jeudi 14 avril 2016

Attempting to create a log in system

So I'm attempting to create a log in system which uses data stored in a table in my database to log in. But I'm struggling to understand what's wrong. The functions are provided, I'm just trying to put together the pieces.. My attempt so far.. Any suggestions would be appreciated

    <form method="post" action="login.php">
<p>
  <label for="username">Username: </label>
  <input type="text" id="user" name="user" placeholder="e.g. email address">
  </p>
<p>  
   <label for="password">Password: </label>
  <input type="password" id="pass" name="pass" placeholder="minimum 6 characters" minlength=6 >
  </p>
  <?php echo $problem; ?>
  <p>
     <input type="submit" value="Submit">
  </p>
</form>
<?php
require_once ("connection.php");
require_once ("passEncrypt.php");
require_once ("loginFunctions.php");
// check to see if connection ok


$problem = "";
$valid = 0;
$user = "user";
$pass = "pass";

if(isset($_POST['user'])){

    if(!empty($_POST['user']) && $_POST['user']!=''){         
$user = mysqli_real_escape_string($conn, trim($_POST['user']));
        $valid=2;
    } else {
       $problem .= "Please enter a username. <br/>";
       $valid = 1;
}

    if(!empty($_POST['pass']) && $_POST['pass']!=''){         
$pass = mysqli_real_escape_string($conn, trim($_POST['pass']));
$valid=2;
    } else {
       $problem .= "Please enter a password. <br/>";
       $valid = 1;
}

if ($valid == 2)
{

     $AllowedAccess = attemptLogin($conn,$user, $pass);
        if($AllowedAccess){
            echo "hurray you can go on";
        } else {
           echo "go away";
        }

}
else{

    echo $problem;
}

}

function attemptLogin($conn, $user, $pass){
 // check to see if there is a user and then get their password and compare this
    $userDetails = getUser($conn, $user);

    if($userDetails){
        if(password_check($pass, $userDetails["password"])){
            return true;        
    } else {
        return false;
        echo "Incorrect Login";
    }
    }
        //echo $userDetails;
        //return $userDetails;
}

function getUser($conn, $user){
    $query = "SELECT * FROM users WHERE username = '$user'";
    $user_data = mysqli_query($conn, $query);
    if($user = mysqli_fetch_assoc($user_data)){
        //header('Location:welcome.php');
        //$_SESSION['user'] = $user['id'];
    } else {
        echo 'Login Failed';
    }
}

?>



Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)