function protectPage() { if (!isset($_SESSION['userId']) or !isset($_SESSION['userName'])) { getOut(); } elseif (!validateUser($_SESSION['userLogin'], $_SESSION['userPassword'])) { getOut(); } }
function performDelete() { validateUser(); withStatement("DELETE FROM DATA WHERE id=?", function ($statement) { $id = getParameter(PARAMETER_ID, PARAMETER_REQUIRED); $statement->bind_param("s", $id); executeStatement($statement); }); }
function authenticate_user($username, $password) { //Returns whether the account is valid or not $validated = validateUser($username, $password); // This means the entered details have been validated and are correct if ($validated == 1) { $returned_values = give_key($username); // Debug by checking whats been returned print_r($returned_values); return $returned_values; } else { if ($validated == 2) { return "Your username or password may have been incorrect!"; } else { return 'This account does not exists'; } } }
function isLoggedIn($dbHandle, $dbHost, $dbUser, $dbPass, $dbName) { $dbHandle = dbConnect($dbHandle, $dbHost, $dbUser, $dbPass, $dbName); if ($_SESSION['valid']) { return true; } else { if (checkCookie($dbHandle, $dbHost, $dbUser, $dbPass, $dbName)) { validateUser(true); //Set user info in session $_SESSION['user_id'] = $_COOKIE['user_id']; $userInfo = getUserInfo($dbHandle, $_COOKIE['user_id']); $_SESSION['username'] = $userInfo['username']; $_SESSION['imageUrl'] = $userInfo['image_url']; $_SESSION['accLevel'] = $userInfo['acc_level']; return true; } } return false; }
<?php include 'include_config.php'; if (isset($_GET['r']) || isset($_SESSION['ERROR'])) { $strInfo = $_SESSION['ERROR']; unset($_SESSION['ERROR']); } if (isset($_GET['r'])) { if ($_GET['r'] == 'req') { $strWarning = 'Login required to access ' . SITE_TITLE; } } if (isset($_POST['txtUser']) && isset($_POST['txtPassword'])) { $strResponse = validateUser($_POST['txtUser'], $_POST['txtPassword']); if ($strResponse != '1') { $strError = 'Odd. For some reason I had a difficult time validating your login.<br>Please try again, and good luck!'; } else { $strSuccess = 'Congrats, you\'ve been authenticated!<br>What would you like to do today?'; if (isset($_SESSION['REQUEST_URI']) && $_SESSION['REQUEST_URI'] != '') { header("Location: http://" . $_SERVER['HTTP_HOST'] . $_SESSION['REQUEST_URI']); } else { header("Location: http://" . $_SERVER['HTTP_HOST']); } } } ?> <!DOCTYPE html> <html lang="en"> <head> <?php include 'include_head.php';
function login($username, $password) { $result = validateUser($username, $password); if ($result['UserName'] === $username) { $_SESSION["UserName"] = $result['UserName']; $_SESSION["UserID"] = $result['UserID']; return true; } return false; }
<?php session_start(); if (isset($_SESSION['username'])) { header('Location: profile.php'); } if(strtolower($_SERVER['REQUEST_METHOD']) == 'post') { $username = isset($_POST['username']) ? $_POST['username'] : null; $password = isset($_POST['password']) ? $_POST['password'] : null; $user = getUser($username); if ($user && validateUser($user, $password)) { $_SESSION['username'] = $username; setcookie('firstName', $user['firstName'], time() + 60*60); setcookie('lastName', $user['lastName'], time() + 60*60); header('Location: profile.php'); } else { $error = 'Could not log user in'; } } ?> <? if(isset($error)) { ?> <p><?= $error ?></p> <? } ?> <form action="<?= $_SERVER['PHP_SELF'] ?>" method="post"> <input type="text" name="username" /> <input type="password" name="password" /> <input type="submit" value="Submit" />
