hi guys,
For instance, I got a login process like below:
login.php
------------------------------------------------------------------
Code: Select all
<form id="login_form" action="process-login.php" method="post">
<p>
<label for="name">Username: </label>
<input type="text" name="username" />
</p>
<p>
<label for="pwd">Password: </label>
<input type="password" name="pwd" />
</p>
<p>
<input type="submit" id="submit" value="Login" name="submit" />
</p>
</form>-----------------------------------------------------------------
Code: Select all
<?php
$con = null;
try {
$con = new PDO('mysql:host=localhost;dbname=abc', 'user1', 'password');
} catch(PDOException $e) {
error_log($e->getMessage());
}
$valid_user = false;
$username = $_POST['username']);
$password = $_POST['pwd']);
try {
$con->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$stmt = $con->prepare('select count(*) from user where username = :username and password = :password');
$stmt->execute(array('username' => $username , 'password' => md5($password)));
if($stmt->fetch()) {
$stmt->close();
$valid_user = true;
}
} catch(PDOException $e) {
error_log($e->getMessage());
}
if($valid_user){
echo 'success';
}
$con = null;
?>-----------------------------------------------------------------
Code: Select all
<?php
session_start();
require_once 'classes/Membership.php';
$membership = new Membership();
if($_POST && !empty($_POST['username']) && !empty($_POST['pwd'])) {
$response = $membership->validate_User($_POST['username'], $_POST['pwd']);
}
if($response)
echo 'success';
else
echo 'fail';
?>-----------------------------------------------------------------
Code: Select all
<?php
require 'Mysql.php';
class Membership {
function validate_user($un, $pwd) {
$mysql = New Mysql();
$ensure_credentials = $mysql->verify_Username_and_Pass($un, md5($pwd));
if($ensure_credentials) {
$_SESSION['status'] = 'authorized';
header("location: index.php");
} else return "Please enter a correct username and password";
}
function log_User_Out() {
if(isset($_SESSION['status'])) {
unset($_SESSION['status']);
if(isset($_COOKIE[session_name()]))
setcookie(session_name(), '', time() - 1000);
session_destroy();
}
}
function confirm_Member() {
session_start();
if($_SESSION['status'] !='authorized') header("location: login.php");
}
}
?>-----------------------------------------------------------------
Code: Select all
<?php
require_once 'includes/constants.php';
class Mysql {
private $con;
function __construct() {
try {
$this->$con = new PDO('mysql:host=localhost;dbname=abc', 'user1', 'password') or die('failed to connect to database');
$this->$con->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
error_log($e->getMessage());
}
}
function verify_Username_and_Pass($username, $password) {
$stmt = $con->prepare('select count(*) from user where username = :username and password = :password');
$stmt->execute(array('username' => $username , 'password' => md5($password)));
if($stmt->fetch()) {
$stmt->close();
return true;
}
return false;
}
}
?>thanks & regards,
Mark
pickle | Please use [ code=php ], [ code=text ], etc tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: