got the login working
This commit is contained in:
parent
dc3d367d19
commit
bd44345016
|
@ -26,22 +26,23 @@ if($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
failed_login('login select statement failed');
|
failed_login('login select statement failed');
|
||||||
}
|
}
|
||||||
mysqli_stmt_store_result($stmt);
|
mysqli_stmt_store_result($stmt);
|
||||||
if (!mysqli_stmt_num_rows($stmt) != 1) {
|
if (mysqli_stmt_num_rows($stmt) != 1) {
|
||||||
failed_login();
|
failed_login();
|
||||||
}
|
}
|
||||||
mysqli_stmt_bind_result($stmt, $id, $username, $password_hash, $admin);
|
mysqli_stmt_bind_result($stmt, $id, $username, $password_hash, $admin);
|
||||||
mysqli_stmt_fetch($stmt);
|
mysqli_stmt_fetch($stmt);
|
||||||
if (!password_verify($password, $password_hash)) {
|
if (!password_verify($password, $password_hash)) {
|
||||||
failed_login();
|
failed_login($password_hash);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
session_start();
|
||||||
$_SESSION['logged_id'] = true;
|
$_SESSION['logged_id'] = true;
|
||||||
$_SESSION['id'] = $id;
|
$_SESSION['id'] = $id;
|
||||||
$_SESSION['username'] = $username;
|
$_SESSION['username'] = $username;
|
||||||
$_SESSION['admin'] = $admin;
|
$_SESSION['admin'] = $admin;
|
||||||
|
|
||||||
//TODO: add some sort of message
|
//TODO: add some sort of message
|
||||||
header('/index.php');
|
header('Location: /');
|
||||||
}
|
}
|
||||||
|
|
||||||
display_header("~chan - login");
|
display_header("~chan - login");
|
||||||
|
|
|
@ -57,7 +57,6 @@ if($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
mysqli_stmt_close($stmt);
|
mysqli_stmt_close($stmt);
|
||||||
|
|
||||||
//finally, hash the pasword and insert the new user into the database
|
//finally, hash the pasword and insert the new user into the database
|
||||||
//hash with blowfish with 10 rounds
|
|
||||||
$hash = password_hash($password, PASSWORD_BCRYPT);
|
$hash = password_hash($password, PASSWORD_BCRYPT);
|
||||||
$insert_user_sql = "INSERT INTO user (username, password, admin, registered, last_login)
|
$insert_user_sql = "INSERT INTO user (username, password, admin, registered, last_login)
|
||||||
VALUES (?, ?, 0, now(), NULL);";
|
VALUES (?, ?, 0, now(), NULL);";
|
||||||
|
|
Loading…
Reference in New Issue