Last active
June 8, 2021 15:21
-
-
Save marcus-sa/250690cf814b6d6a84c9fa7b0ab1b6a0 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $db_host = 'localhost'; | |
| $db_name = 'testdb'; | |
| $db_charset = 'utf8mb4'; | |
| $db_username = 'root'; | |
| $db_password = ''; | |
| try { | |
| $db = new PDO('mysql:host='.$db_host.';dbname='.$db_name.';charset='.$db_charset, $db_username, $db_password); | |
| $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); | |
| $db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); | |
| } catch(PDOException $e) { | |
| die($e->getMessage()); | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $('#btn-login').click(function() { | |
| var username = $('#login-username').val(); | |
| var password = $('#login-password').val(); | |
| new PNotify({ | |
| title: 'Processing...', | |
| text: 'Logging you in...', | |
| type: 'info' | |
| }); | |
| $.ajax({ | |
| url : 'system/js/login.php', | |
| method: 'POST', | |
| data: { | |
| username: username, | |
| password: password | |
| } | |
| }).done(function(res) { | |
| new PNotify({ | |
| title : 'Success!', | |
| text: 'Logged in! Redirecting in a moment...', | |
| type:'success' | |
| }); | |
| setTimeout(function() { | |
| window.location.href = 'index.php'; | |
| }, 2000); | |
| }).fail(function(err) { | |
| switch (err) { | |
| case 'username': | |
| return new PNotify({ | |
| title: 'Invalid credentials!', | |
| text: "User doesn't exist!", | |
| type: 'error' | |
| }); | |
| case 'password': | |
| return new PNotify({ | |
| title: 'Invalid credentials!', | |
| text: 'Password is incorrect!', | |
| type: 'error' | |
| }); | |
| default: | |
| return new PNotify({ | |
| title: 'Error Occurred', | |
| text: 'An error occurred! Please contact the webmaster.', | |
| type: 'error' | |
| }); | |
| } | |
| }); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| if (isset($_POST['username']) && isset($_POST['password'])) { | |
| include('./database.php'); | |
| $username = $_POST['username']; | |
| $password = $_POST['password']; | |
| $stmt = $db->prepare('SELECT `password` FROM `users` WHERE `username` = :u'); | |
| $stmt->bindParam(':u', $username, PDO::PARAM_STR); | |
| $stmt->execute(); | |
| if ($stmt->rowCount() > 0) { | |
| $db_password = $stmt->fetchColumn(); | |
| if (password_verify($password, $db_password) { | |
| exit('success'); | |
| } else { | |
| http_response_code(401); | |
| exit('password'); | |
| } | |
| } else { | |
| http_response_code(401); | |
| exit('username'); | |
| } | |
| } else { | |
| http_response_code(403); | |
| exit('error here that doesnt really matter'); | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $('#btn-signup').click(function(){ | |
| var reg_username = $('#reg_username').val(); | |
| var reg_pass = $('#reg_pass').val(); | |
| var reg_r_pass = $('#reg_r_pass').val(); | |
| new PNotify({ | |
| title: 'Registering...', | |
| text: 'Sending data to database...', | |
| type: 'info' | |
| }); | |
| $.ajax({ | |
| url : 'system/js/register.php', | |
| method: 'POST', | |
| data: { | |
| username: reg_username, | |
| password: reg_pass, | |
| password_confirm: reg_r_pass | |
| } | |
| }).done(function(res) { | |
| return new PNotify({ | |
| title: 'Registered!', | |
| text: 'You are registered successfully. For security reasons, please log in with your credentials..', | |
| type: 'success' | |
| }); | |
| }).fail(function(err) { | |
| switch (err) { | |
| case 'password': | |
| return new PNotify({ | |
| title: 'Your passwords are incorrect!', | |
| text: 'Your passwords do not match... Check them carefully!', | |
| type: 'error' | |
| }); | |
| case 'username': | |
| return new PNotify({ | |
| title: 'Your username is incorrect!', | |
| text: 'Your username is taken... Please choose another one! ', | |
| type: 'error' | |
| }); | |
| default: | |
| return new PNotify({ | |
| title: 'Error Occurred', | |
| text: 'An error occurred! Please contact the webmaster.', | |
| type: 'error' | |
| }); | |
| } | |
| }); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['password_confirm'])) { | |
| $username = $_POST['username']; | |
| $password = $_POST['password']; | |
| $password_confirm = $_POST['password_confirm']; | |
| if ($password === $password_confirm) { | |
| include('./database.php'); | |
| $stmt = $db->prepare('SELECT `id` FROM `users` WHERE `username` = :u'); | |
| $stmt->bindParam(':u', $username, PDO::PARAM_STR); | |
| $stmt->execute(); | |
| if ($stmt->rowCount() < 1) { | |
| $hashed_password = password_hash($password, PASSWORD_DEFAULT); | |
| $stmt = $db->prepare('INSERT INTO `users` (`username`, `password`) VALUES (:u, :p)'); | |
| $stmt->bindParam(':u', $username, PDO::PARAM_STR); | |
| $stmt->bindParam(':p', $hashed_password, PDO::PARAM_STR); | |
| $stmt->execute(); | |
| // No reason to use http_response_code as it's automatically set to 200 for OK | |
| exit('success'); | |
| } else { | |
| http_response_code(403); | |
| exit('username'); | |
| } | |
| } else { | |
| http_response_code(403); | |
| exit('password'); | |
| } | |
| } else { | |
| http_response_code(405); | |
| exit('random shit here that doesnt really matter'); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
<3