function login()
{
// Check Token so Login comming from https://127.0.0.1/index.php
$token = $_POST['token'];
if ($token == $_COOKIE['session_id']) {
if (empty($_POST['username'])) {
return false;
}
if (empty($_POST['password'])) {
return false;
}
$username = $_POST['username'];
$password = $_POST['password'];
$incheck = new InputChecker();
// Validate input ...
$validPass = $incheck->isValidPassword($password);
$validUserName = $incheck->isValidUsername($username);
echo 'Attempted login: '******'isLoggedIn'] = 1;
redirect("https://127.0.0.1/searchView.php");
} else {
redirect("https://127.0.0.1/");
}
}
$salt = $crypto->generateSalt(10);
$hash = $crypto->generateHash($pwd, $salt);
if ($stmt->bind_param('sss', $email, $hash, $salt)) {
if ($stmt->execute()) {
echo "executed";
$_SESSION['isLoggedIn'] = 1;
$_SESSION['username'] = $email;
redirect("https://127.0.0.1/searchView.php");
$stmt->free_result();
}
}
}
$token = $_POST['token'];
if ($token == session_id()) {
$email = $_POST['username'];
$pwd = $_POST['password'];
$db = new Database();
$mysqli = $db->openConnection();
$incheck = new InputChecker();
$validPass = $incheck->isValidPassword($pwd);
$validUserName = $incheck->isValidUsername($email);
$usernameAvailable = isUsernameFree($mysqli, $email);
if ($validPass && $validUserName && $usernameAvailable) {
addUser($mysqli, $email, $pwd);
} else {
redirect("https://127.0.0.1/registerView.php");
}
$db->closeConnection($mysqli);
} else {
redirect("https://127.0.0.1/index.php");
}
