This is a login.php.
The user is given a choice to either input his/her Username & Password or Email & Password. In short, either log-in inputting your Username or your Email.
It is written in mysqli procedural. I have not learned pdo oop yet. I need help in the login.php to add the "Remember Me" feature using Cookies. I have googled but most tutorials teach to save the user password in the cookie! And that is a big NO! NO!
Therefore, I do not trust these tutorials any more. But, I trust the php folks here!
Can someone be the Great Samaritan here to show me an example code of how the cookie part should be coded in php ? You're welcome to not start from scratch but work on my work (login.php).
registration.php, logout.php and account_acivation.php finished. Those last 3 files are working fine. Working on the home.php now.
login.php
The user is given a choice to either input his/her Username & Password or Email & Password. In short, either log-in inputting your Username or your Email.
It is written in mysqli procedural. I have not learned pdo oop yet. I need help in the login.php to add the "Remember Me" feature using Cookies. I have googled but most tutorials teach to save the user password in the cookie! And that is a big NO! NO!
Therefore, I do not trust these tutorials any more. But, I trust the php folks here!
Can someone be the Great Samaritan here to show me an example code of how the cookie part should be coded in php ? You're welcome to not start from scratch but work on my work (login.php).
registration.php, logout.php and account_acivation.php finished. Those last 3 files are working fine. Working on the home.php now.
login.php
Code:
<?php
/*
ERROR HANDLING
*/
declare(strict_types=1);
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
include 'config.php';
// check if user is already logged in
if (is_logged() === true)
{
//Redirect user to homepage page after 5 seconds.
header("refresh:2;url=home.php");
exit; //
}
if (isset($_POST["login_username_or_email"]) &&
isset($_POST["login_password"]))
{
$username_or_email = trim($_POST["login_username_or_email"]);
$password = $_POST["login_password"];
//Select Username or Email to check against Mysql DB if they are
already registered or not.
if(strpos("$username_or_email", "@"))
{
$email = $username_or_email;
$query = "SELECT ids, usernames, passwords, emails,
accounts_activations_statuses FROM users WHERE emails = ?";
$stmt = mysqli_stmt_init($conn);
$stmt = mysqli_prepare($conn, $query);
mysqli_stmt_bind_param($stmt, 's', $email);
mysqli_stmt_execute($stmt);
//$result = mysqli_stmt_get_result($stmt); //Which line to use ?
This line or the next ?
$result = mysqli_stmt_bind_result($stmt, $db_id, $db_username,
$db_password, $db_email, $db_account_activation_status); //
Which line to use ? This line or the one above ?
}
else
{
$username = $username_or_email;
$query = "SELECT ids, usernames, passwords, emails,
accounts_activations_statuses FROM users WHERE usernames = ?";
$stmt = mysqli_stmt_init($conn);
$stmt = mysqli_prepare($conn, $query);
mysqli_stmt_bind_param($stmt, 's', $username);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_bind_result($stmt, $db_id, $db_username,
$db_password, $db_email, $db_account_activation_status); //
Which line to use ? This line or the one above ?
}
$row = mysqli_stmt_fetch($stmt);
mysqli_stmt_close($stmt);
if (!password_verify($password, $db_password))
{
echo "Incorrect User Credentials!';<br>";
exit();
}
else
{
$_SESSION["user"] = $db_username;
header("location:home.php?user=$db_username");
}
}
?>
