User Login (Sign in)

This commit is contained in:
Underemployed 2023-01-11 13:38:01 +06:30
parent 564166bb0a
commit 73d97f9f1d
4 changed files with 98 additions and 9 deletions

Binary file not shown.

After

Width:  |  Height:  |  Size: 30 KiB

55
signin-logic.php Normal file
View file

@ -0,0 +1,55 @@
<?php
require "config/database.php";
session_start();
if(isset($_POST['submit'])){
$username_email = filter_var($_POST['username_email'] , FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$password = filter_var(($_POST['password']), FILTER_SANITIZE_FULL_SPECIAL_CHARS);
if(!$username_email){
$_SESSION['signin'] = 'Username or Email is Inccorrect';
}
elseif(!$password){
$_SESSION['signin'] = 'Password required';
}else{
// fetch user from database
$fetch_user_query = "SELECT * FROM users WHERE username = '$username_email' OR email = '$username_email'";
$fetch_user_result = mysqli_query($connection, $fetch_user_query);
if(mysqli_num_rows($fetch_user_result) == 1){
//convert the record into assoc array
$user_record=mysqli_fetch_assoc($fetch_user_result);
$db_password = $user_record['password'];
// compare form password with database password
if(password_verify($password,$db_password)){
// set session for access control
$_SESSION['user-id'] = $user_record['id'];
//set session if user is admin
if($user_record['is_admin']==1){
$_SESSION['user_is_admin'] == true;
}
//log in user
header('location: ' . ROOT_URL . 'admin/');
}else{
$_SESSION['signin'] = "Please check your input";
}
}else{
$a = mysqli_num_rows($fetch_user_result);
echo mysqli_num_rows($fetch_user_result);
$_SESSION['signin'] = "User Not found";
}
}
//if any problem, redirect back to signin page
if(isset($_SESSION['signin'])){
$_SESSION['signin-data'] = $_POST;
header('location: ' . ROOT_URL . 'signin.php');
die();
}
}else{
header('location: ' . ROOT_URL . "signin.php");
die();
}

View file

@ -1,3 +1,13 @@
<?php
session_start();
include 'config/constants.php';
$username_email = $_SESSION['signin-data']['username_email'] ??null ;
$password = $_SESSION['signin-data']['password'] ?? null;
unset($_SESSION['signin-data']);
?>
<!DOCTYPE html>
<html lang="en">
<head>
@ -19,14 +29,38 @@
<div class="container form__section-container">
<h2>Sign In</h2>
<div class="alert__message success">
<p>This is an success message</p>
</div>
<form action="">
<input type="text" placeholder="Username or Email">
<input type="password" placeholder=" Password">
<button type="submit" class="btn">Sign in</button>
<?php if(isset($_SESSION['signin-success'])): ?>
<div class="alert__message success">
<p>
<?=$_SESSION['signin-success'];
unset($_SESSION['signin-success']);
?>
</p>
</div>
<?php elseif(isset($_SESSION['signin'])): ?>
<div class="alert__message error">
<p>
<?=$_SESSION['signin'];
unset($_SESSION['signin']);
?>
</p>
</div>
<?php endif ?>
<form action="<?= ROOT_URL ?>signin-logic.php" method="POST">
<input type="text" name="username_email" value = '<?= $username_email ?>' placeholder="Username or Email">
<input type="password" name="password" value = '<?= $password ?>' placeholder=" Password">
<button type="submit" class="btn" name ="submit" >Sign in</button>
<small>Don't have an account? <a href="signup.php">Sign up</a></small>
</form>
</div>

View file

@ -51,7 +51,7 @@ unset($_SESSION['signup-data']);
<form action="<?=ROOT_URL?>signup-logic.php" enctype="multipart/form-data" method="POST">
<input type="text" name ="firstname" value ="<?= $firstname?>" placeholder="First Name">
<input type="text" name ="lastname" value ="<?= $lastname?>" placeholder="Last Name">
<input type="text" name ="username" value ="<?= $username ?>" placeholder="Username">
<input type="username" name ="username" value ="<?= $username ?>" placeholder="Username">
<input type="email" name ="email" value ="<?= $email ?>" placeholder="email">
<input type="password" name ="createpassword" value ="<?= $createpassword ?>" placeholder="Password">
<input type="password" name ="confirmpassword" value ="<?= $confirmpassword?>" placeholder="Confirm Password">