function checkUsrPwd($message)
{
if (isset($_POST['submit'])) {
$username = trim(mysqlPrep($_POST['username']));
$password = trim(mysqlPrep($_POST['password']));
$hash_password = md5($password);
$query = "SELECT username FROM TeamtwisterUsers WHERE username = '******' AND hash_password = '******' LIMIT 1";
$chk = mysql_query($query);
confirmQuery($chk);
$ary = mysql_fetch_array($chk);
$num = mysql_num_rows($chk);
if ($num == 1) {
$_SESSION['username'] = $ary['username'];
//this helps to check whether the user has successfully logged in
$message = "";
return $message;
} else {
$message = "Username or Password Incorrect. Please try again";
return $message;
}
} else {
$message = "";
return $message;
}
}
}
$totalErrors = "";
foreach ($formFields as $fields) {
$totalErrors .= $errors[$fields];
echo $totalErrors;
//echo "error :{$fields}".$errors[$fields]."<br/>";
//echo $totalErrors;
}
if ($totalErrors == "") {
//No error, proceed with insertion
echo "no error";
$user = new UserDatabase();
$fname = mysqlPrep($_POST['FirstName']);
$lname = mysqlPrep($_POST['LastName']);
$email = mysqlPrep($_POST['Email']);
$pass = encrypt(mysqlPrep(trim($_POST['Password1'])));
$registerTime = getStandardTime(time());
$exists = $user->CheckIfUserExists($_POST['Email']);
if (!$exists) {
echo "not exists";
$user->InsertUserDetails($fname, $lname, $course, $year, $email, $pass, $registerTime, $dateBirth);
header("Location:successfulSignup.php");
} else {
echo "exist";
$errors['userExists'] = "This email id is already taken";
}
//
}
}
//closing brackets if(isset($_POST['submit])
?>
require_once 'header.php';
require_once '../Includes/database.php';
@session_start();
if (isset($_SESSION['username']) || isset($_COOKIE['userid'])) {
redirect('/newForum');
}
if (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "") {
$redirect = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("HTTP/1.1 301 Moved Permanently");
header("Location: {$redirect}");
}
if (!isset($_SESSION['username'])) {
if (isset($_POST['login'])) {
$user = new UserDatabase();
$eror = $user->login(mysqlPrep($_POST['txtUsername']), mysqlPrep(trim($_POST['txtPassword'])));
if ($eror) {
echo ";;fkjd";
$loginError = "Login Successful";
@session_start();
$_SESSION['username'] = $eror[2];
$_SESSION['id'] = $eror[0];
$_SESSION['firstname'] = $eror[1];
if (isset($_POST['remember']) && $_POST['remember'] == 0) {
//echo "posted";
setcookie('userid', $eror[0], time() + 24 * 7 * 60 * 60);
setcookie('firstName', $eror[1], time() + 24 * 7 * 60 * 60);
}
//print_r($_POST);
redirect("/newForum/index.php?usrid={$eror[1]}");
} else {
include "include/connection.php";
include "include/function.php";
$message = '';
$enable = 0;
$flag1 = 0;
$flag2 = 0;
if (isset($_POST['submit'])) {
if (isset($_POST['Teamname']) && isset($_POST['Teammember1']) && isset($_POST['passwd']) && isset($_POST['confpasswd']) && isset($_POST['contactno'])) {
if (trim($_POST['Teamname']) != '' && trim($_POST['Teammember1']) != '' && trim($_POST['passwd']) != '' && trim($_POST['confpasswd']) != '' && trim($_POST['contactno']) != '') {
$Teamname = trim(mysqlPrep($_POST['Teamname']));
$Teammember1 = trim(mysqlPrep($_POST['Teammember1']));
$passwd = trim(mysqlPrep($_POST['passwd']));
$confpasswd = trim(mysqlPrep($_POST['confpasswd']));
$contactno = trim(mysqlPrep($_POST['contactno']));
if (isset($_POST['emailid'])) {
$emailid = trim(mysqlPrep($_POST['emailid']));
} else {
$emailid = "";
}
