AutoPulse v 1.0.1
 
Loading...
Searching...
No Matches
Functions | Variables
C:/Users/ivans/OneDrive/Документы/ZWA/sem/process-login.php File Reference

This script provides validation of user login form inputs, comparison of user authorization data from the input with the one set in the database for this user, and starting a session with set parameters of 'user_id' and 'admin'. More...

Functions

 terminateLoginWithError ($errorParam)
 

Variables

if(isset($error) && $error==="db_access_failed") $email = $_POST['email'] ?? ''
 
 $password = $_POST['password'] ?? ''
 
 $emailPattern = "/^[a-z0-9.]+@[a-z0-9.]+\.[a-z0-9]{2,8}$/"
 
 $passwordPattern = "/^(?=.*[0-9])(?=.*[!@#$%^&*-_])[a-zA-Z0-9!@#$%^&*-_]{8,32}$/"
 
if(!preg_match($emailPattern, $email)||!preg_match($passwordPattern, $password)) try
 
 $user = $stmt->fetch(PDO::FETCH_ASSOC)
 
if(! $user||!password_verify( $password, $user[ 'password'])) catch(PDOException $e) $_SESSION ["user_id"] = $user['id']
 
 $_SESSION ["admin"] = $user['admin']
 
 $pdo = null
 

Detailed Description

This script provides validation of user login form inputs, comparison of user authorization data from the input with the one set in the database for this user, and starting a session with set parameters of 'user_id' and 'admin'.

Terminates and redirects back to the form page with error context parameter and all the user inputs except passwords as parameters of the redirecting GET request in case of error of data validation or database communication.

Function Documentation

◆ terminateLoginWithError()

terminateLoginWithError ( $errorParam)

Redirects to the editdata page with the specified error parameter and current user inputs except passwords, and terminates the script.

Parameters
string$errorParamThe error parameter to be appended to the URL.

Variable Documentation

◆ $_SESSION [1/2]

$_SESSION["admin"] = $user['admin']

◆ $_SESSION [2/2]

if(! $user||!password_verify($password, $user['password'])) catch (PDOException $e) $_SESSION["user_id"] = $user['id']

◆ $email

if (isset( $error) &&$error==="db_access_failed") $email = $_POST['email'] ?? ''

Check if there was a database access error and terminate the login process if so.

◆ $emailPattern

$emailPattern = "/^[a-z0-9.]+@[a-z0-9.]+\.[a-z0-9]{2,8}$/"

◆ $password

$password = $_POST['password'] ?? ''

◆ $passwordPattern

$passwordPattern = "/^(?=.*[0-9])(?=.*[!@#$%^&*-_])[a-zA-Z0-9!@#$%^&*-_]{8,32}$/"

◆ $pdo

$pdo = null

◆ $user

$user = $stmt->fetch(PDO::FETCH_ASSOC)

◆ try

if (!preg_match( $emailPattern, $email)||!preg_match( $passwordPattern, $password)) try
Initial value:
{
$stmt = $pdo->prepare("SELECT id, `password`, admin FROM users WHERE email = :email")
$pdo
if(! $user) catch(PDOException $e) $pdo
Definition myprofile.php:59
$stmt
if(! $userExists) $stmt
Definition process-accountDelete.php:48
Generated by doxygen 1.13.2