I'm new to php. I have a login system, and now I'm trying to implement a ban and user activation system but I have some problems on the login script. Here is the code from my script:
<?php
$query = "SELECT id, username, password, salt, email, firstname, lastname, active, banned FROM users WHERE username = :username ";
$query_params = array(
':username' => $_POST['username']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
$login_ok = false;
$login_match = false;
$login_active = false;
$login_banned = false;
if($row)
{
$check_password = hash('sha256', $_POST['password'] . $row['salt']);
if($check_password === $row['password'])
{
$login_match = true;
}
if($row['active'] == 1) {
$login_active = true;
}
if($row['banned'] == 1) {
$login_banned = true;
}
if($login_match && $login_active && !$login_banned) {
$login_ok = true;
}
}
if($login_ok)
{
unset($row['salt']);
unset($row['password']);
$_SESSION['user'] = $row;
header("Location: index.php");
die("Redirecting...");
}
else
{
if(!$login_match) { echo "Wrong username/pasword.";}
if(!$login_active) { echo "Account not activated, check your email";}
if($login_banned) { echo "Your account is banned";}
}
?>
In my Database I have 2 columns active and banned, where 0 means that account is activated and not banned, and 1 if account is not activate or is banned.
How can I display different messages to the user? If a user will enter a wrong username or password, he will get all three messages from the final else {}. I want to display messages to the user like this: If username or password is wrong, display only Wrong username/pasword. and ignore $login_active $login_banned. If username/password is ok, but account not activated, Account not activated, check your email. and ignore the $login_banned switch. If username/password is ok, but account is banned display Your account is banned and ignore the $login_active switch.
I'm sorry if I wrote too much, I hope I explained right.