// Email Validation: $Invalid_Mail = validate_email($Mail, $error); if (!$Invalid_Mail) { // Checking if Email Exist: $Email_Exist = isEmailExist($Mail, $error); } } if ($_FILES["Image"]["size"]) { // Checking if File Size Exceded Limit: $ImageSize_err = validate_image_size($_FILES["Image"]["size"], $error); // Checking if the File is Invalid: $ImageType_err = validate_image_type($_FILES["Image"]["type"], $error); } if ($OLD_PWD) { // Password Check: $Invalid_Pass = passwordMatch($_SESSION['user_id'], ROT13($OLD_PWD), $error); // Password Match Check: if (!empty($OLD_PWD) && !$Invalid_Pass) { $Miss_Match = $NEW_PWD == $RE_PWD ? "" : "Password doesn't match!"; $error = $Miss_Match ? true : false; } } } if (!$u_missing && !$error) { $Image = $_FILES["Image"]["name"]; $extension = end(explode(".", $Image)); $newFileName = "members/" . $Member->getUserID() . "." . $extension; move_uploaded_file($_FILES["Image"]["tmp_name"], '../' . $newFileName); // Updating UserIDs Table: $data = array(); $NEW_PWD ? $data['PWD'] = ROT13($NEW_PWD) : '';
<?php include 'includes/connection.php'; $username = $_POST['username']; $pass = $_POST['pass']; //provjera usernamea if (userExists($username)) { //provjera passworda if (passwordMatch($pass, $username)) { echo "You have successfully loged in!</br>"; echo "<a href='homePage.php'>Return to home page</a>"; } else { echo "<script type='text/javascript'>alert('Password does not match'); history.go(-1);</script>"; } } else { echo "<script type='text/javascript'>alert('Username not found'); history.go(-1);</script>"; } //funkcije function userExists($username) { $query = mysql_query("SELECT COUNT(`user_id`) FROM users WHERE `username`='{$username}'"); return mysql_result($query, 0) == 1 ? true : false; } function passwordMatch($pass, $username) { $query = mysql_query("SELECT `password` FROM users WHERE `username`='{$username}'"); $password = mysql_fetch_assoc($query); if ($password['password'] == $pass) { return 1; } else { return 0;