session_start(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $name = $_POST['name']; $row_password = $_POST['password']; $errors = array(); // バリデーション if ($name == '') { $errors['name'] = 'ユーザネームが未入力です'; } if ($row_password == '') { $errors['password'] = '******'; } if (is_registered($name)) { $errors['registered_name'] = '既に登録されているユーザーネームなので変更してください'; } $password = my_password_hash($row_password); // バリデーション突破後 if (empty($errors)) { $dbh = connectDatabase(); $sql = "insert into users (name, hashed_password, created_at) values\n (:name, :password, now());"; $stmt = $dbh->prepare($sql); $stmt->bindParam(":name", $name); $stmt->bindParam(":password", $password); $stmt->execute(); var_dump($_POST); echo '<hr>'; var_dump($errors); header('Location: login.php'); exit; } }
} if ($_SERVER['REQUEST_METHOD'] == 'POST') { $name = $_POST['name']; $password = $_POST['password']; $errors = array(); // バリデーション if ($name == '') { $errors['name'] = 'ユーザネームが未入力です'; } if ($password == '') { $errors['password'] = '******'; } // バリデーション突破後 if (empty($errors)) { $dbh = connectDatabase(); $hashed_password = my_password_hash($password); $sql = "select * from users where name = :name"; $stmt = $dbh->prepare($sql); $stmt->bindParam(":name", $name); $stmt->execute(); $row = $stmt->fetch(); var_dump($row); if ($row) { $hashed_password = $row["hashed_password"]; if (password_verify($password, $hashed_password)) { $_SESSION['id'] = $row['id']; header('Location: index.php'); exit; } else { echo 'ユーザネームかパスワードが間違っています'; }