function action_index() { $data = ''; if ($_POST) { try { $username = trim($_POST['username']); $password = trim($_POST['password']); //checking entered data if (empty($username) || empty($password)) { throw new Exception("All fields are required!", 1); } // check if user exists $userD = $this->model->userExists($username, 'username'); if (!$userD) { throw new Exception("Incorrect username or password.", 1); } if (password_verify($password, $userD['password'])) { Session::set('admin', $username); Session::addNotification('Successfully logged in!', 'success'); Redirect::url('/'); } else { throw new Exception("Incorrect username or password.", 1); } } catch (Exception $e) { // defining message of error $data["access_denied"] = $e->getMessage(); } } $this->view->generate('login_view.php', 'template_view.php', $data); }
function action_index() { $data = ''; if ($_POST) { try { $username = trim($_POST['username']); $password = trim($_POST['password']); $password2 = trim($_POST['password2']); $email = trim($_POST['email']); $registered = time(); $hashedpassword = password_hash($password, PASSWORD_DEFAULT); $activation_key = md5(uniqid(rand(), true)); // verify data if (empty($username) || empty($password) || empty($email)) { throw new Exception("All fields are required", 1); } if ($password !== $password2) { throw new Exception("Please verify your password correclty!", 1); } // allow only alphanumeric, hyphen and underscores if (preg_match('/[^a-z_\\-0-9]/i', $username)) { throw new Exception("Username cannot have any space. It MUST be one word with 6 or more characters.", 1); } if (strlen($username) < 6) { throw new Exception("Username MUST be 6 or more characters.", 1); } if ($this->model->isRegistered($username, 'username')) { throw new Exception("Username is already taken", 1); } if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { throw new Exception("Please use a valid email address!", 1); } if ($this->model->isRegistered($email, 'email')) { throw new Exception("Email is invalid or already taken", 1); } $userData = [$username, $hashedpassword, $email, $registered, $activation_key]; $insertUser = $this->model->addUser($userData); if ($insertUser) { Session::addNotification('Your account was successfully created!', 'success'); Redirect::url('/login'); } else { throw new Exception("An error has occured!", 1); } } catch (Exception $e) { $data["access_denied"] = $e->getMessage(); } } $this->view->generate('register_view.php', 'template_view.php', $data); }