$userData = mysql_fetch_array($result, MYSQL_ASSOC); $userData2 = mysql_fetch_array($result2, MYSQL_ASSOC); $hash = hash('sha256', $userData['salt'] . hash('sha256', $password)); $hash2 = hash('sha256', $userData2['salt'] . hash('sha256', $password)); //check if passwords match if ($hash != $userData['password'] && $hash2 != $userData2['password']) { $passwords_match = FALSE; } else { if ($hash == $userData2['password']) { $username = $userData2['username']; } } if ($username_not_empty == TRUE && $username_valid == TRUE && $password_not_empty == TRUE && $passwords_match == TRUE) { $_SESSION['username'] = $username; $md5pass = md5($hash); validateUser(); //sets the session data for this user // set user level $query = "SELECT membership_status_id\n FROM {$usertable}\n WHERE username = '******';"; $result = mysql_query($query); $result_arr = mysql_fetch_array($result); $_SESSION['userlevel'] = $result_arr[0]; $isAdmin = $result_arr[0] == $mem_status_admin; //set remember me cookie for 30 days if (isset($_POST["remember"])) { setcookie("clearview_user", $_SESSION['username'], time() + 60 * 60 * 24 * 30, "/"); setcookie("clearview_pass", "{$md5pass}", time() + 60 * 60 * 24 * 30, "/"); } } header('Location: ' . htmlentities($_SERVER['PHP_SELF'])); }
$ret = json_decode($ret); $ret->mail = false; if ($ret->response) { $ret->mail = Util::send_mail($data['email_id'], "Registration Confirmation", "Thank you for registering with the isUD website. Please login to visit the inclusive design solutions."); } } else { $ret->response = false; $ret->message = "Recaptcha verification failed."; } //$ret->m = $captchaResponse['challenge_ts']." ".$captchaResponse['success']; print json_encode($ret); } if ($columns === "LOGIN") { $username = $_POST['username']; $password = $_POST['password']; print validateUser($username, $password); } if ($columns === "EDIT_PROFILE_RETRIEVE") { $ret["response"] = isLoggedIn(); $ret["data"] = getPublicUserData($_SESSION["user"]); print json_encode($ret); } if ($columns === "EDIT_PROFILE_SAVE") { $data = json_decode(stripslashes($_POST['data']), true); $ret = UpdateUser($data['email_id'], $data['password'], $data['first_name'], $data['middle_name'], $data['last_name'], $data['organization_id'], $data['authtype_id'], $data['securityquestion_id'], $data['securityquestion_ans'], $data['phone'], $data['country_name'], $data['country_code']); print $ret; } if ($columns === "LOGOUT") { logoutUser(); } if ($columns === "RESET_PASSWORD_PREP") {
require "../models/usuarios.php"; $user = new Usuario(); if ($cantidad = $user->getCantidad()) { sendRensponse(array("error" => false, "mensaje" => "", "data" => $cantidad)); } else { sendRensponse(array("error" => true, "mensaje" => "¡Error al obtener cantidad de Usuarios!")); } } $request = new Request(); $action = $request->action; switch ($action) { case "nuevoUser": nuevoUser($request); break; case "validar": validateUser($request); break; case "validarMail": validateMail($request); break; case "validarUserName": validateUserName($request); break; case "obtener": getUser($request); break; case "obtenerCantidad": getCantidad($request); break; default: sendRensponse(array("error" => "true", "mensaje" => "request mal formado"));
<?php session_start(); error_reporting(E_ALL); require_once 'constants.php'; ini_set('display_errors', 1); $user_in = filter_input(INPUT_POST, "user", FILTER_SANITIZE_STRING); $pw_in = filter_input(INPUT_POST, "pw", FILTER_SANITIZE_STRING); $user = validateUser($user_in); $pw = validatePassword($pw_in); validateLogin($user, $pw); //========================================================= // Functions used to validate login credentials. //--------------------------------------------------------- function validateLogin($user, $pw) { global $url; if (doesUserDirectoryExist($user)) { // User Exists $pwFile = $GLOBALS['directory'] . "users/" . $user . "/pw.txt"; if (file_get_contents($pwFile) === $pw) { $_SESSION['logged_on'] = 1; $_SESSION['user'] = $user; header('Location: ' . $GLOBALS['url']); } else { echo "<font color=\"red\"><b>ERROR: Input did not match a registed username & password combination.</b></font><br>"; echo "(Main page will reload shortly...)\n"; echo "<script type=\"text/javascript\">\nreload_page=function() {\n\tlocation.replace(\"{$url}\");\n}\n"; echo "var intervalID = window.setInterval(reload_page, 5000);\n</script>\n"; } } else {
