$row = $query->fetch_assoc();
if ($register[0] == $row['username'] && $register[3] == $row['user_email']) {
header("Location: " . BASE_URI . "index.php?e=4");
exit;
} elseif ($register[0] == $row['username']) {
header("Location: " . BASE_URI . "index.php?e=2");
exit;
} elseif ($register[3] == $row['user_email']) {
header("Location: " . BASE_URI . "index.php?e=3");
exit;
}
}
// If encrypted password is equal to encrypted confirm password
if (sha1($register[1]) == sha1($register[2])) {
for ($i = 0; $i < count($register); $i++) {
$register[$i] = $clean->sanitize($register[$i]);
}
$register[1] = sha1($register[1]);
$sql = "INSERT INTO `users`\n\t\t\t\t\t\t(`username`, `user_password`, `user_email`, `user_created`, `user_hash`, `user_cookie`)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t('{$register['0']}', '{$register['1']}', '{$register['3']}', '{$register['4']}', '{$register['5']}', '{$register['6']}')";
$query = $conn->query($sql) or die($conn->error);
$_SESSION['username'] = $register[0];
$_SESSION['access'] = "member";
$_SESSION['active'] = "unactive";
$sql = "SELECT `user_hash` FROM `users`\n\t\t\t\t\t\tWHERE `username` = '{$register['0']}'";
$query = $conn->query($sql);
$rows = $query->fetch_assoc();
$to = $register[3];
$subject = "Offstreams User Activation";
$message = "\n\t\t\t\t\t\t\t\t<strong>Activation Email for {$register['0']} at Offstreams.com</strong>\n\t\t\t\t\t\t\t\t<br />\n\t\t\t\t\t\t\t\t<br />\n\t\t\t\t\t\t\t\t<p>In order to activate your account for offstreams.com, click the link below</p>\n\t\t\t\t\t\t\t\t<p><a>" . "http://localhost/offstreams/user/" . $s->lower($register[0]) . "/" . $rows['user_hash'] . "</a></p>\n\t\t\t\t\t\t\t\t<br />\n\t\t\t\t\t\t\t\t<p>Reasons to activate your account:</p>\n\t\t\t\t\t\t\t\t<ul>\n\t\t\t\t\t\t\t\t\t<li>Ability to participate in polls</li>\n\t\t\t\t\t\t\t\t\t<li>Allowed to like/dislike songs</li>\n\t\t\t\t\t\t\t\t\t<li>Favorite bands/albums</li>\n\t\t\t\t\t\t\t\t</ul>\n\t\t\t\t\t\t\t";
$headers = "From: experienceit12@gmail.com" . "\r\n" . "X-Mailer: PHP/" . phpversion() . "\r\n" . "Content-type: text/html" . "\r\n";
mail($to, $subject, $message, $headers);
<?php
require "../includes/config/config.php";
if (isset($_POST['loginSubmit'])) {
$login = array();
$login[0] = $_POST['username'];
$login[1] = $_POST['password'];
$clean = new cleanInput();
for ($i = 0; $i < count($login); $i++) {
$login[$i] = $clean->sanitize($login[$i]);
}
$pass = sha1($login[1]);
$sql = "SELECT `user_id`, `username`, `user_password`, `user_active`, `user_access` \n\t\t\t\t\tFROM `users` \n\t\t\t\t\tWHERE `username` = '{$login['0']}' AND `user_password` = '{$pass}'";
$query = $conn->query($sql);
$num_rows = $query->num_rows;
$row = $query->fetch_assoc();
// If there is an exact match
// Login user and go to page
if ($num_rows == 1) {
$active = $row['user_active'];
$access = $row['user_access'];
$_SESSION['username'] = $row['username'];
$_SESSION['user_id'] = $row['user_id'];
$_SESSION['access'] = $access;
$_SESSION['active'] = $active;
$_SESSION['loggedIn'] = true;
$cookie->createUserCookies();
$sql = "UPDATE users \n\t\t\t\t\t\tSET user_cookie = '" . sha1(SALT . isset($_SESSION['username']) . SALT) . "' \n\t\t\t\t\t\tWHERE username = '******'username'] . "'";
$query = $conn->query($sql);
header("Location: " . BASE_URI . "user/" . $login[0]);
exit;
