예제 #1
0
         // Email Validation:
         $Invalid_Mail = validate_email($Mail, $error);
         if (!$Invalid_Mail) {
             // Checking if Email Exist:
             $Email_Exist = isEmailExist($Mail, $error);
         }
     }
     if ($_FILES["Image"]["size"]) {
         // Checking if File Size Exceded Limit:
         $ImageSize_err = validate_image_size($_FILES["Image"]["size"], $error);
         // Checking if the File is Invalid:
         $ImageType_err = validate_image_type($_FILES["Image"]["type"], $error);
     }
     if ($OLD_PWD) {
         // Password Check:
         $Invalid_Pass = passwordMatch($_SESSION['user_id'], ROT13($OLD_PWD), $error);
         // Password Match Check:
         if (!empty($OLD_PWD) && !$Invalid_Pass) {
             $Miss_Match = $NEW_PWD == $RE_PWD ? "" : "Password doesn't match!";
             $error = $Miss_Match ? true : false;
         }
     }
 }
 if (!$u_missing && !$error) {
     $Image = $_FILES["Image"]["name"];
     $extension = end(explode(".", $Image));
     $newFileName = "members/" . $Member->getUserID() . "." . $extension;
     move_uploaded_file($_FILES["Image"]["tmp_name"], '../' . $newFileName);
     // Updating UserIDs Table:
     $data = array();
     $NEW_PWD ? $data['PWD'] = ROT13($NEW_PWD) : '';
예제 #2
0
<?php

include 'includes/connection.php';
$username = $_POST['username'];
$pass = $_POST['pass'];
//provjera usernamea
if (userExists($username)) {
    //provjera passworda
    if (passwordMatch($pass, $username)) {
        echo "You have successfully loged in!</br>";
        echo "<a href='homePage.php'>Return to home page</a>";
    } else {
        echo "<script type='text/javascript'>alert('Password does not match'); history.go(-1);</script>";
    }
} else {
    echo "<script type='text/javascript'>alert('Username not found'); history.go(-1);</script>";
}
//funkcije
function userExists($username)
{
    $query = mysql_query("SELECT COUNT(`user_id`) FROM users WHERE `username`='{$username}'");
    return mysql_result($query, 0) == 1 ? true : false;
}
function passwordMatch($pass, $username)
{
    $query = mysql_query("SELECT `password` FROM users WHERE `username`='{$username}'");
    $password = mysql_fetch_assoc($query);
    if ($password['password'] == $pass) {
        return 1;
    } else {
        return 0;