You will notice that, I have a question on my comments where I show confusion on how to proceed forward. I ask which 1 of the following 2 I should use which will suit the context of my code well.
I commented-out the one that I personally thought did not fit into my codes' context. But, I need your professional opinion.
//$result = mysqli_stmt_get_result($stmt); //Which line to use ? This line or the next ?
$result = mysqli_stmt_bind_result($stmt, $db_id, $db_username, $db_password, $db_email, $db_account_activation_status); // Which line to use ? This line or the one above ?
It is a Log In Page script where the users are given a choice to either login to their accounts by typing their "username" or "email".
Expand|Select|Wrap|Line Numbers
- <?php
- /*
- ERROR HANDLING
- */
- declare(strict_types=1);
- ini_set('display_errors', '1');
- ini_set('display_startup_errors', '1');
- error_reporting(E_ALL);
- mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
- include 'config.php';
- // check if user is already logged in
- if (is_logged() === true)
- {
- //Redirect user to homepage page after 5 seconds.
- header("refresh:2;url=home.php");
- exit; //
- }
- if ($_SERVER['REQUEST_METHOD'] == "POST")
- {
- if (isset($_POST["login_username_or_email"]) && isset($_POST["login_password"]))
- {
- $username_or_email = trim($_POST["login_username_or_email"]); //
- $password = $_POST["login_password"];
- //Select Username or Email to check against Mysql DB if they are already registered or not.
- $stmt = mysqli_stmt_init($conn);
- if(strpos("$username_or_email", "@"))
- {
- $email = $username_or_email;
- $username = "";
- $query = "SELECT ids, usernames, passwords, emails, accounts_activations_statuses FROM users WHERE emails = ?";
- $stmt = mysqli_prepare($conn, $query);
- mysqli_stmt_bind_param($stmt, 's', $email);
- mysqli_stmt_execute($stmt);
- //$result = mysqli_stmt_get_result($stmt); //Which line to use ? This line or the next ?
- $result = mysqli_stmt_bind_result($stmt, $db_id, $db_username, $db_password, $db_email, $db_account_activation_status); // Which line to use ? This line or the one above ?
- }
- else
- {
- $username = $username_or_email;
- $email = "";
- $query = "SELECT ids, usernames, passwords, emails, accounts_activations_statuses FROM users WHERE usernames = ?";
- $stmt = mysqli_prepare($conn, $query);
- mysqli_stmt_bind_param($stmt, 's', $username);
- mysqli_stmt_execute($stmt);
- //$result = mysqli_stmt_get_result($stmt); //Which line to use ? This line or the next ?
- $result = mysqli_stmt_bind_result($stmt, $db_id, $db_username, $db_password, $db_email, $db_account_activation_status); // Which line to use ? This line or the one above ?
- }
- $row = mysqli_stmt_fetch($stmt); //Which line to use ? This line or 2 of the next 2 ?
- mysqli_stmt_close($stmt);
- printf("%s (%s)\n",$row["usernames"],$row["passwords"]);
- if ($result == false)
- {
- echo "No result!";// For debugging purpose!
- exit();
- }
- elseif ($row['accounts_activations_statuses'] == '0')
- {
- {
- echo "You have not activated your account yet! Check your email for instructions on how to activate it.
- Check your spam folder if you don't find an email from us.";
- exit();
- }
- }
- else
- {
- if (password_verify($password, $db_password))
- {
- echo "IF triggered for password_verify! password_verify ok"; // For debugging purpose!
- $_SESSION["user"] = $username;
- header("location:home.php?user=$username");
- }
- else
- {
- echo "Incorrect User Credentials !';<br>";
- exit();
- }
- }
- }
- ?>
- <!DOCTYPE html>
- <html>
- <head>
- <title><?php $site_name?> Member Login Page</title>
- <meta charset="utf-8">
- </head>
- <body>
- <form method="post" action="">
- <h3><?= $site_name ?> Member Login Form</h3>
- <fieldset>
- <label for="login_name">Username/Email:</label>
- <input type="text" name="login_username_or_email" id="login_name" value="">
- <br>
- <label for="login_pass">Password:</label>
- <input type="password" name="login_password" id="login_pass" value="">
- </fieldset>
- <div class="submitsAndHiddens">
- <label for="login_remember">Remember Login Details:</label>
- <input type="checkbox" name="login_remember" />
- <br>
- <button type="submit">Login</button>
- <br>
- <a href="login_password_reset.php">Forgot your Password ? Reset it here!</a>
- <br>
- <a href="register.php">Register here!</a>
- </div>
- </form>
- </body>
- </html>