¿Es mejor que la parte de if(isset($_SESSION['usuario'])){
header('Location: login.php');
} lo valide mediante un método?
¿Que os parece el sistema?
Saludos a todos y gracias.
index.php
Código PHP:
<?php
session_start();
include('inc/DbImpl.php');
include('inc/LoginImpl.php');
if(isset($_SESSION['usuario'])){
header('Location: login.php');
}
if(isset($_POST['submit'])){
$login = new LoginImpl($_POST['username'],$_POST['password']);
if($login->verificar()){
$_SESSION['usuario'] = $_POST['username'];
echo 'Correcto';
header('Location: login.php');
}else{
echo 'Incorrecto';
}
$login->close();
}
?>
<form action="" method="post">
<input name="username" placeholder="Username"><br>
<input name="password" placeholder="Password"><br>
<input name="submit" type="Submit">
</form>
<a href="register.php">Registrate</a> Código PHP:
<?php
session_start();
include('inc/DbImpl.php');
include('inc/RegisterImpl.php');
if(isset($_SESSION['usuario'])){
header('Location: login.php');
}
if(isset($_POST['submit'])){
$register = new RegisterImpl($_POST['username'],$_POST['email'],$_POST['password'],$_POST['password2']);
if($register->addUsername()){
header('Location: index.php');
}
$register->close();
}
?>
<form action="" method="post">
<input name="username" placeholder="Username"><br>
<input name="email" placeholder="Email"><br>
<input name="password" placeholder="Password"><br>
<input name="password2" placeholder="Repeat password"><br><br>
<input name="submit" type="Submit">
</form> Código PHP:
<?php
session_start();
if(isset($_SESSION['usuario'])){
echo 'Logeado <a href="salir.php">Sal</a>';
}else{
header('Location: index.php');
}
?> Código PHP:
<?php
session_start();
session_destroy();
header('Location: index.php');
?> Código PHP:
<?php
interface DB {
public function getDb();
public function error();
public function close();
}
class DBImpl {
private $host = '';
private $tabla = '';
private $usuario = '';
private $contrasena = '';
private $db;
public function __construct(){
$this->db = mysqli_connect($this->host,$this->usuario,$this->contrasena,$this->tabla);
}
public function getDb(){
return $this->db;
}
public function error(){
return mysqli_error($this->db);
}
public function close(){
mysqli_close($this->db);
}
}
?> Código PHP:
<?php
interface Login {
public function verificar();
}
class LoginImpl extends DBImpl implements Login {
private $username;
private $password;
private $consulta;
public function __construct($username,$password){
parent::__construct();
$this->username = $username;
$this->password = $password;
}
public function verificar(){
$res = false;
$this->consulta = mysqli_query(parent::getDb(), "SELECT username,password FROM username WHERE username = '".mysqli_real_escape_string(parent::getDb(), $this->username)."' AND password = '".mysqli_real_escape_string(parent::getDb(), $this->password)."' LIMIT 0,1");
if($consulta1 = mysqli_fetch_assoc($this->consulta)){
$res = true;
}
return $res;
}
}
?> Código PHP:
<?php
interface Register {
public function getUsername();
public function getEmail();
public function addUsername();
}
class RegisterImpl extends DBImpl implements Register {
private $username;
private $email;
private $password;
private $password2;
public function __construct($username,$email,$password,$password2){
parent::__construct();
//Validar
$this->checkUsername($username);
$this->checkEmail($email);
$this->checkPassword($password,$password2);
$this->username = $username;
$this->email = $email;
$this->password = $password;
$this->password2 = $password2;
}
private function checkUsername($username){
$this->consulta = mysqli_query(parent::getDb(), "SELECT username FROM username WHERE username = '".mysqli_real_escape_string(parent::getDb(), $username)."' LIMIT 0,1");
if($consulta1 = mysqli_fetch_assoc($this->consulta)){
throw new Exception("Usuario ya existe");
}
if(empty($username)){
throw new Exception("Usuario esta vacio");
}
}
private function checkEmail($email){
$this->consulta = mysqli_query(parent::getDb(), "SELECT email FROM username WHERE email = '".mysqli_real_escape_string(parent::getDb(), $email)."' LIMIT 0,1");
if($consulta1 = mysqli_fetch_assoc($this->consulta)){
throw new Exception("Email ya existe");
}
if(empty($email)){
throw new Exception("Email esta vacio");
}
}
private function checkPassword($password,$password2){
if($password != $password2){
throw new Exception("Contraseñas incorrectas, no son iguales");
}
if(empty($password)){
throw new Exception("Password esta vacio");
}
if(empty($password2)){
throw new Exception("Password2 esta vacio");
}
}
public function getUsername(){
return $this->username;
}
public function getEmail(){
return $this->email;
}
public function addUsername(){
$res = false;
$this->consulta = mysqli_query(parent::getDb(), "INSERT INTO username(username,email,password) VALUES ('".mysqli_real_escape_string(parent::getDb(), $this->username)."','".mysqli_real_escape_string(parent::getDb(), $this->email)."','".mysqli_real_escape_string(parent::getDb(), $this->password)."')");
if($consulta1 = mysqli_fetch_assoc($this->consulta)){
$res = true;
}
return $res;
}
}
?> 
