connect_error){die('err connecting');}
//good continue, clean form
$temp_group = cleandata($_POST["groupusr"]);
$temp_grkey = cleandata($_POST["groupkey"]);
$temp_usern = cleandata($_POST["username"]);
//query
$query = "select * from user where eventname ='$temp_group'";
$result = $dbcon->query($query);
$good=false;
if ($result->num_rows ==1) {
$result->data_seek(0);
$row = $result->fetch_array(MYSQLI_ASSOC);
if ($row['eventmstr']==$temp_usern) {
$token = hash('sha256',$temp_grkey.$row['eventsalt']);
$base64 = base64_encode(pack('H*',$token)); //this converts hext to base 64
if ($base64==$row['eventkey']){$good=true;$temp_useri=$row['userid'];}
}
else {
$token = hash('sha256',$temp_grkey.$row['publicsalt']);
$base64 = base64_encode(pack('H*',$token)); //this converts hext to base 64
if ($base64==$row['publickey']) {$good=true;$temp_useri=$row['userid'];}
}
}
if (strlen($temp_usern)<3)
{
$good=false;
}
if ($good) {
session_start();
$_SESSION["type"] = "not_master";
if ($row['eventmstr']==$temp_usern) {$_SESSION["type"] = "master";}
$_SESSION["timestamp"] = time();
$_SESSION["group"] = cleandata($_POST["group"]);
$_SESSION["username"] = cleandata($_POST["username"]);
$_SESSION["userid"] = cleandata($temp_useri);
if ( $_SESSION["type"] == "master"){
header("Location: /event/masterevent"); //redirect to index.php
}
else {
header("Location: /event/myevent"); //redirect to index.php
}
}
else {
$_SESSION['logged_in'] = "Invalid entry";
//echo "Invalid entry";
}
}
}
?>
Please Type in Your Event Group Name