<?php


## LOGIN and REGISTER form processing and whatnot for Samiia Boutique ##
## @coder: Andy Abi Haydar ##

class Login_register extends CI_Controller {

	protected $pre_error;
	private $login_param;
	
	private $username;
	private $password;

	// Initial function
	function index()
	{
		// Loading form and URL helpers
		$this -> load -> helper("form");
		$this -> load -> helper("url");
		

		// Loading library for sessions
		$this -> load -> library("session");

		// Checking to see if user is already logged in
		// And if so, showing the logged in screen with a title and now error
		if($this -> session -> userdata("id"))
		{
			$this -> login_param = array(
							"title" => "Logged In",
							"error" => "You are already logged in!");

			$this -> load -> view("loggedin", $this -> login_param);
		}

		// Else, if the form was submitted, doing the login() function, and if not, refreshing the login screen
		else
		{
			if($_SERVER["REQUEST_METHOD"] == "POST")
			{
				$this -> login();
			}
			
			else 
			{
				$this -> login_param = array(
							"title" => "Login and Register form"
							);

				$this -> load -> view("login", $this -> login_param);
			}
		
		}	
	}

	// Login function
	function login() 
	{


		// Checking to see if the form was submitted, else validating it.
		if($_SERVER["REQUEST_METHOD"] !== "POST")
		{
			$this -> login_param = array("title" => "Login and Register form");
			$this -> load -> view("login", $this -> login_param);
		}

		else 
		{
			//Loading form validation and whatnot
			$this -> load -> helper("form");
			$this -> load -> library("form_validation");
	
			//Loading URL helper
			$this -> load -> helper("url");
	
			// Setting rules for form validation
			$this -> form_validation -> set_rules("username", "Username", "required|min_length[2]|max_length[15]");
			$this -> form_validation -> set_rules("password", "Password", "required");
	
			// Displaying errors or going to success page
			if($this -> form_validation -> run() == FALSE)
			{
				$this -> load -> view("login");
			}
		
			else
			{
				// Connect to database
				$this -> load -> database();
				
				// Securing post data
				$this -> load -> library("security");
				$this -> load -> library("encrypt");

				$this -> username = $this -> input -> post("username");
				$this -> username = $this -> security -> xss_clean($this -> username);
				$this -> username = $this -> db -> escape($this -> username);


				$this -> password = $this -> input -> post("password");
				$this -> password = $this -> security -> xss_clean($this -> username);
				$this -> password = $this -> encrypt -> sha1($this -> password);
				$this -> password = $this -> db -> escape($this -> password);
				
				// Querying the database for values matching the ones given
				$username_password_match = $this -> db -> query("SELECT * FROM `Users` WHERE `Username` = {$this -> username} && `Password` = {$this -> password}");
	
				// If there is a match
				if($username_password_match -> num_rows() > 0)
				{
					$logged_in_params = array("title" => "Logged In", "error" => NULL);
					$this -> load -> view("loggedin", $logged_in_params);
					// Get ID
					foreach($username_password_match -> result() as $row) 
					{
						$this -> session -> set_userdata("id", $row -> id);
					}

				}
				
				// If there isn't
				else 
				{
					$this -> login_param = array("title" => "Login and Register forms", "login_error" => "Invalid user/password combination");
					$this -> load -> view("login", $this -> login_param);
				}
			}
		}
	}

	function logout() 
	{
		// Loading session helpers
		$this -> load -> library("session");

		$this -> session -> unset_userdata("id");
		$this -> index();
	}

}
?>

First part of a login/register script in CodeIgniter

login, php, codeigniter

PHP