auth.php
<?php
class Auth{
const HOST_NAME = "localhost";
const USER_NAME = "hoge";
const PASSWORD ="hogehoge";
const DATABASE_NAME = "mail";
private $mysqli = null;
function __construct(){
$this->mysqli = new mysqli(
self::HOST_NAME,
self::USER_NAME,
self::PASSWORD,
self::DATABASE_NAME
);
session_start();
}
public function register($username, $password){
$password = password_hash($_POST["password"], PASSWORD_DEFAULT);
$stmt = $this->mysqli->prepare("INSERT INTO users VALUES(?, ?)");
$stmt->bind_param('ss', $_POST["username"], $password);
return $stmt->execute();
}
public function login($username, $password){
$stmt = $this->mysqli->prepare(
"SELECT password FROM users WHERE username = ?");
$stmt->bind_param('s', $_POST["username"]);
$stmt->execute();
$stmt->store_result();
if($stmt->num_rows == 1){
$stmt->bind_result($hash);
while ($stmt->fetch()){
if(password_verify($_POST['password'], $hash)){
$_SESSION["username"] = $_POST["username"];
return true;
}
}
}
return false;
}
public function getUser(){
if(isset($_SESSION["username"]))
return $_SESSIOn["username"];
return null;
}
public function logout(){
$_SESSION = array();
session_destroy();
}
}
register.php
<?php
require_once("auth.php");
$auth = new Auth();
$status = "none";
if(!empty($_POST["username"]) && !empty($_POST["password"])){
if(!preg_match('/^[0-9a-zA-Z]{3,32}$/', $_POST["username"]))
$status = "error_username";
else if(!preg_match('/^[0-9a-zA-Z]{8,32}$/', $_POST["password"]))
$status = "error_password";
elseif($auth->register($_POST["username"], $_POST["password"]))
$status = "ok";
else
$status = "failed";
}
?>
<head>
<script src="http://code.jquery.com/jquery-2.0.0.min.js"></script>
<script src="register_check.js"></script>
</head>
<h1>Jmail新規登録</h1>
<?php if($status == "ok"):?>
<p>登録完了</p>
<?php elseif($status == "failed"): ?>
<p>エラー:既に存在するユーザ名です。</p>
<?php elseif($status == "none"): ?>
<p>ユーザ名(英数字3~32文字)、推測されにくいパスワード(英数字8~32文字)を入力してください。</p>
<form method="POST" action="">
ユーザ名:<input type="text" name="username">
パスワード:<input type="password" name="password">
<input type="submit" value="登録">
</form>
<?php else: ?>
<p>hogehoge</p>
<?php endif; ?>
login.php
<?php
require_once("auth.php");
$auth = new Auth();
$status = "none";
if($auth->getUser())
$status = "logged_in";
else if(!empty($_POST["username"]) && !empty($_POST["password"])){
if($auth->login($_POST["username"], $_POST["password"]))
$status = "ok";
else
$status = "failed";
}
?>
<h1>ログイン</h1>
<?php if($status == "logged_in"): ?>
<p>ログイン済み</p>
<?php elseif($status == "ok"): ?>
<p>ログイン成功</p>
<?php elseif($status == "failed"): ?>
<p>ログイン失敗</p>
<?php else: ?>
<form method="POST" action="login.php">
ユーザ名:<input type="text" name="username" />
パスワード:<input type="password" name="password" />
<input type="submit" value="ログイン" />
</form>
<?php endif; ?>
logout.php
<?php
require("auth.php");
$auth = new Auth();
$auth->logout();
?>
<h1>ログアウト</h1>
<p>完了<p>
すげー!
