-
Notifications
You must be signed in to change notification settings - Fork 0
/
login_validation.php
70 lines (56 loc) · 1.33 KB
/
login_validation.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<?php
session_start();
?>
<?php
include("includes/utility.class.php");
include("includes/config.class.php");
include("includes/db.class.php");
//initialize query variable
$query = '';
$config = new config();
//new database object
$db = new db($config);
$db->openConnection();
//check to see if the connection is open
$connectionStatus = $db->pingServer();
require_once("functions/ep_function.php");
if (isset($_POST['submit']))
{
$util = new Utility();
//escape variables for security reasons
$username = $db->stringEscape($_POST['username']);
$password = $db->stringEscape($_POST['password']);
if($connectionStatus)
{
$query = "SELECT " .
"id, " .
"username, " .
"password " .
"FROM " .
"members " .
"WHERE " .
"username = '" . $username . "'";
//queries the db
$result = $db->query($query);
$rowsFound = $db->hasRows($result);
if($rowsFound)
{
while ($row = $db->fetchArray($result))
{
if(crypt($password, $row['password']) == $row['password'])
{
echo "You are in Welcome";
$_SESSION['user']= $username;
$_SESSION['id'] = $row['id'];
header('Location:account.php');
}
else
{
echo "Invalid username/password";
session_destroy();
}
}
}
} //END if($connectionStatus)
}
?>