I'm trying to create a very simple Login and Registration system using PHP and MSQLi and I'm not sure how to procede here
if()
LOGIN();
else()
REGISTER();
I don't want to complicate the code further by adding email,verification,logout option etc. and I don't wish to use a
<div class="form">
or other possible options that I've come across the internet. I'm just a beginner and I want to know if there's a right way to go with
if()
LOGIN();
else()
REGISTER();
What I have tried:
<!DOCTYPE html>
<html>
<head>
<title>LOGIN</title>
</head>
<body>
<form name="login" action="login.php" method="POST">
Username:<input type="text" name="username"/><br/>
Password:<input type="password" name="password"/><br/>
<input type="submit" name="action" value="Login"/>
<input type="submit" name="action" value="Register"/>
</form>
</body>
</html>
<!DOCTYPE html>
<html>
<head>
<title>LOGIN Result</title>
<?php
function DeclareVariables()
{
global $username,$password;
global $hostname,$database,$db_username,$db_password;
global $DB,$connectDB_ok,$result;
$hostname="localhost";
$database="id15378361_mydb";
$db_username="id15378361_user";
$db_password="Password123!";
$username=$_POST['username'];
$password=$_POST['password'];
$connectDB_ok=true;
}
function Failed($error_msg)
{
global $connectDB_ok;
$connectDB_ok=false;
print $error_msg;
}
function ConnectToDB()
{
global $DB,$hostname,$database,$db_username,$db_password,$connectDB_ok;
$DB=mysqli_connect($hostname,$db_username,$db_password) or Failed("MySQL connecting error");
if($connectDB_ok)
{
mysqli_select_db($DB,$database) or Failed("DATABASE selection error");
}
}
function QueryToDB()
{
global $DB,$result,$connectDB_ok,$username;
if($connectDB_ok)
{
if (trim($username)!='')
{
$query="SELECT * FROM RegisteredUsers WHERE Name='$username';";
$result=mysqli_query($DB,$query) or Failed("SQL query error");
}
else
Failed("Please enter a valid username");
}
}
function CheckUser()
{
global $DB,$result,$connectDB_ok,$username,$password;
if($connectDB_ok)
{
$num=mysqli_num_rows($result);
if ($num==0)
{
print "USER ".$username." doesn't exist";
}
else
{
$row=mysqli_fetch_row($result);
$password_from_db=$row[2];
if ($password_from_db==$password)
{
print "LOGIN of ".$username." was successful";
}
else
{
print "WRONG PASSWORD for USER ".$username;
}
}
}
}
function AddNewUser()
{
global $DB,$connectDB_ok,$username,$password;
if($connectDB_ok)
{
if (trim($username)!='')
{
$query="SELECT MAX(ID) AS 'max_id' FROM RegisteredUsers;";
$result=mysqli_query($DB,$query) or Failed("NEW-ID error");
if($connectDB_ok)
{
$row=mysqli_fetch_row($result);
$newID=$row[0]+1;
$query="INSERT INTO RegisteredUsers (ID,Name,Password) VALUES ($newID,'$username','$password');";
mysqli_query($DB,$query) or Failed("INSERTION error (probably user already exists)");
if($connectDB_ok)
{
print $username." inserted successfully";
}
}
}
else
Failed("Please enter a valid username");
}
}
function LOGIN()
{
DeclareVariables();
ConnectToDB();
QueryToDB();
CheckUser();
}
function REGISTER()
{
DeclareVariables();
ConnectToDB();
QueryToDB();
AddNewUser();
}
?>
</head>
<body>
<?php
if()
LOGIN();
else()
REGISTER();
?>
</body>
</html>