function login() { // Check Token so Login comming from https://127.0.0.1/index.php $token = $_POST['token']; if ($token == $_COOKIE['session_id']) { if (empty($_POST['username'])) { return false; } if (empty($_POST['password'])) { return false; } $username = $_POST['username']; $password = $_POST['password']; $incheck = new InputChecker(); // Validate input ... $validPass = $incheck->isValidPassword($password); $validUserName = $incheck->isValidUsername($username); echo 'Attempted login: '******'isLoggedIn'] = 1; redirect("https://127.0.0.1/searchView.php"); } else { redirect("https://127.0.0.1/"); } }
$salt = $crypto->generateSalt(10); $hash = $crypto->generateHash($pwd, $salt); if ($stmt->bind_param('sss', $email, $hash, $salt)) { if ($stmt->execute()) { echo "executed"; $_SESSION['isLoggedIn'] = 1; $_SESSION['username'] = $email; redirect("https://127.0.0.1/searchView.php"); $stmt->free_result(); } } } $token = $_POST['token']; if ($token == session_id()) { $email = $_POST['username']; $pwd = $_POST['password']; $db = new Database(); $mysqli = $db->openConnection(); $incheck = new InputChecker(); $validPass = $incheck->isValidPassword($pwd); $validUserName = $incheck->isValidUsername($email); $usernameAvailable = isUsernameFree($mysqli, $email); if ($validPass && $validUserName && $usernameAvailable) { addUser($mysqli, $email, $pwd); } else { redirect("https://127.0.0.1/registerView.php"); } $db->closeConnection($mysqli); } else { redirect("https://127.0.0.1/index.php"); }