Login when I try to log in to my site and the following:
<?php
session_start();
require('class/Config.inc.php');
$login = new login;
if(isset($_POST['submit'])){
if($login->logar($_POST['username'], @$_POST['password'])){
$_SESSION['username'] = $_POST['username'];
echo "<script type='text/javascript'>window.alert('Logado com Sucesso.');</script><script>window.location.href= 'index.php';</script>";
}else{
echo '<script type="text/javascript">window.alert("Login ou senha incorretos");</script>';
}
}
?>
<body>
<div class="wrap">
<div id="content">
<p><img src="img/logo-cpb.png" width="400" height="200" /></p>
<div id="main">
<div class="full_w">
<form action="<?php $PHP_SELF; ?>" method="POST">
<label for="login">username:</label>
<input id="login" name="username" class="text" />
<label for="pass">password:</label>
<input id="pass" name="password" type="password" class="text" />
<div class="sep"></div>
<button type="submit" name="submit" class="ok">Login</button>
<button type="button" class="reg" onclick="window.location.href='register.php'">Register</button>
</form>
</div>
</div>
</div>
</div>
</body>Login.class.php
<?php
class Login {
private function encriptar($senha){
$salt = '/x!a@r-$r%an¨.&e&+f*f(f(a)';
$output = hash_hmac('md5', $senha, $salt);
return $output;
}
public function logar($login, $senha){
$conexao = new Config;
$pass = self::encriptar($senha);
try{
$conect = $conexao->getConn();
$prepare = $conect->prepare("SELECT * FROM accounts WHERE login = ? AND password = ?");
$prepare->bindvalue(1, $login);
$prepare->bindvalue(2, $pass);
$prepare->execute();
$ranking = $prepare->rowCount();
if ($ranking >= 1){
return true;
}else{
return false;
}
}catch(PDOException $e){
echo "Erro: ".$e->getMessage();
}
}
}Config.class.php
<?php
Class Config{
private static $Host = HOST;
private static $User = USER;
private static $Pass = PASS;
private static $Dbsa = DBSA;
private static $Connect = null;
private static function Conectar(){
try {
if(self::$Connect == null):
$dsn = 'pgsql:host=' . self::$Host . ';dbname=' . self::$Dbsa;
$options = [ PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES UTF8' ];
self::$Connect = new PDO($dsn, self::$User, self::$Pass, $options);
endif;
} catch (PDOException $e) {
PHPErro($e->getCode(), $e->getMessage(), $e->getFile(), $e->getFile());
}
self::$Connect->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
return self::$Connect;
}
public static function getConn(){
return self::Conectar();
}
}
You must be registered to see links
login.php<?php
session_start();
require('class/Config.inc.php');
$login = new login;
if(isset($_POST['submit'])){
if($login->logar($_POST['username'], @$_POST['password'])){
$_SESSION['username'] = $_POST['username'];
echo "<script type='text/javascript'>window.alert('Logado com Sucesso.');</script><script>window.location.href= 'index.php';</script>";
}else{
echo '<script type="text/javascript">window.alert("Login ou senha incorretos");</script>';
}
}
?>
<body>
<div class="wrap">
<div id="content">
<p><img src="img/logo-cpb.png" width="400" height="200" /></p>
<div id="main">
<div class="full_w">
<form action="<?php $PHP_SELF; ?>" method="POST">
<label for="login">username:</label>
<input id="login" name="username" class="text" />
<label for="pass">password:</label>
<input id="pass" name="password" type="password" class="text" />
<div class="sep"></div>
<button type="submit" name="submit" class="ok">Login</button>
<button type="button" class="reg" onclick="window.location.href='register.php'">Register</button>
</form>
</div>
</div>
</div>
</div>
</body>Login.class.php
<?php
class Login {
private function encriptar($senha){
$salt = '/x!a@r-$r%an¨.&e&+f*f(f(a)';
$output = hash_hmac('md5', $senha, $salt);
return $output;
}
public function logar($login, $senha){
$conexao = new Config;
$pass = self::encriptar($senha);
try{
$conect = $conexao->getConn();
$prepare = $conect->prepare("SELECT * FROM accounts WHERE login = ? AND password = ?");
$prepare->bindvalue(1, $login);
$prepare->bindvalue(2, $pass);
$prepare->execute();
$ranking = $prepare->rowCount();
if ($ranking >= 1){
return true;
}else{
return false;
}
}catch(PDOException $e){
echo "Erro: ".$e->getMessage();
}
}
}Config.class.php
<?php
Class Config{
private static $Host = HOST;
private static $User = USER;
private static $Pass = PASS;
private static $Dbsa = DBSA;
private static $Connect = null;
private static function Conectar(){
try {
if(self::$Connect == null):
$dsn = 'pgsql:host=' . self::$Host . ';dbname=' . self::$Dbsa;
$options = [ PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES UTF8' ];
self::$Connect = new PDO($dsn, self::$User, self::$Pass, $options);
endif;
} catch (PDOException $e) {
PHPErro($e->getCode(), $e->getMessage(), $e->getFile(), $e->getFile());
}
self::$Connect->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
return self::$Connect;
}
public static function getConn(){
return self::Conectar();
}
}
