_null($captcha) || $checkcode != strtolower($captcha)) {
$captcha_error = "验证码输入有误";
$flag = false;
}
if ($flag) {
if (checkLogin($username, md5($password))) {
$user = mysql_fetch_array(findUserByUsername($username));
$_SESSION["user"] = $user;
header("location:userindex.php");
} else {
$username_error = "用户名或密码输入有误";
}
}
}
$weekday = array("星期一", "星期二", "星期三", "星期四", "星期五", "星期六", "星期天");
$weekdate = $weekday[date("N") - 1];
?>
<html>
<!DOCTYPE html>
<html lang="en" class="no-js">
<head>
<?php
require_once "database/users_functions.php";
?>
<?php
if (isset($_POST['submit_register'])) {
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$password_check = $_POST['password_check'];
//Error handling
if (empty(trim($username))) {
$username_error = "Username can not be empty";
}
$userWithUsername = findUserByUsername($username);
if (isset($userWithUsername)) {
$username_error = "Username already taken";
}
if (empty(trim($email))) {
$email_error = "Email can not be empty";
}
$password_errors = [];
if (empty(trim($password))) {
$password_errors[] = "Password can not be empty";
}
if ($password != $password_check) {
$password_errors[] = "Password and password confirmation don't match";
}
if (!isset($username_error) && !isset($email_error) && count($password_errors) == 0) {
insertUser($username, $password, "", "", $email, "", "Subscriber");
$user['username'] = $_POST['user_username'];
$user['email'] = $_POST['user_email'];
$user['first_name'] = $_POST['user_first_name'];
$user['last_name'] = $_POST['user_last_name'];
$user['role'] = $_POST['user_role'];
$user_image = $_FILES['user_image']['name'];
$user_image_tmp = $_FILES['user_image']['tmp_name'];
move_uploaded_file($user_image_tmp, "../images/" . $user_image);
$user_password = $_POST['user_password'];
$user_password_check = $_POST['user_password_check'];
//Error handling
$error_messages = [];
if (empty(trim($user['username']))) {
$error_messages[] = "Username can not be empty";
}
$userWithUsername = findUserByUsername($user['username']);
if (isset($userWithUsername)) {
$error_messages[] = "Username already taken";
}
if (empty(trim($user['email']))) {
$error_messages[] = "Email can not be empty";
}
/*if (empty(trim($user['first_name']))) {
$error_messages[] = "First name can not be empty";
}
if (empty(trim($user['last_name']))) {
$error_messages[] = "Last name can not be empty";
}*/
if (empty(trim($user_password))) {
$error_messages[] = "Password can not be empty";
}
