-
Notifications
You must be signed in to change notification settings - Fork 0
/
User.php
77 lines (60 loc) · 2.07 KB
/
User.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
<?php
/* @var $url */
class User
{
public function Login() {
$url = 'Location: ' . $_GET['href'];
$login = trim($_POST['login']);
$password = trim($_POST['password']);
if (!empty($login) and !empty($password)) {
include 'dbConfig.php';
/* @var $dbh*/
$sth = $dbh -> prepare('SELECT * FROM users WHERE login = ?');
$sth -> execute([$login]);
$user = $sth -> fetch(PDO::FETCH_OBJ);
if ($user) {
if (password_verify($password, $user -> password)) {
$_SESSION['user'] = $user -> login;
unset($_SESSION['errorLog']);
unset($_SESSION['errorReg']);
header($url);
}
else {
$_SESSION['errorLog'] = "Username or password isn't correct";
header($url);
}
}
else {
$_SESSION['errorLog'] = 'There are 0 users with this login. Register';
echo $url;
header($url);
}
}
else {
$_SESSION['errorLog'] = 'fill empty fields!';
header($url);
echo 'shit!';
}
}
public function register() {
$login = trim($_POST['login']);
$password = trim($_POST['password']);
$email = trim($_POST['email']);
if (!empty($login) and !empty($password)) {
include 'dbConfig.php';
$password = password_hash($password, PASSWORD_DEFAULT);
/* @var $dbh*/
$sth = $dbh -> prepare('INSERT INTO users (login, password, email) VALUES (?, ?, ?)');
try {
$sth -> execute([$login, $password, $email]);
}
catch (PDOException $e) {
if ( $e->getCode() == 23000) {
$_SESSION['errorReg'] = 'sorry, this username has been already taken :)';
header($url);
die();
}
}
}
}
}