<h1>My Cart</h1> <table border="1" style="width: 46%"> <thead style="height:50px"> <th style="width:200px">Company Name</th> <th style="width:150px">Job ID</th> <th style="width:200px">Location</th> <th style="width:150px">Salary</th> </thead> <tbody id="cartBody"> <?php if (isset($_POST["login"])) { $username = $_POST["username"]; $password = $_POST["password"]; $file_open = openFile("usr.txt", 'r'); if (!validateUser($file_open, $username, $password)) { echo "<script> alert('Failed to login. Invalid username or password'); </script>"; exit; } $file_usr = openFile("usr_cart/usr_{$username}.txt", 'r'); $user_jobs = readFileFromData($file_usr); drawTableWithoutAdd($user_jobs); $file_pointer = openFile('status.txt', 'w+'); $line = trim("true") . "\n"; $line = $line . trim($username); writeFileFromBegin($file_pointer, $line); } else { if (isset($_POST["register"])) { $username = $_POST["username"]; $password = $_POST["password"]; $username = trim($username);
function editFolder($name, $id) { global $connection; $name = $connection->escape_string($name); $request = "SELECT * FROM notes_vfs WHERE id = '{$id}'"; $result = $connection->query($request); $line = $result->fetch_assoc(); //Permission check (frontend based on js: VERY WEAK) $permissions = validatePermissions(validateUser()); if ($permissions == $line["container"] || ($permissions = "all")) { $request = "UPDATE notes_vfs SET name='{$name}' WHERE id = '{$id}'"; $connection->query($request); echo $connection->error; echo "success"; } else { echo "403: Not authorized"; } }
include_once "request-config.php"; include_once $requestService . 'displayLinkWithJavaScript.php'; //validate user prior to access on this page include_once "{$validation}" . "user_validation.php"; include_once $utilities . "utility.php"; $pageUrl = urlencode($port . "{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}"); $validateUser = true; $canModify = false; if (isset($_GET['p1']) && validatePassThrough($_GET['p1'])) { $validateUser = false; $log->debug("request.php - Print operation invoked and login is being bypassed"); } if ($validateUser) { $log->debug("Now validate if Plugin: (" . $onRequestPlugin . ") is installed"); //validate user then check if plugin license if active to access on this page validateUser($site_prefix, $pageUrl, $siteSection, $onRequestModify, $onRequestPlugin); $canModify = userCanModifyRequest($okModify); } //User is now validated so lets start the $_SESSION[] to use the properties on this page //depending onm the user path through the system we need to ensure that the session was started if (!session_id()) { session_start(); } $log->debug("Start including constants, request connection, and other files"); include_once $requestInclude . 'constants.php'; include_once $requestInclude . 'requestConnection.php'; include_once $requestService . 'requestFieldBuilder.php'; include_once $utilities . 'utility.php'; include_once $errors . 'errorProcessing.php'; include_once $fmfiles . "order.db.php"; include_once $requestService . "loadRequestSessionData.php";
$messageType = "d"; $errorTitle = "Serious Error"; $log->error("Serious Error: PK Missing at save time User " . $_SESSION['userName']); $message = "A serious error has occurred and you should immediately contact Thought-Development Support for assistance."; processError("Missing Primary Key", $message, "spotViewerResponse.php", "", $errorTitle); exit; } if (!session_id()) { session_start(); } //reset the session timeout before saving the data. This will avoid data loss due to session timeout resetSessionTimeout(); //validate the user prior to save operation do avoid anyone attempting to load data to database without using the form //if this user was not logged in at save time the redirect them to index page. $pageUrl = $site_prefix . "/onspot/index.php"; validateUser($site_prefix, $pageUrl, $siteSection, $onSpotView, $OnSpotPluginToValidate); //Globals used by process notes or approval block information $spotViewerLayout = "[WEB] cwp_spotviewer_browse"; $userNotesLayout = "[WEB] UserNotes"; $noteType = "Approval Notes"; //Process the Approval information only as a user selected a Approval Radio button //Since the calling page is now a dual form this code accepts a click event occurred so the data should be // persisted to FileMaker for each section if (isset($_POST['userApprover'])) { $log->debug("Processing approver selection"); $spotViewerFind = $fmWorkDB->newFindCommand($spotViewerLayout); $spotViewerFind->addFindCriterion('__pk_ID', '==' . $pkId); $spotResult = $spotViewerFind->execute(); if (FileMaker::isError($spotResult)) { $errorTitle = "FileMaker Error"; $log->error("Search of Spot Viewer record failed on PKID: " . $pkId . " Error: " . $spotResult->getMessage() . " User: " . $_SESSION['userName']);
