コード例 #1
0
ファイル: admin.php プロジェクト: Yves-T/phpShopping
    if ($_POST) {
        $data = $_POST;
        $data['userName'] = trim($data['userName']);
        if (empty($data['userName'])) {
            $errors['email'] = 'Username veld is verplicht!';
        }
        if (empty($data['password'])) {
            $errors['password'] = '******';
        }
        if (empty($errors)) {
            $query = 'SELECT * FROM user WHERE username=:username';
            $stmt = $db->prepare($query);
            $stmt->execute(['username' => $data['userName']]);
            $result = $stmt->fetch();
            if (isset($result)) {
                $userValid = SecurePassword::validatePassword($result['salt'], $result['password'], $data['password']);
                if ($userValid) {
                    $_SESSION[USER] = $result['username'];
                    header('location: admin/index.php');
                }
            }
            if (!isset($_SESSION[USER])) {
                $errors['algemeen'] = 'De login gegevens kloppen niet! Probeer opnieuw.';
            }
        }
    }
}
?>

<?php 
if (!empty($errors)) {
コード例 #2
0
ファイル: OwnerLogin.php プロジェクト: superflyz/wallfly-mvc
include $_SERVER['DOCUMENT_ROOT'] . "/wallfly-mvc/app/config/database.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/wallfly-mvc/app/core/Database.php";
include "securepassword.php";
$checkUser = "******";
$checkPassword = "******";
$_SESSION['loginError'] = "";
$response = array("error" => FALSE);
try {
    $DBH = Database::getInstance();
    $DBH->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
    echo "Unable to connect";
    file_put_contents('Log/PDOErrorLog.txt', $e->getMessage(), FILE_APPEND);
}
try {
    $securePass = new SecurePassword();
    //execute the SQL query and return records
    $statement = $DBH->prepare("SELECT * FROM super_user WHERE email=:email");
    $statement->execute(['email' => $checkUser]);
    $result = $statement->fetch(PDO::FETCH_OBJ);
    if ($result) {
        $comparehash = $securePass->validate_password($checkPassword, $result->password);
        if ($comparehash) {
            //session expire setup
            $_SESSION["expiration"] = time() + 1800;
            //session user setup
            $response["usertype"] = "Owner";
            $response["username"] = $result->email;
            $response['userFirstName'] = $result->firstname;
            $response['userLastName'] = $result->lastname;
            echo json_encode($response);
コード例 #3
0
 public function enterNewUser($validForm, $userName, $password, $userType, $email, $firstName, $lastName)
 {
     $this->valid = $validForm;
     if ($this->valid == false) {
         echo "<script type='text/javascript'> openModal(); </script>";
         exit;
     }
     if (isset($_SESSION["signedUp"]) && $_SESSION["signedUp"] == "true") {
         $_SESSION["signedUp"] = "";
         //database adding
         try {
             $DBH = Database::getInstance();
             $DBH->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
         } catch (PDOException $e) {
             echo "Unable to connect";
             file_put_contents('Log/PDOErrorLog.txt', $e->getMessage(), FILE_APPEND);
         }
         # query db for username
         $statement = $DBH->prepare("SELECT username FROM user WHERE username=:userName");
         $statement->bindParam(':userName', $userName);
         $statement2 = $DBH->prepare("SELECT email FROM user WHERE email=:email");
         $statement2->bindParam(':email', $email);
         $statement->execute();
         $statement2->execute();
         # setting the fetch mode
         $statement->setFetchMode(PDO::FETCH_OBJ);
         $statement2->setFetchMode(PDO::FETCH_OBJ);
         # handling the results
         if ($statement->rowCount() > 0) {
             echo "<script type='text/javascript'>";
             echo 'sweetAlert("Sorry", "That username already exists", "error");';
             //                echo "alert('Sorry that username already exists');";
             echo "openModal()";
             echo "</script>";
             exit;
         } elseif ($statement2->rowCount() > 0) {
             echo "<script type='text/javascript'>";
             echo 'sweetAlert("Sorry", "That email is already registered", "error");';
             //                echo "alert('Sorry that email is already registered');";
             echo "openModal()";
             echo "</script>";
             exit;
         } else {
             $securePass = new SecurePassword();
             $this->hashedPassword = $securePass->create_hash($password);
             $statement3 = $DBH->prepare("INSERT INTO user(username, password, privilege, email, first_name, last_name)\n                    VALUES(:username, :password, :usertype, :email, :first_name, :last_name)");
             $result = $statement3->execute(array("username" => $userName, "password" => $this->hashedPassword, "usertype" => $userType, "email" => $email, "first_name" => $firstName, "last_name" => $lastName));
             #close db connection
             $DBH = NULL;
             #clear the saved form
             $_POST = array();
             $userName = $password = $firstName = $lastName = $email = $userType = "";
             $_SESSION[newSignUp] = 'true';
             header('Location: index.php');
             exit;
         }
     }
 }