$value = 0;
if (isset($_POST['check'])) {
$value = $_POST['check'];
}
if ($value) {
if (chklength($Teammember1)) {
$enable = 1;
}
} else {
$enable = 1;
}
if ($enable == 1) {
<br/>
<?php
echo "<p style=\"color:seashell;background:#000;border-bottom:2px solid orangered;padding:10px;font-size:20px;\"> your website : " . $userdata["site"] . "</p>";
?>
<br/><br/><br/>
<form id="form" method="post" action="admin.php#contact">
<p><label>email </label><input type="email" name="email" /></p>
<p><label>phone </label><input maxlength="10" name="phone"/></p>
<p><label>website </label><input type="text" name="website" /></p>
<p><input type="submit" name="change" value="Change"/></p>
</form>
<?php
if (isset($_POST['change'])) {
$email = mysqlPrep($_POST['email']);
$phone = mysqlPrep($_POST['phone']);
$website = mysqlPrep($_POST['website']);
updateContact($userdata["username"], $email, $phone, $website);
}
?>
</div>
</div>
<!-- /Contact -->
<!-- overview -->
<!--
<div id="overview" class="panel">
<div class="content">
<h2>Overview</h2>
<section class="left">
<div>
<p>Stats.</p>
<?php
session_start();
require_once "../includes/dbconnection.php";
require_once "../includes/functions.php";
if (isset($_POST['submit'])) {
//grabing the values
$username = mysqlPrep($_POST['username']);
$password = mysqlPrep($_POST['password']);
$email = mysqlPrep($_POST['mailid']);
// Registering new Users
if ($username != null && $password != null && $email != null) {
//check for unique usernames here
$useravailable = findUserAvailabilty($username);
if ($useravailable) {
//set a global and print it or use validations
echo "<p style=\"color:seashell;background:#f04848;padding:10px;font- size:20px;font-family:Ubuntu\">Username is in use !\n please choose another username</p>";
} else {
//do the insert of new users
insertNewUser($username, $password, $email);
echo "<p style=\"color:seashell;background:#f04848;padding:10px;font- size:20px;font-family:Ubuntu\">Successfully registered ! Login to continue .</p>";
}
}
// Logging users
if ($username != null && $password != null && $email == null) {
if (verifyUser($username, $password)) {
//set the session and then redirect
$_SESSION["loggeduser"] = $username;
redirectTo("admin.php");
} else {
$_SESSION["loggeduser"] = null;
if ($res) {
echo "<p style=\"color:seashell;background:#f04848;padding:10px;font-size:20px;\">Saved</p>";
} else {
echo "<p style=\"color:seashell;background:#f04848;padding:10px;font-size:20px;\">Oops ! Something went wrong.</p>";
}
}
if (isset($_POST['publish'])) {
redirectTo("admin.php#posts");
}
// To update a particular post
if (isset($_POST['change'])) {
$title = mysqlPrep($_POST['title']);
$content = mysqlPrep($_POST['content']);
$stamp = date('jS F Y');
$user = $_SESSION["loggeduser"];
$subjectid = findSubject(mysqlPrep($_POST['subjectname']));
$query = "update posts set title = '" . $title . "', content = '" . $content . "', datestamp = '" . $stamp . "', subjectid = '" . $subjectid . "'\n where username = '******' limit 1";
$rel = mysqli_query($connection, $query);
if ($rel) {
echo "<p style=\"color:seashell;background:#f04848;padding:10px;font-size:20px;\">Updated successfully !</p>";
} else {
echo "<p style=\"color:seashell;background:#f04848;padding:10px;font-size:20px;\">Oops ! Something went wrong.</p>";
}
}
?>
<html lang="en">
<head>
<meta charset="UTF-8" />
<title>Posts</title>
<link rel="stylesheet" type="text/css" href="stylesheet/demo.css" />