function dbLogin($username, $password) { $db = new Database(); $mysqli = $db->openConnection(); $sql = "SELECT salt, hash FROM users WHERE email = ?"; $stmt = $mysqli->prepare($sql); $hash_db = NULL; $salt_db = NULL; if ($stmt->bind_param('s', $username)) { if ($stmt->execute()) { $stmt->bind_result($salt_db, $hash_db); if (!$stmt->fetch()) { return false; } else { return existingUsername($salt_db, $hash_db, $password, $username); } $stmt->free_result(); } $db->closeConnection($mysqli); } return false; }
function validate_userName($username_input) { //store and sanitize the input and remove white spaces at the end and the beginning of it $userName = trim(filter_var($username_input, FILTER_SANITIZE_STRING)); $errors = FALSE; if (empty($userName)) { $errors = TRUE; $error_messages[] = "please enter an user name or ID"; //check if the username is already being used by another user } elseif (existingUsername($userName)) { $errors = TRUE; $error_messages[] = "username already being used"; } //returns the username or an error message if ($errors == TRUE) { return $error_messages; } else { return $userName; } }