-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathindex.php
55 lines (47 loc) · 2.01 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
<?php
/**
* A simple, clean and secure PHP Login Script / MINIMAL VERSION
*
* Uses PHP SESSIONS, modern password-hashing and salting and gives the basic functions a proper login system needs.
*
* @author Panique
* @link /~https://github.com/panique/php-login-minimal/
* @license http://opensource.org/licenses/MIT MIT License
*/
// checking for minimum PHP version
if (version_compare(PHP_VERSION, '5.3.7', '<')) {
exit("Sorry, Simple PHP Login does not run on a PHP version smaller than 5.3.7 !");
} else if (version_compare(PHP_VERSION, '5.5.0', '<')) {
// if you are using PHP 5.3 or PHP 5.4 you have to include the password_api_compatibility_library.php
// (this library adds the PHP 5.5 password hashing functions to older versions of PHP)
require_once("libraries/password_compatibility_library.php");
}
// include the configs / constants for the database connection
require_once("config/db.php");
// load the login class
require_once("classes/Login.php");
// create a login object. when this object is created, it will do all login/logout stuff automatically
// so this single line handles the entire login process. in consequence, you can simply ...
$login = new Login();
// ... ask if we are logged in here:
if ($login->isUserLoggedIn() == true) {
// the user is logged in. you can do whatever you want here.
// for demonstration purposes, we simply show the "you are logged in" view.
if(isset($_GET['ID'])){
$con = mysqli_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
$ID = mysqli_real_escape_string($con,$_GET['ID']);
$sql ="SELECT * from users WHERE user_name='$ID'";
$result = mysqli_query($con, $sql) or die("BAd QUERy $sql");
$row = mysqli_fetch_array($result);
include("views/logged_in.php");
}
else{
$userid = $_SESSION['user_name'];
header('location: /index.php?ID=' . $userid);
}
} else {
// the user is not logged in. you can do whatever you want here.
// for demonstration purposes, we simply show the "you are not logged in" view.
include("views/not_logged_in.php");
}
?>