$slogan = getOption($db, 'slogan'); $scripts = getJs($allScripts, ['liveChange' => 1, 'maps' => 1, 'search' => 1], true); $categories = getAllCategories($db); // controller require_once APP_PATH . 'control/searchController.php'; // view zusammenbauen $sidebar = APP_PATH . 'view/template/searchSidebar.php'; require_once APP_PATH . 'view/template/header.php'; require_once APP_PATH . 'view/site/search.php'; require_once APP_PATH . 'view/template/footer.php'; break; case 'validation': $token = $_GET['do']; if (strlen($token) === 128) { require_once APP_PATH . 'model/validateUser.php'; if (validateUser($db, $token)) { $_SESSION['validation'] = 'Sie haben Ihre E-Mail Adresse erfolgreich bestätigt.'; $_SESSION['valstatus'] = 1; $_SESSION['user_status'] = 'confirmed'; } else { $_SESSION['validation'] = 'Sie haben versucht Ihre E-Mail Adresse zu bestätigen. Leider ist die Überprüfung fehlgeschlagen. Wenn Sie eigenes Verschulden ausschließen können, melden Sie sich bitte per E-Mail bei uns.'; $_SESSION['valstatus'] = 0; } header('Location: /haendlerkonto'); } else { header('Location: /fehler'); } break; case 'fehler': require_once APP_PATH . 'model/getJs.php'; require_once APP_PATH . 'model/getAllCategories.php';
<?php error_reporting(E_ALL); ini_set("display_errors", 1); session_start(); require_once "../includes/config.php"; require_once "../includes/connect.php"; require_once "helpers.php"; $username = $_POST['username']; $password = $_POST['password']; //connect to the database here $st = $db->prepare("SELECT password, salt FROM users WHERE username = :username"); $st->execute(array('username' => $username)); if ($st->rowCount() < 1) { header('Location: ../../frontend/'); die; } $userData = $st->fetchAll(); $userData = $userData[0]; $hash = hash('sha256', $userData['salt'] . hash('sha256', $password)); if ($hash != $userData['password']) { header('Location: ../../frontend/'); die; } else { validateUser($userData['username']); //sets the session data for this user } //redirect to another page or display "login success" message header('Location: ../../frontend/');
if (!empty($altinfo) && !isset($_SERVER['PHP_AUTH_USER'])) { $val = $altinfo; $pieces = explode(' ', $val); // bad. if ($pieces[0] == 'Basic') { $chunk = $pieces[1]; $decoded = base64_decode($chunk); $credential_info = explode(':', $decoded); if (count($credential_info) == 2) { $_SERVER['PHP_AUTH_USER'] = $credential_info[0]; $_SERVER['PHP_AUTH_PW'] = $credential_info[1]; $_SERVER["AUTH_TYPE"] = 'Basic'; } } } if (!validateUser($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { header('WWW-Authenticate: Basic realm="KnowledgeTree DMS"'); header('HTTP/1.0 401 Unauthorized'); echo 'This RSS feed requires authentication. Please enter your username and password.'; exit; } else { $user = DBAuthenticator::getUser($_SERVER['PHP_AUTH_USER'], array('id' => 'id')); $id = $user[$_SERVER['PHP_AUTH_USER']]['id']; if (OS_WINDOWS) { $sReferrer = $_SERVER['HTTP_USER_AGENT']; // Check if this is IE 6 if (strstr($sReferrer, 'MSIE 6.0')) { header('Content-Type: application/rss+xml; charset=utf-8;'); header('Content-Disposition: inline; filename="rss.xml"'); header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
<?php require '../functions.inc.php'; if ($_POST['submit']) { // if they are the master, redirect them to the create new calendar page if ($_POST['login'] == 'master') { header('Location: ./new_calendar.php'); } else { if ($calendar = validateUser($_POST['login'], $_POST['password'])) { echo "login success"; echo '<p><a href="../?cal=' . $calendar . '&admin=weak">cool</a></p>'; // this is a lazy hack here. exit; //header('Location: ./?cal=$calendar&admin=weak'); } } // if they have hit here something must have gone wrong. tell them that. $message = "something went wrong. try again."; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>CS Office Hours - Admin</title> <link rel="stylesheet" type="text/css" href="../style.css" /> </head> <body> <?php echo "<h2>May the 4th be with you</h2>";
