Skip to content
This repository was archived by the owner on Mar 28, 2019. It is now read-only.

Commit 048e7ca

Browse files
ngsankhangsankha
committed
uniform formatting
1 parent 9494b17 commit 048e7ca

File tree

1 file changed

+9
-13
lines changed

1 file changed

+9
-13
lines changed

login.php

+9-13
Original file line numberDiff line numberDiff line change
@@ -10,12 +10,11 @@
1010
if(loggedin())
1111
header("Location: index.php");
1212
else if(isset($_POST['action'])) {
13-
$username = array_key_exists('username', $_POST) ? trim($_POST['username']) : null;
13+
$username = array_key_exists('username', $_POST) ? mysql_real_escape_string(trim($_POST['username'])) : "";
1414
if($_POST['action']=='login') {
15-
if(trim($username) == "" or trim($_POST['password']) == ""){
15+
if(trim($username) == "" or trim($_POST['password']) == "") {
1616
header("Location: login.php?derror=1"); // empty entry
17-
}
18-
else {
17+
} else {
1918
// code to login the user and start a session
2019
connectdb();
2120
$query = "SELECT salt,hash FROM users WHERE username='".$username."'";
@@ -30,20 +29,17 @@
3029
}
3130
} else if($_POST['action']=='register') {
3231
// register the user
33-
//$email = mysql_real_escape_string($_POST['email']);
34-
$username = array_key_exists('username', $_POST) ? trim($_POST['username']) : null;
35-
$email = array_key_exists('email', $_POST) ? trim($_POST['email']) : null;
36-
if(trim($username) == "" and trim($_POST['password']) == "" and trim($email) == ""){
37-
header("Location: login.php?derror=1"); // empty entry\
38-
}
39-
else {
32+
$email = array_key_exists('email', $_POST) ? mysql_real_escape_string(trim($_POST['email'])) : "";
33+
if(trim($username) == "" and trim($_POST['password']) == "" and trim($email) == "") {
34+
header("Location: login.php?derror=1"); // empty entry
35+
} else {
4036
// create the entry in the users table
4137
connectdb();
4238
$query = "SELECT salt,hash FROM users WHERE username='".$username."'";
4339
$result = mysql_query($query);
44-
if(mysql_num_rows($result)!=0)
40+
if(mysql_num_rows($result)!=0) {
4541
header("Location: login.php?exists=1");
46-
else {
42+
} else {
4743
$salt = randomAlphaNum(5);
4844
$hash = crypt($_POST['password'], $salt);
4945
$sql="INSERT INTO `users` ( `username` , `salt` , `hash` , `email`, `status` ) VALUES ('".$username."', '$salt', '$hash', '".$email."', '1')";

0 commit comments

Comments
 (0)