Last active
February 12, 2016 01:05
-
-
Save JimboFromLimbo/9fac5cbd15a88ea702b0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* begin session */ | |
| session_start(); | |
| /*first check that both the username,password and form token have been sent */ | |
| if(!isset($_POST['user_login'], $_POST['pass'])) | |
| { | |
| return 'please enter a valid username and password'; | |
| } | |
| /* check the form token is valid */ | |
| elseif | |
| ($_POST['register'] != $_SESSION['register']) | |
| { | |
| return 'invalid for submission'; | |
| } | |
| else{ | |
| $user_login= filter_var($_POST['user'], FILTER_SANITIZE_STRING); | |
| $pass = filter_var($_POST['pwd'], FILTER_SANITIZE_STRING); | |
| /*Encrypt password */ | |
| /* $pass = sha1 ($pass); */ | |
| /*connect to the db */ | |
| $mysql_hostname='localhost'; | |
| $mysql_username='james'; | |
| $mysql_password='password'; | |
| $mysql_dbname='king_db'; | |
| try { | |
| //conection to the database | |
| $dbh = new PDO('mysql:host=localhost;dbname=king_db;charset=utf8', 'james', 'password'); | |
| $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); | |
| // prepare statement for the selection of data from my sql tables | |
| $statement = $dbh->prepare('INSERT INTO logins (email, password) VALUES (:user_login , passwrd)'); | |
| //binds the email coloum to the user_login input for checking data | |
| $statement->bindParam(':email', $_POST['user_login'], PDO::PARAM_STR); | |
| // this statement is not needed, when you encrypt passwords it dose not following the exact same string | |
| $statement->bindParam(':password', $_POST['passwrd'], PDO::PARAM_STR); | |
| //executes the above statments | |
| $statement->execute(); | |
| unset($_SESSION['register']); | |
| // is a statment that fetches the array from the databaese, the fetch_assoc only pulls the data that | |
| // has the string of the the coloum name with it instead of the both the ones with ids ie [email] [email protected], or [1][email protected] | |
| $results = $statement->fetchAll(PDO::FETCH_ASSOC); | |
| //setting a session for 'email' then | |
| $_SESSION['register'] = $_POST['adduser']; | |
| //echoing the $session | |
| echo "<pre>"; | |
| print_r($_SESSION); | |
| echo "</pre>"; | |
| } | |
| //catches the try statment in other terms stop the error reporting. | |
| catch (Exception $e) | |
| { | |
| echo $e->getMessage(); | |
| // check if username already exists | |
| //($e->getCode() ==23000) | |
| //{ | |
| /** if we are here, something has gone wrong with your database */ | |
| // $message= 'we are unable to process your request. please try agin later'; | |
| //echo 'Error:'; | |
| } | |
| } | |
| ?> | |
| <html> | |
| <head> | |
| <title> King Login </title> | |
| </head> | |
| <body> | |
| <p> | |
| <?php | |
| ?> | |
| </p> | |
| </body> | |
| </html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment