/login.php

## login.php
<?php
session_start();
$servername = "127.0.0.1:8889";
$username = "root";
$password = "root";
$databasename = "phpfinal";

try {
    $conn = new PDO("mysql:host=$servername;dbname=$databasename", $username, $password);
    // set the PDO error mode to exception
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

    if(isset($_POST["submit"]))
      {
           if(empty($_POST["userName"]) || empty($_POST["userPass"]))
           {
                $message = '<label>All fields are required</label>';
           }
           else
           {
                $query = "SELECT * FROM credentials WHERE username = :username AND password = :password";
                $statement = $conn->prepare($query);
                $statement->execute(
                     array(
                          'username'     =>     $_POST["userName"],
                          'password'     =>     $_POST["userPass"]
                     )
                );
                $count = $statement->rowCount();
                if($count > 0)
                {
                     $_SESSION["username"] = $_POST["userName"];
                     header("location:user-homepage.php");
                }
                else
                {
                     $message = '<label>Invalid Credentials</label>';
                }
           }
      }

  }
catch(PDOException $e)
    {
    echo "Connection failed: " . $e->getMessage();
    }
?>


<!DOCTYPE html>
<html>
  <head>
    <meta charset="utf-8">
    <title>BMW APP - Homepage</title>
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <link rel="shortcut icon" href="/images/favicon.ico">
    <link rel="apple-touch-icon" href="/images/favicon.ico">
    <link href="https://fonts.googleapis.com/css?family=PT+Sans+Narrow:700" rel="stylesheet">
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
    <link rel="stylesheet" href="radial-progress-bar.css">
    <link rel="stylesheet" href="style.css">
    <script src="scripts.js" charset="utf-8"></script>
  </head>
  <body>

    <nav>

      <ul>
        <li><a href="index.php">HOME</a></li>
        <li><a href="admin-login.php">ADMIN LOGIN</a></li>
        <li><a href="user-login.php">USER LOGIN</a></li>
      </ul>

    </nav>

    <div class="nav-mobile">

      <img src="images/hamburger.png" alt="" id="nav-button">
      <br>


    </div>

    <div class="nav-mobile-container">

      <ul>
        <li><a href="index.php">HOME</a></li>
        <li><a href="admin-login.php">ADMIN LOGIN</a></li>
        <li><a href="user-login.php">USER LOGIN</a></li>
      </ul>

    </div>

    <div class="main">

      <div class="user-login-container1">

        <p class="homepage-title">Please enter your credentials</p>

        <form class="userForm" action="user-login.php" method="post">

          <img src="images/user.png" alt="" id="login-icon">

          <p class="form-error"><?php echo $message ?></p>

          <p class="form-titles">USERNAME</p>

          <p>
            <input type="text" name="userName" value="">
          </p>

          <p class="form-titles">PASSWORD</p>

          <p>
            <input type="password" name="userPass" value="">
          </p>

          <input type="submit" name="submit" value="login">

          <p class="create-account-link"><a href="user-registration.php">Not a current user? Create an account.</a></p>

        </form>

        <img src="images/mlogo.png" alt="" id="mlogo" onContextMenu="return false;">

      </div>

    </div>

  </body>
</html>

## registration.php
<?php
session_start();

include 'connect.php';

$firstnameErr = "";
$lastnameErr = "";
$userErr = "";
$passErr = "";

$validForm = false;

$firstname = "";
$lastname = "";
$user = "";
$password = "";

function validateFirstname() {
	global $firstname, $firstnameErr, $validForm;
	$firstnameErr = "";
	if ($firstname == "") {
		$firstnameErr = "nothing entered";
		$validForm = false;
	}
	elseif (!preg_match("/^[a-zA-Z]+(([\'\,\.\- ][a-zA-Z ])?[a-zA-Z]*)*$/",$firstname)) {
		$firstnameErr = "invalid characters";
		$validForm = false;
	}
}

function validateLastname() {
	global $lastname, $lastnameErr, $validForm;
	$lastnameErr = "";
	if ($lastname == "") {
		$lastnameErr = "nothing entered";
		$validForm = false;
	}
	elseif (!preg_match("/^[a-zA-Z]+(([\'\,\.\- ][a-zA-Z ])?[a-zA-Z]*)*$/",$lastname)) {
		$lastnameErr = "invalid characters";
		$validForm = false;
	}
}

function validateUser() {
	global $user, $userErr, $validForm, $conn;
	$userErr = "";
	if ($user == "") {
		$userErr = "nothing entered";
		$validForm = false;
	}
	elseif (!preg_match("/^[a-zA-Z]+(([\'\,\.\- ][a-zA-Z ])?[a-zA-Z]*)*$/",$user)) {
		$userErr = "invalid characters";
		$validForm = false;
	}
	elseif (strlen($user) > 1) {
		$stmt = $conn->prepare("SELECT 1 FROM credentials WHERE username = :username");
		$stmt->bindValue(':username', $user);
		$stmt->execute();
		$norows = $stmt->rowCount();
		if ($norows > 0) {
		$userErr = 'Username already taken';
		$validForm = false;
		}
		else {
			$userErr = "";
			$validForm = true;
		}
	}
}

function validatePassword() {
	global $password, $passErr, $validForm;
	$passErr = "";
	if ($password == "") {
		$passErr = "nothing entered";
		$validForm = false;
	}
	elseif (strlen($password) > 20) {
		$passErr = "password is longer than 20 characters!";
		$validForm = false;
	}
	elseif (strlen($password) < 8) {
		$passErr = "password is less than 8 characters!";
		$validForm = false;
	}
	else {
		$passwordHash = password_hash($password, PASSWORD_BCRYPT, array("cost" => 12));
	}
}

if( isset($_POST['register']) ) {

	$firstname = $_POST['firstname'];
	$lastname = $_POST['lastname'];
	$user = $_POST['user'];
	$password = $_POST['password'];

	$validForm = true;

	validateFirstname();
	validateLastname();
	validateUser();
	validatePassword();

}

 ?>

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<title>BMW APP - Contact</title>
		<meta name="viewport" content="width=device-width, initial-scale=1.0">
		<link href="https://fonts.googleapis.com/css?family=PT+Sans+Narrow:700" rel="stylesheet">
		<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
		<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
		<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
		<link rel="stylesheet" href="radial-progress-bar.css">
		<link rel="stylesheet" href="style.css">
		<script src="scripts.js" charset="utf-8"></script>
	</head>
	<body>

		<nav>

			<ul>
				<li><a href="index.php">HOME</a></li>
				<li><a href="admin-login.php">ADMIN LOGIN</a></li>
				<li><a href="user-login.php">USER LOGIN</a></li>
			</ul>

		</nav>

		<div class="nav-mobile">

			<img src="images/hamburger.png" alt="" id="nav-button">
			<br>


		</div>

		<div class="nav-mobile-container">

			<ul>
				<li><a href="index.php">HOME</a></li>
				<li><a href="admin-login.php">ADMIN LOGIN</a></li>
				<li><a href="user-login.php">USER LOGIN</a></li>
			</ul>

		</div>

		<div class="main">

			<p class="homepage-title">CREATE YOUR USER ACCOUNT</p>

			<img src="images/m-other.png" alt="" id="registration-img" onContextMenu="return false;">

			<div class="user-login-container1">

				<form action="fix.php" method="post" class="registrationForm">

					<?php

					if ($validForm) {

						try {
							$stmt = $conn->prepare('INSERT INTO credentials (firstname, lastname, username, password) VALUES (:fname, :lname, :username, :pass)');
    					$stmt->bindValue(':fname',$firstname);
    					$stmt->bindValue(':lname',$lastname);
    					$stmt->bindValue(':username',$user);
    					$stmt->bindValue(':pass',$password);
    					$stmt->execute();
					  }

					  catch(PDOException $e) {
					    echo $e->getMessage();
					  }

            $_SESSION["username"] = $_POST["user"];
            header("location:user-homepage.php");

					?>

					<?php
					}
					else {
					?>

					<img src="images/add-icon.png" alt="" id="login-icon">

					<div class="row">

						<div class="col-xs-12 col-md-6">

							<p class="form-errors"><?php echo $firstnameErr ?></p>
							<p class="form-titles">First Name</p>

							<input type="text" name="firstname" value="<?php echo $firstname; ?>"><br>

						</div>

						<div class="col-xs-12 col-md-6">

							<p class="form-errors"><?php echo $lastnameErr ?></p>
							<p class="form-titles">Last Name</p>

							<input type="text" name="lastname" value="<?php echo $lastname; ?>"><br>

						</div>

					</div>

					<p class="form-titles">User Name</p>

					<p class="form-errors"><?php echo $userErr ?></p>

					<input type="text" name="user" value="<?php echo $user; ?>"><br>

					<p class="form-titles">Password</p>

					<p class="form-errors"><?php echo $passErr ?></p>

					<input type="text" name="password" value="<?php echo $password; ?>"><br>

					 <input type="submit" name="register" value="Register"></button>

					 <?php } ?>

			 </form>

				<img src="images/mlogo.png" alt="" id="mlogo" onContextMenu="return false;">

			</div>

		</div>

	</body>
</html>
	<?php
	session_start();
	$servername = "127.0.0.1:8889";
	$username = "root";
	$password = "root";
	$databasename = "phpfinal";

