<?php session_start(); require_once "../php-assets/class.user.php"; $login = new USER(); if ($login->is_loggedin() != "") { $login->redirect('advert-overview.php'); } if (isset($_POST['login-button'])) { $user_email = strip_tags($_POST['user-email']); $user_password = strip_tags($_POST['user-password']); if ($login->doLogin($user_email, $user_password)) { $login->redirect('advert-overview.php'); } else { $error[] = "Je inloggegevens zijn niet correct."; } } ?> <!doctype html> <html class="no-js" lang="nl"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Aanmelden</title> <link rel="stylesheet" href="../css/minimum-viable-product.min.css"> </head> <body> <div class="full-width full-width-login"> <div class="half-height-gradient"></div> <div class="row"> <div class="large-4 medium-6 small-12 small-centered columns login-input-panel">
$user->redirect('advert-overview.php'); } if (isset($_POST['register-button'])) { $user_first_name = strip_tags(htmlentities($_POST['user-first-name'], ENT_COMPAT, 'UTF-8')); $user_last_name = strip_tags(htmlentities($_POST['user-last-name'], ENT_COMPAT, 'UTF-8')); $user_email = strip_tags($_POST['user-email']); $user_password = strip_tags($_POST['user-password']); try { $stmt = $user->runQuery("SELECT user_firstname, user_email FROM tbl_user WHERE user_firstname=:user_first_name OR user_email=:user_email"); $stmt->execute(array(':user_first_name' => $user_first_name, ':user_email' => $user_email)); $row = $stmt->fetch(PDO::FETCH_ASSOC); if ($row['user_email'] == $user_email) { $error[] = "Er is al een account aangemaakt met dit e-mail adres."; } else { if ($user->register($user_first_name, $user_last_name, $user_email, $user_password)) { $user->doLogin($user_email, $user_password); $user->redirect('advert-overview.php'); } } } catch (PDOException $e) { echo $e->getMessage(); } } ?> <!doctype html> <html class="no-js" lang="nl"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Account aanmaken</title> <link rel="stylesheet" href="../css/minimum-viable-product.min.css"> </head>
switch ($_GET['act']) { case 'login': case 'logout': //------------------- // LOGIN/LOGOUT //------------------- if (isset($_GET['act']) && $_GET['act'] == "logout") { logout(); } // Process the input if (!empty($_GET['tkl'])) { if (isset($_POST['username']) && preg_match('/^[a-z0-9_?]{1,20}$/iD', $_POST['username']) && strlen($_POST['password']) < 40) { $DB->query("SELECT\n\t\t\t\t\tID,\n\t\t\t\t\tPassword,\n\t\t\t\t\tSecret,\n\t\t\t\t\tEnabled\n\t\t\t\t\tFROM users WHERE Username='******'username']) . "'\n\t\t\t\t\tAND Username<>''"); list($UserID, $PassHash, $Secret, $Enabled) = $DB->next_record(); if ($UserID && $PassHash == make_hash($_POST['password'], $Secret) && $Enabled == 1) { $User->doLogin($UserID); if (empty($_POST['ref_page'])) { header("Location: index.php"); } else { $URL = base64_decode($_POST['ref_page']); if (preg_match('/^\\/[a-zA-Z0-9]+\\.php/i', $URL)) { header("Location: {$URL}"); } else { header("Location: index.php"); } } exit; } else { echo "<font color='red'><strong>BAD USERNAME/PASSWORD, try again</strong></font>"; } } else {
<?php session_start(); require_once "class.user.php"; $login = new USER(); if ($login->is_loggedin() != "") { $login->redirect('home.php'); } if (isset($_POST['btn-login'])) { $uname = strip_tags($_POST['username']); $umail = strip_tags($_POST['username']); $upass = strip_tags($_POST['password']); if ($login->doLogin($uname, $umail, $upass)) { $login->redirect('home.php'); } else { $error = "Wrong Details !"; } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Login - PAPS</title> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <meta name="apple-mobile-web-app-capable" content="yes"> <link href="css/bootstrap.min.css" rel="stylesheet" type="text/css" /> <link href="css/bootstrap-responsive.min.css" rel="stylesheet" type="text/css" />
$stmt = $user->runQuery("SELECT * FROM tbl_user WHERE user_email=:user_email"); $stmt->execute(array(":user_email" => $email_decoded)); $userRow = $stmt->fetch(PDO::FETCH_ASSOC); // Changing the password and updating the database if (isset($_POST['password-reset-button'])) { $user_new_password = strip_tags($_POST['user-password']); $_SESSION['user_password'] = strip_tags($_POST['user-password']); if ($user->resetPassword($email_decoded, $user_new_password)) { $success_message = "Wachtwoord gewijzigd!"; } else { $error_message = "Je wachtwoord is niet gewijzigd."; } } // Redirecting user after successful password change if (isset($_POST['password-reset-login-button'])) { if ($user->doLogin($email_decoded, $_SESSION['user_password'])) { $user->redirect('advert-overview.php'); } } ?> <!doctype html> <html class="no-js" lang="nl"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Wachtwoord wijzigen</title> <link rel="stylesheet" href="../css/minimum-viable-product.min.css"> <link href="https://file.myfontastic.com/QxAJVhmfbQ2t7NGCUAnz9P/icons.css" rel="stylesheet"> </head> <body> <div class="full-width full-width-password-reset">