<?php include "class/class.Security.php"; if ($_SERVER['REQUEST_METHOD'] == 'POST') { $userLogin = isset($_POST['userLogin']) ? $_POST['userLogin'] : ''; $userPassword = isset($_POST['userPassword']) ? $_POST['userPassword'] : ''; $userPassword = md5($userPassword); $date = date("d/m/Y"); $hour = date("H:i"); if (validateUser($userLogin, $userPassword) == true) { $query = mysql_query("SELECT `userChangePassword` FROM users WHERE `userLogin` = '" . $userLogin . "' AND `userPassword` = '" . $userPassword . "'"); $changePassword = mysql_fetch_assoc($query); if ($changePassword['userChangePassword'] == 1) { header("Location: ../login.php?action=changePassword"); exit; } else { $query = mysql_query("INSERT INTO login_log (`loginLogUser`, `loginLogDate`, `loginLogHour`) VALUES ('{$userLogin}', '{$date}', '{$hour}')"); header("Location: ../index.php"); exit; } } else { unset($_SESSION['userId'], $_SESSION['userName'], $_SESSION['userLogin'], $_SESSION['userPassword']); header("Location: ../login.php?error=1"); exit; } }
header('Location: index.php'); die; } else { //Need to put this into validate user so that the database pool can be used //otherwise the username and id will not get stored when the session closes //$_SESSION['username'] = $username; //if user wants to be remembered if ($_SESSION['rememberUser'] == true) { createCookie($dbHandle, $username, $hash); validateUser(true); //Set user info in SESSION $_SESSION['user_id'] = $userInfo['user_id']; $_SESSION['username'] = $userInfo['username']; $_SESSION['imageUrl'] = $userInfo['image_url']; $_SESSION['accLevel'] = $userInfo['acc_level']; } else { //set SESSION validity to 1 but do not set to remember, //this stops cookie destruction at a later stage validateUser(NULL); //Set user info in SESSION $_SESSION['user_id'] = $userInfo['user_id']; $_SESSION['username'] = $userInfo['username']; $_SESSION['imageUrl'] = $userInfo['image_url']; $_SESSION['accLevel'] = $userInfo['acc_level']; } } $_SESSION['error'] = false; $_SESSION['errorMess'] = ""; header('Location: index.php'); ob_flush(); //GREAT SUCCESS
<?php include '../../../config.php'; if (!class_exists("SQLManager")) { require_once $FANNIE_ROOT . "src/SQLManager.php"; } include $FANNIE_ROOT . 'src/Credentials/projects.wfc.php'; require $FANNIE_ROOT . 'auth/login.php'; if (!validateUser('projects')) { return; } if (isset($_POST['projDesc'])) { $projDesc = $_POST['projDesc']; $link = $_POST['link']; $priority = $_POST['priority']; $projID = $_POST['projID']; $emaillist = $_POST['emaillist']; $notes = preg_replace('/\\n/', '<br />', $_POST['notes']); $q = $sql->prepare("update projects set\n projDesc = ?\n link = ?\n priority = ?\n notes = ?\n where projID=?"); $r = $sql->execute($q, array($projDesc, $link, $priority, $notes, $projID)); $mails = explode(",", $emaillist); $q = $sql->prepare("delete from project_parties where projID=?"); $r = $sql->execute($q, array($projID)); $q = $sql->prepare("insert into project_parties values (?,?)"); foreach ($mails as $m) { $m = trim($m); if ($m != '') { $r = $sql->execute($q, array($projID, $m)); } } header("Location: project.php?projID={$projID}");
<?php /** * User authentication is done here. * This is a super-simple auth method * that tries to be secure enough. */ // if the user is NOT logged in already if (!validateUser()) { // attempted login if (isset($_POST['proxy-login'])) { loginUser(); } // no attempted login = show login page die(file_get_contents('login/login.html')); } /** * validate user cookie with database. * note that base64 is an extra-step * when storing the cookie on the user client * and not an attempt to encrypt passwords. * * @return bool */ function validateUser() { // compare saved cookie with the actual credentials from the db. if (getUser()['email'] && base64_decode(getUser(true)[1]) === getUser()['pass']) { return true; } return false;