	try {
	$conn = new PDO("mysql:host=$servername;dbname=$databasename", $username, $password);
	// set the PDO error mode to exception
	$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

	if(isset($_POST["submit"]))
	{
	if(empty($_POST["userName"]) \|\| empty($_POST["userPass"]))
	{
	$message = '<label>All fields are required</label>';
	}
	else
	{
	$query = "SELECT * FROM credentials WHERE username = :username AND password = :password";
	$statement = $conn->prepare($query);
	$statement->execute(
	array(
	'username' => $_POST["userName"],
	'password' => $_POST["userPass"]
	)
	);
	$count = $statement->rowCount();
	if($count > 0)
	{
	$_SESSION["username"] = $_POST["userName"];
	header("location:user-homepage.php");
	}
	else
	{
	$message = '<label>Invalid Credentials</label>';
	}
	}
	}

	}
	catch(PDOException $e)
	{
	echo "Connection failed: " . $e->getMessage();
	}
	?>


	<!DOCTYPE html>
	<html>
	<head>
	<meta charset="utf-8">
	<title>BMW APP - Homepage</title>
	<meta name="viewport" content="width=device-width, initial-scale=1.0">
	<link rel="shortcut icon" href="/images/favicon.ico">
	<link rel="apple-touch-icon" href="/images/favicon.ico">
	<link href="https://fonts.googleapis.com/css?family=PT+Sans+Narrow:700" rel="stylesheet">
	<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
	<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
	<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
	<link rel="stylesheet" href="radial-progress-bar.css">
	<link rel="stylesheet" href="style.css">
	<script src="scripts.js" charset="utf-8"></script>
	</head>
	<body>

	<nav>

	<ul>
	<li><a href="index.php">HOME</a></li>
	<li><a href="admin-login.php">ADMIN LOGIN</a></li>
	<li><a href="user-login.php">USER LOGIN</a></li>
	</ul>

	</nav>

	<div class="nav-mobile">

	<img src="images/hamburger.png" alt="" id="nav-button">
	<br>


	</div>

	<div class="nav-mobile-container">

	<ul>
	<li><a href="index.php">HOME</a></li>
	<li><a href="admin-login.php">ADMIN LOGIN</a></li>
	<li><a href="user-login.php">USER LOGIN</a></li>
	</ul>

	</div>

	<div class="main">

	<div class="user-login-container1">

	<p class="homepage-title">Please enter your credentials</p>

	<form class="userForm" action="user-login.php" method="post">

	<img src="images/user.png" alt="" id="login-icon">

	<p class="form-error"><?php echo $message ?></p>

	<p class="form-titles">USERNAME</p>

	<p>
	<input type="text" name="userName" value="">
	</p>

	<p class="form-titles">PASSWORD</p>

	<p>
	<input type="password" name="userPass" value="">
	</p>

	<input type="submit" name="submit" value="login">

	<p class="create-account-link"><a href="user-registration.php">Not a current user? Create an account.</a></p>

	</form>

	<img src="images/mlogo.png" alt="" id="mlogo" onContextMenu="return false;">

	</div>

	</div>

	</body>
	</html>
	<?php
	session_start();

	include 'connect.php';

	$firstnameErr = "";
	$lastnameErr = "";
	$userErr = "";
	$passErr = "";

	$validForm = false;

	$firstname = "";
	$lastname = "";
	$user = "";
	$password = "";

	function validateFirstname() {
	global $firstname, $firstnameErr, $validForm;
	$firstnameErr = "";
	if ($firstname == "") {
	$firstnameErr = "nothing entered";
	$validForm = false;
	}
	elseif (!preg_match("/^[a-zA-Z]+(([\'\,\.\- ][a-zA-Z ])?[a-zA-Z])$/",$firstname)) {
	$firstnameErr = "invalid characters";
	$validForm = false;
	}
	}

	function validateLastname() {
	global $lastname, $lastnameErr, $validForm;
	$lastnameErr = "";
	if ($lastname == "") {
	$lastnameErr = "nothing entered";
	$validForm = false;
	}
	elseif (!preg_match("/^[a-zA-Z]+(([\'\,\.\- ][a-zA-Z ])?[a-zA-Z])$/",$lastname)) {
	$lastnameErr = "invalid characters";
	$validForm = false;
	}
	}

