/ Published in: PHP
Expand |
Embed | Plain Text
Copy this code and paste it in your HTML
<?php ## LOGIN and REGISTER form processing and whatnot for Samiia Boutique ## ## @coder: Andy Abi Haydar ## class Login_register extends CI_Controller { protected $pre_error; private $login_param; private $username; private $password; // Initial function function index() { // Loading form and URL helpers $this -> load -> helper("form"); $this -> load -> helper("url"); // Loading library for sessions $this -> load -> library("session"); // Checking to see if user is already logged in // And if so, showing the logged in screen with a title and now error if($this -> session -> userdata("id")) { "title" => "Logged In", "error" => "You are already logged in!"); $this -> load -> view("loggedin", $this -> login_param); } // Else, if the form was submitted, doing the login() function, and if not, refreshing the login screen else { if($_SERVER["REQUEST_METHOD"] == "POST") { $this -> login(); } else { "title" => "Login and Register form" ); $this -> load -> view("login", $this -> login_param); } } } // Login function function login() { // Checking to see if the form was submitted, else validating it. if($_SERVER["REQUEST_METHOD"] !== "POST") { $this -> load -> view("login", $this -> login_param); } else { //Loading form validation and whatnot $this -> load -> helper("form"); $this -> load -> library("form_validation"); //Loading URL helper $this -> load -> helper("url"); // Setting rules for form validation $this -> form_validation -> set_rules("username", "Username", "required|min_length[2]|max_length[15]"); $this -> form_validation -> set_rules("password", "Password", "required"); // Displaying errors or going to success page if($this -> form_validation -> run() == FALSE) { $this -> load -> view("login"); } else { // Connect to database $this -> load -> database(); // Securing post data $this -> load -> library("security"); $this -> load -> library("encrypt"); $this -> username = $this -> input -> post("username"); $this -> username = $this -> security -> xss_clean($this -> username); $this -> username = $this -> db -> escape($this -> username); $this -> password = $this -> input -> post("password"); $this -> password = $this -> security -> xss_clean($this -> username); $this -> password = $this -> db -> escape($this -> password); // Querying the database for values matching the ones given $username_password_match = $this -> db -> query("SELECT * FROM `Users` WHERE `Username` = {$this -> username} && `Password` = {$this -> password}"); // If there is a match if($username_password_match -> num_rows() > 0) { $this -> load -> view("loggedin", $logged_in_params); // Get ID foreach($username_password_match -> result() as $row) { $this -> session -> set_userdata("id", $row -> id); } } // If there isn't else { $this -> login_param = array("title" => "Login and Register forms", "login_error" => "Invalid user/password combination"); $this -> load -> view("login", $this -> login_param); } } } } function logout() { // Loading session helpers $this -> load -> library("session"); $this -> session -> unset_userdata("id"); $this -> index(); } } ?>