diff options
Diffstat (limited to 'signin.php')
| -rw-r--r-- | signin.php | 25 |
1 files changed, 7 insertions, 18 deletions
@@ -18,8 +18,6 @@ <?php -include_once 'includes/db_inc.php'; - function validate($data) { $data = trim($data); @@ -50,26 +48,17 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') { } echo '</ul>'; } else { - $sql = "SELECT user_id, user_name, user_pass FROM users WHERE user_name = '" . $user_name . "';"; - $result = mysqli_query($dbc, $sql); + $user = new User(); + $result = $user->get_by_name($user_name); if (!$result) { - echo 'An error occurred while signing in: ' . mysqli_error($dbc); + echo 'There is no user with that name. Did you mean to <a href="register.php">create a new account?</a>'; } else { - if (mysqli_num_rows($result) == 0) { - echo 'There is no user with that name. Did you mean to <a href="register.php">create a new account?</a>'; + if (!password_verify($user_pass, $user->password)) { + echo 'Password does not match!'; } else { - while ($row = mysqli_fetch_assoc($result)) { - if (!password_verify($user_pass, $row['user_pass'])) { - echo 'Password does not match!'; - } else { - $_SESSION['signed_in'] = true; - $_SESSION['user_id'] = $row['user_id']; - $_SESSION['user_name'] = $row['user_name']; - - header("Location: index.php"); - } - } + Session::get()->sign_in($user); + header("Location: index.php"); } } } |