	function validateUser() {
	global $user, $userErr, $validForm, $conn;
	$userErr = "";
	if ($user == "") {
	$userErr = "nothing entered";
	$validForm = false;
	}
	elseif (!preg_match("/^[a-zA-Z]+(([\'\,\.\- ][a-zA-Z ])?[a-zA-Z])$/",$user)) {
	$userErr = "invalid characters";
	$validForm = false;
	}
	elseif (strlen($user) > 1) {
	$stmt = $conn->prepare("SELECT 1 FROM credentials WHERE username = :username");
	$stmt->bindValue(':username', $user);
	$stmt->execute();
	$norows = $stmt->rowCount();
	if ($norows > 0) {
	$userErr = 'Username already taken';
	$validForm = false;
	}
	else {
	$userErr = "";
	$validForm = true;
	}
	}
	}

	function validatePassword() {
	global $password, $passErr, $validForm;
	$passErr = "";
	if ($password == "") {
	$passErr = "nothing entered";
	$validForm = false;
	}
	elseif (strlen($password) > 20) {
	$passErr = "password is longer than 20 characters!";
	$validForm = false;
	}
	elseif (strlen($password) < 8) {
	$passErr = "password is less than 8 characters!";
	$validForm = false;
	}
	else {
	$passwordHash = password_hash($password, PASSWORD_BCRYPT, array("cost" => 12));
	}
	}

	if( isset($_POST['register']) ) {

	$firstname = $_POST['firstname'];
	$lastname = $_POST['lastname'];
	$user = $_POST['user'];
	$password = $_POST['password'];

	$validForm = true;

	validateFirstname();
	validateLastname();
	validateUser();
	validatePassword();

	}

	?>

	<!DOCTYPE html>
	<html>
	<head>
	<meta charset="utf-8">
	<title>BMW APP - Contact</title>
	<meta name="viewport" content="width=device-width, initial-scale=1.0">
	<link href="https://fonts.googleapis.com/css?family=PT+Sans+Narrow:700" rel="stylesheet">
	<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
	<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
	<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
	<link rel="stylesheet" href="radial-progress-bar.css">
	<link rel="stylesheet" href="style.css">
	<script src="scripts.js" charset="utf-8"></script>
	</head>
	<body>

	<nav>

	<ul>
	<li><a href="index.php">HOME</a></li>
	<li><a href="admin-login.php">ADMIN LOGIN</a></li>
	<li><a href="user-login.php">USER LOGIN</a></li>
	</ul>

	</nav>

	<div class="nav-mobile">

	<img src="images/hamburger.png" alt="" id="nav-button">
	<br>


	</div>

	<div class="nav-mobile-container">

	<ul>
	<li><a href="index.php">HOME</a></li>
	<li><a href="admin-login.php">ADMIN LOGIN</a></li>
	<li><a href="user-login.php">USER LOGIN</a></li>
	</ul>

	</div>

	<div class="main">

	<p class="homepage-title">CREATE YOUR USER ACCOUNT</p>

	<img src="images/m-other.png" alt="" id="registration-img" onContextMenu="return false;">

	<div class="user-login-container1">

	<form action="fix.php" method="post" class="registrationForm">

	<?php

	if ($validForm) {

	try {
	$stmt = $conn->prepare('INSERT INTO credentials (firstname, lastname, username, password) VALUES (:fname, :lname, :username, :pass)');
	$stmt->bindValue(':fname',$firstname);
	$stmt->bindValue(':lname',$lastname);
	$stmt->bindValue(':username',$user);
	$stmt->bindValue(':pass',$password);
	$stmt->execute();
	}

	catch(PDOException $e) {
	echo $e->getMessage();
	}

	$_SESSION["username"] = $_POST["user"];
	header("location:user-homepage.php");

	?>

	<?php
	}
	else {
	?>

	<img src="images/add-icon.png" alt="" id="login-icon">

	<div class="row">

	<div class="col-xs-12 col-md-6">

	<p class="form-errors"><?php echo $firstnameErr ?></p>
	<p class="form-titles">First Name</p>

	<input type="text" name="firstname" value="<?php echo $firstname; ?>"><br>

	</div>

	<div class="col-xs-12 col-md-6">

	<p class="form-errors"><?php echo $lastnameErr ?></p>
	<p class="form-titles">Last Name</p>

	<input type="text" name="lastname" value="<?php echo $lastname; ?>"><br>

	</div>

	</div>

	<p class="form-titles">User Name</p>

	<p class="form-errors"><?php echo $userErr ?></p>

	<input type="text" name="user" value="<?php echo $user; ?>"><br>

	<p class="form-titles">Password</p>

	<p class="form-errors"><?php echo $passErr ?></p>

	<input type="text" name="password" value="<?php echo $password; ?>"><br>

	<input type="submit" name="register" value="Register"></button>

	<?php } ?>

	</form>

	<img src="images/mlogo.png" alt="" id="mlogo" onContextMenu="return false;">

	</div>

	</div>

	</body>
	</html>