<?php
include('functions/functions_general.php');
include('config.php');
include('GOTCHA/gotcha.php');
session_start();
$CAPTCHA_SESSION_KEY = 'CAPTCHA';
$CAPTCHA_IMAGE_URI = 'GOTCHA/captcha_image.php';
// Log Out
if ($_GET['action'] == 'logout') {
$_SESSION['weight_loss_tracker_username'] = '';
$_SESSION['weight_loss_tracker_user_password'] = '';
$_SESSION['weight_loss_tracker_user_id'] = '';
$result_div .= getResultDiv('You have been logged out','success');
header('Location:' . $return_url);
}
// Add Entry
if ($_POST['action'] == 'login') {
$i = 0;
$result_div .= $error_div;
if ($error_div == '') {
$sql = '
SELECT *
FROM weight_loss_tracker_users
WHERE user_username = "' . $_POST['username'] . '" and
user_password = PASSWORD("' . $_POST['password'] . '")';
$result = mysql_query($sql);
if ($user = mysql_fetch_array($result)) {
$_SESSION['weight_loss_tracker_username'] = $user['user_username'];
$_SESSION['weight_loss_tracker_user_password'] = $user['user_password'];
$_SESSION['weight_loss_tracker_user_id'] = $user['user_id'];
header('Location:index.php');
} else {
$result_div .= getResultDiv('That username and password do not match. Please try again.');
$form = $_POST;
}
} else {
$result_div .= getResultDiv(mysql_error());
$form = $_POST;
}
}
// Register
if ($_POST['action'] == 'register') {
if ($_POST['action'] == 'register') {
$text = isset($_SESSION[$CAPTCHA_SESSION_KEY])? $_SESSION[$CAPTCHA_SESSION_KEY] : NULL;
if (!$p =trim($_POST['code'])) {
$result_div .= getResultDiv('Please enter a code for the image below');
} else if((strtolower($p)) != ($c = strtolower($text))){
$result_div .= getResultDiv('The code entered for the image below was not correct');
} else {
// Successful image
$result_div .= getResultDiv('Success!','success');
if (!checkValidChars($_POST['username'],'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890_')) {
$error_div .= getResultDiv('Please enter only alphanumeric characters for your password');
} elseif (strlen($_POST['username']) < 6) {
$error_div .= getResultDiv('Please enter a longer username (at least 6 characters)');
} else {
$sql = '
SELECT user_username
FROM weight_loss_tracker_users
WHERE user_username = "' . $_POST['username'] . '"';
$result = mysql_query($sql);
if (mysql_num_rows($result ) > 0) {
$error_div .= getResultDiv('That username is already being used, please choose another');
}
}
if ($_POST['password'] != $_POST['password2']) {
$error_div .= getResultDiv('You entered two different passwords, please try again');
} elseif (strlen($_POST['password']) < 6) {
$error_div .= getResultDiv('Please enter a longer password (at least 6 characters)');
} elseif (!checkValidChars($_POST['password'],'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890_')) {
$error_div .= getResultDiv('Please enter only alphanumeric characters for your password');
}
$result_div .= $error_div;
if ($error_div == '') {
$insert = mysql_query('
INSERT INTO weight_loss_tracker_users
SET user_username = "' . $_POST['username'] . '",
user_password = PASSWORD("' . $_POST['password'] . '")');
$result = mysql_query('
SELECT *
FROM weight_loss_tracker_users
WHERE user_username = "' . $_POST['username'] . '"');
$user = mysql_fetch_array($result);
$_SESSION['weight_loss_tracker_username'] = $user['user_username'];
$_SESSION['weight_loss_tracker_user_password'] = $user['user_password'];
$_SESSION['weight_loss_tracker_user_id'] = $user['user_id'];
header('Location:index.php');
} else {
$result_div .= getResultDiv(mysql_error());
$form = $_POST;
}
$_SESSION[$CAPTCHA_SESSION_KEY] = NULL;
}
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<link rel="stylesheet" type="text/css" href="styles/default.css">
<title>User Registration / Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<h1>User Login or Register</h1>
<p>Creating a Weight Loss Tracker account is free and easy. Just fill out the register form below and you're good to go! There are instructions once you log in to help you get started.</p>
<?php echo $result_div; ?>
<h2>Login</h2>
<form action="login-register.php" method="post">
<input type="hidden" name="action" value="login" />
<table>
<tr>
<td>Username: </td>
<td><input type="text" size="30" name="username" /></td>
</tr>
<tr>
<td>Password: </td>
<td><input type="password" size="30" name="password" /></td>
</tr>
</table>
<input type="submit" value="Click to Log In" />
</form>
<hr />
<h2>Register</h2>
<form action="login-register.php" method="post">
<input type="hidden" name="action" value="register" />
<table>
<tr>
<td>Username: </td>
<td><input type="text" size="30" name="username" /></td>
</tr>
<tr>
<td>Password: </td>
<td><input type="password" size="30" name="password" /></td>
</tr>
<tr>
<td>Password (again): </td>
<td><input type="password" size="30" name="password2" /></td>
</tr>
<tr>
<td>Enter Code from Image: </td>
<td><input type="text" size="10" name="code" id="code" /></td>
</tr>
<tr>
<td></td>
<td><a href="#" onclick="var d = document.getElementById('gotcha-captcha');if(d){d.src +='?'+ Math.round(Math.random()*100000);} return false;" id="reload" title="load a new image"><img src="<?php echo $CAPTCHA_IMAGE_URI; ?>" id="gotcha-captcha" alt="captcha image" ></a><br>(Click image if you can't read code)</td>
</tr>
</table>
<input type="submit" name="CHECK" value="Click to Register" />
</form>
<hr />
<div class="align-center"><a href="http://www.my-health-and-fitness.org" target="_blank">Weight Loss Tracker</a> is Powered by <a href="http://www.my-health-and-fitness.org" target="_blank">www.My-Health-and-Fitness.org</a></div>
</body>
</html>