public function __construct()
{
$dbinfo = MyDatabase::getConnectionDetails();
$host = $dbinfo["host"];
$database = $dbinfo["database"];
$username = $dbinfo["username"];
$password = $dbinfo["password"];
$db = new MyDatabase($host, $database, $username, $password);
$this->conn = $db->get_connection();
}
<?php
if (isset($_POST["submit"])) {
$username = trim($_POST["username"]);
$password = trim($_POST["password"]);
if (strlen($username) == 0 || strlen($password) == 0) {
echo '<script type="text/javascript">' . '$(".error-message").removeClass("hidden");' . '$(".error-message p strong").html("You\'ve got an empty field");' . 'setTimeout(function() {$(".error-message").hide();}, 3000);' . '</script>';
return;
}
$dbinfo = MyDatabase::getConnectionDetails();
$host = $dbinfo["host"];
$database = $dbinfo["database"];
$db_username = $dbinfo["username"];
$db_password = $dbinfo["password"];
$db = new MyDatabase($host, $database, $db_username, $db_password);
$conn = $db->get_connection();
$query = "SELECT * FROM authentication WHERE username = ?";
$stmt = $conn->prepare($query);
$stmt->bindParam("1", $username);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
/*echo(var_dump($result));*/
if ($result == false) {
echo '<script type="text/javascript">' . '$(".error-message").removeClass("hidden");' . '$(".error-message p strong").html("Your username or password is wrong");' . 'setTimeout(function() {$(".error-message").hide();}, 3000);' . '</script>';
} else {
if (password_verify($password, $result["password"])) {
if ($result["locked"] == 0) {
$_SESSION["auth"] = true;
$_SESSION["role"] = $result["role"];
$_SESSION["locked"] = $result["locked"];
header("LOCATION:index.php");
</div>
</div>
<?php
if (isset($_POST["addUser"])) {
// echo("something");
$username = trim($_POST["username"]);
$password = trim($_POST["password"]);
$confirmPassword = trim($_POST["confirmPassword"]);
if (strlen($username) == 0 || strlen($password) == 0 || strlen($confirmPassword) == 0) {
echo '<script>' . '$("#alert-message").removeClass("hidden");' . '$("#alert-message").addClass("alert-danger");' . '$("#alert-message p strong").html("You have an empty field");' . 'setTimeout(function() {$("#alert-message").addClass("hidden");$("#alert-message").removeClass("alert-danger");}, 5000);' . '</script>';
} else {
if ($password != $confirmPassword) {
echo '<script>' . '$("#alert-message").removeClass("hidden");' . '$("#alert-message").addClass("alert-danger");' . '$("#alert-message p strong").html("Please type in the same password");' . 'setTimeout(function() {$("#alert-message").addClass("hidden");$("#alert-message").removeClass("alert-danger");}, 5000);' . '</script>';
} else {
$conn = $db->get_connection();
$returned_code = 00;
$enc_password = password_hash($password, PASSWORD_DEFAULT);
$query = "INSERT INTO authentication (username, password) VALUES (?,?)";
$stmt = $conn->prepare($query);
$stmt->bindParam("1", $username);
$stmt->bindParam("2", $enc_password);
try {
$stmt->execute();
} catch (PDOException $e) {
//echo($e->getCode());
$returned_code = $e->getCode();
}
if ($returned_code == 00) {
echo '<script>' . '$("#alert-message").removeClass("hidden");' . '$("#alert-message").addClass("alert-success");' . '$("#alert-message p strong").html("User successfully inserted");' . 'setTimeout(function() {$("#alert-message").addClass("hidden");$("#alert-message").removeClass("alert-success");}, 5000);' . '</script>';
} else {