} else { if (strcmp($pass, $row['password']) === 0) { echo 2; //Password matchs db.. redirect to mail page } else { echo 3; //Entered wrong password... } } mysql_free_result($result); } else { if ($action == 'signup') { $user = $_POST['username']; $pass = $_POST['password']; $pass_confirm = $_POST['password_confirm']; $choice = validateUser($user, $pass, $pass_confirm); switch ($choice) { //Username already exists case 1: echo 1; //means username already exists; break; //Everything good, we can register the user //Everything good, we can register the user case 2: $sqlQuery = "INSERT INTO users (username, password) VALUES ( '{$user}', '{$pass}' )"; mysqli_query($connection, $sqlQuery); echo 2; break; //Problem with username //Problem with username
<?php include '../../../config.php'; if (!class_exists("SQLManager")) { require_once $FANNIE_ROOT . "src/SQLManager.php"; } include $FANNIE_ROOT . 'src/Credentials/projects.wfc.php'; require $FANNIE_ROOT . 'auth/login.php'; if (!validateUser('admin')) { return; } $projID = $_GET['projID']; $date = date("Y-m-d"); $q = $sql->prepare("update projects set status=2,completeDate=? where projID=?"); $r = $sql->execute($q, array($date, $projID)); // build email 'to' all interested parties $q = $sql->prepare("select email from project_parties where projID = ?"); $r = $sql->execute($q, array($projID)); $to_string = '*****@*****.**'; if ($sql->num_rows($r) > 0) { while ($row = $sql->fetch_array($r)) { $to_string .= ", " . $row[0] . "@wholefoods.coop"; } } $descQ = $sql->prepare("select projDesc from projects where projID=?"); $descR = $sql->execute($descQ, array($projID)); $descW = $sql->fetch_array($descR); $projDesc = $descW[0]; // mail notification $subject = "Completed project: {$projDesc}"; $message = wordwrap("The project {$projDesc} has been marked completed. http://key/it/projects/project.php?projID={$projID}", 70);
function validateSession() { // 3/6/2010 Current Server does not allow for Server side detection. Now using forceSSL() in functions.js // see function isSSL() above. if (!isSSL()) { header("Location: logout.php"); } slashAllInputs(); connectDatabase(); validateUser(); // if they are not valid, they don't come back from here. }
<?php $token = $_GET['do']; if (strlen($token) === 128) { $success = validateUser($db, $token); if ($success) { $success = 1; } else { $success = 0; } } else { $success = 0; }
<?php // Start the session session_start(); require_once "./includes/connection.php"; ?> <br /> In login.php <br /> <?php $uname = $_POST["uname"]; $password = $_POST["password"]; if (!empty($uname) && !empty($password)) { validateUser($uname, $password); } function validateUser($uname, $password) { global $connection; $query = "SELECT uid, uname, password FROM user WHERE "; $query .= "uname = '{$uname}' AND password = '******'"; echo $query; $result = mysqli_query($connection, $query); confirm_query($result); $rows = mysqli_num_rows($result); if ($rows == 1) { $_SESSION['login_user'] = $uname; while ($row = mysqli_fetch_assoc($result)) { $_SESSION['login_user_uid'] = $row["uid"]; } header("location: home.php"); } else {
<?php require "config.php"; if (isset($_POST['username']) && isset($_POST['password'])) { $username = $_POST["username"]; $password = $_POST["password"]; if (!validateUser($_POST['username'], $_POST['password'])) { echo $_SESSION['error'] = "Username or Password is incorrect!"; // unset($_GET['action']); } else { echo $_SESSION['id']; } }
<?php global $wpdb; $textdomain = 'contact-form-pro'; $cfp_forms = $wpdb->prefix . "cfp_forms"; $path = plugin_dir_url(__FILE__); $f_name = $_REQUEST['function']; switch ($f_name) { case 'validateUser': echo validateUser($_REQUEST['name']); break; case 'validateEmail': echo validateEmail($_REQUEST['email']); } /*Cross checks if the username already exists during registration process*/ function validateUser($name) { return username_exists($name) > 0 ? "true" : "false"; } /*Cross checks if the email already exists during registration process*/ function validateEmail($email) { return email_exists($email) > 0 ? "true" : "false"; } die;