Question: I have this code but it did not work I want it to login and information CODE: index.php Login Sign up login.php
I have this code but it did not work I want it to login and information
CODE:
index.php
// if the user is already logged in, then show the msg else show the links to login and signup if(isset($_SESSION['email'])) { echo "You are already logged in as: " . $_SESSION['email']; echo "
"; echo " Log out "; }
else {
?>
Login Sign up
login.php
// start a session session_start();
# if user's already logged in, then redirect user to home page if(isset($_SESSION['email'])) header("Location: index.php");
# initialising different variables needed in the script $show_form = false; $login_result = $emailErr = $passwordErr = '' ;
if($_SERVER["REQUEST_METHOD"] == "POST"){ if(isset($_POST["submit"])){
extract($_POST);
// check email format and take appropraite action if(empty($email)){ $emailErr = "Please fill out email"; $show_form = true; } else { $email = ($email); if(!filter_var($email, FILTER_VALIDATE_EMAIL)){ $emailErr = "Invalid email format"; $show_form = true; } }
// check that password field is not empty if(empty($password)){ $passwordErr = "Please fill out the password"; $show_form = true; }
// if our email and password are valid, then find the hashed password if( (!empty($email)) && (!empty($password)) && (!$show_form)){ $password = sha1($password);
/* query written below queries the database where email value is equal to the entered email and password is equal to the hashed value of entered password and store it in the $search variable in form of array. */ $search = " SELECT * FROM login WHERE email = '$email' AND password = '$password' "; $result = $conn->query($search);
/* we check if for entered values only one row is affected then login is OK else we show an error message and login form if login is OK, then we fetch the query results and store it in $row then we grab the user_id and store it in the corresponding session variable and then redirect the user to home page
*/
if($result->num_rows == 1){
// check if the above query actually got executed or not $row = $result->fetch_assoc();
$_SESSION['email'] = $row['email']; header("Location: index.php"); $conn->close(); } else { echo "There's some problem logging you in. We are sorry for the inconvience"; }
} else{ $login_result = "Invalid credentials" ; $show_form = true; }
} #this curly brace ends the block that executes when none of the fields as empty
} #this curly brace ends the block that executes only when the form is submitted
else { $show_form = true; }
if($show_form){ ?>
// check email format on both ends ?>
signup.php
# initialising different variables needed in the script $show_form = false; $nameErr = $emailErr = $passwordErr = $confirm_PasswordErr = $user_PictureErr = '' ;
# check if the form is submitted or not if($_SERVER["REQUEST_METHOD"] == "POST") {
if(isset($_POST['submit'])){ /* firstly we extract the $_POST then it is checked whether the field is empty or not, if yes show corresponding error message value of password and confirm_Password fields are matched if everything is fine then we use connection.php get properties of uploaded file check specifications of uploaded file if file specifications are within constraints, then we query the database using value of enterd email in WHERE clause if 0 rows are affected, it means email is unique insert values into db and move uploaded file */ extract($_POST);
if(empty($email)){ $emailErr = "Please fill out email"; $show_form = true; } else { $email = ($email); if(!filter_var($email, FILTER_VALIDATE_EMAIL)){ $emailErr = "Invalid email format"; $show_form = true; } }
if(empty($password)){ $passwordErr = "Please fill out this field" ; $show_form = true; }
if(empty($confirm_Password)){ $confirm_PasswordErr = "Please fill out this field" ; $show_form = true; }
if( $password !== $confirm_Password){ $passwordErr = "Passwords do not match" ; $confirm_PasswordErr = "Passwords do not match"; $show_form = true; }
if( (!empty($email)) && (!empty($password)) && (!empty($confirm_Password)) && ($password === $confirm_Password) && (!$show_form) ){ # make sure that entered email is not registered already $query = "SELECT * FROM login WHERE email = '$email' "; $result = $conn->query($query);
if($result->num_rows == 0){ $password = sha1($password);
$insert = "INSERT INTO login( email, password) VALUES ('$email', '$password')" ;
if($conn->query($insert) === TRUE){ echo "Signed up successfully. You can now login to your account"; }
} else { $emailErr = "Entered email is already registered"; $show_form = true; }
} else { $show_form = true; }
} # this brace closes the if block which gets executed if the form is submitted
}
# if the form is not submitted, do this else $show_form = true ;
# if show_form is set to true, then show the sign up form if( $show_form ){ ?>
?>
logout.php
session_start();
session_unset();
session_destroy();
header('Location: index.php');
?>
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts
Study Help