Php Folks,
You will notice that, I have a question on my comments where I show confusion on how to proceed forward. I ask which 1 of the following 3 I should use which will suit the context of my code well.
I commented-out the ones that I personally thought did not fit into my codes' context. But, I need your professional opinion.
//Which of the following to use and why that one over the other 2 ?
$row = mysqli_stmt_fetch($stmt); //Which line to use ? This line or 2 of the next 2 ?
//$row = mysqli_fetch_array($query, MYSQLI_ASSOC); //Which line to use ? This line or the one above this lone or the one below this line ?
//$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
It is a Log In Page script where the users are given a choice to either login to their accounts by typing their "username" or "email".
No one know answer ?
Folks,
Do you mind reviewing my code in my original post and edit wherever you deem editing is necessary ?
I prefer versions here on one you use the mysqli_stmt_fetch and on the other mysqli_fetch_array.
That way, we newbies learn both from you with your examples.
You will notice that, I have a question on my comments where I show confusion on how to proceed forward. I ask which 1 of the following 3 I should use which will suit the context of my code well.
I commented-out the ones that I personally thought did not fit into my codes' context. But, I need your professional opinion.
//Which of the following to use and why that one over the other 2 ?
$row = mysqli_stmt_fetch($stmt); //Which line to use ? This line or 2 of the next 2 ?
//$row = mysqli_fetch_array($query, MYSQLI_ASSOC); //Which line to use ? This line or the one above this lone or the one below this line ?
//$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
It is a Log In Page script where the users are given a choice to either login to their accounts by typing their "username" or "email".
Code:
<?php
/*
ERROR HANDLING
*/
declare(strict_types=1);
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
include 'config.php';
// check if user is already logged in
if (is_logged() === true)
{
//Redirect user to homepage page after 5 seconds.
header("refresh:2;url=home.php");
exit; //
}
if (isset($_POST["login_username_or_email"]) && isset($_POST["login_password"]))
{
$username_or_email = trim($_POST["login_username_or_email"]); //
$password = $_POST["login_password"];
//Select Username or Email to check against Mysql DB if they are already registered or not.
$stmt = mysqli_stmt_init($conn);
if(strpos("$username_or_email", "@"))
{
$email = $username_or_email;
$username = "";
$query = "SELECT ids, usernames, passwords, emails, accounts_activations_statuses FROM users WHERE emails = ?";
$stmt = mysqli_prepare($conn, $query);
mysqli_stmt_bind_param($stmt, 's', $email);
mysqli_stmt_execute($stmt);
//$result = mysqli_stmt_get_result($stmt); //Which line to use ? This line or the next ?
$result = mysqli_stmt_bind_result($stmt, $db_id, $db_username, $db_password, $db_email, $db_account_activation_status); // Which line to use ? This line or the one above ?
}
else
{
$username = $username_or_email;
$email = "";
$query = "SELECT ids, usernames, passwords, emails, accounts_activations_statuses FROM users WHERE usernames = ?";
$stmt = mysqli_prepare($conn, $query);
mysqli_stmt_bind_param($stmt, 's', $username);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_bind_result($stmt, $db_id, $db_username, $db_password, $db_email, $db_account_activation_status);
}
//Which of the following 3 to use and why that one over the other 2 ?
$row = mysqli_stmt_fetch($stmt); //Which line to use ? This line or 2 of the next 2 ?
//$row = mysqli_fetch_array($query, MYSQLI_ASSOC); //Which line to use ? This line or the one above this lone or the one below this line ?
//$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
mysqli_stmt_close($stmt);
printf("%s (%s)\n",$row["usernames"],$row["passwords"]);
if ($result == false)
{
echo "No result!";// For debugging purpose!
exit();
}
elseif ($row['accounts_activations_statuses'] == '0')
{
{
echo "You have not activated your account yet! Check your email for instructions on how to activate it.
Check your spam folder if you don't find an email from us.";
exit();
}
}
else
{
if (password_verify($password, $db_password))
{
echo "IF triggered for password_verify! password_verify ok"; // For debugging purpose!
$_SESSION["user"] = $username;
header("location:home.php?user=$username");
}
else
{
echo "Incorrect User Credentials !';<br>";
exit();
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title><?php $site_name?> Member Login Page</title>
<meta charset="utf-8">
</head>
<body>
<form method="post" action="">
<h3><?= $site_name ?> Member Login Form</h3>
<fieldset>
<label for="login_name">Username/Email:</label>
<input type="text" name="login_username_or_email" id="login_name" value="">
<br>
<label for="login_pass">Password:</label>
<input type="password" name="login_password" id="login_pass" value="">
</fieldset>
<div class="submitsAndHiddens">
<label for="login_remember">Remember Login Details:</label>
<input type="checkbox" name="login_remember" />
<br>
<button type="submit">Login</button>
<br>
<a href="login_password_reset.php">Forgot your Password ? Reset it here!</a>
<br>
<a href="register.php">Register here!</a>
</div>
</form>
</body>
</html>
Folks,
Do you mind reviewing my code in my original post and edit wherever you deem editing is necessary ?
I prefer versions here on one you use the mysqli_stmt_fetch and on the other mysqli_fetch_array.
That way, we newbies learn both from you with your examples.