stilbruch
/
tildechan
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

got the login working

This commit is contained in:
hayden 2019-07-01 23:07:21 -05:00
parent dc3d367d19
commit bd44345016
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
login.php
View File

@ -26,22 +26,23 @@ if($_SERVER['REQUEST_METHOD'] == 'POST') {
failed_login('login select statement failed'); failed_login('login select statement failed');
} }
mysqli_stmt_store_result($stmt); mysqli_stmt_store_result($stmt);
if (!mysqli_stmt_num_rows($stmt) != 1) { if (mysqli_stmt_num_rows($stmt) != 1) {
failed_login(); failed_login();
} }
mysqli_stmt_bind_result($stmt, $id, $username, $password_hash, $admin); mysqli_stmt_bind_result($stmt, $id, $username, $password_hash, $admin);
mysqli_stmt_fetch($stmt); mysqli_stmt_fetch($stmt);
if (!password_verify($password, $password_hash)) { if (!password_verify($password, $password_hash)) {
failed_login(); failed_login($password_hash);
} }
session_start();
$_SESSION['logged_id'] = true; $_SESSION['logged_id'] = true;
$_SESSION['id'] = $id; $_SESSION['id'] = $id;
$_SESSION['username'] = $username; $_SESSION['username'] = $username;
$_SESSION['admin'] = $admin; $_SESSION['admin'] = $admin;
//TODO: add some sort of message //TODO: add some sort of message
header('/index.php'); header('Location: /');
} }
display_header("~chan - login"); display_header("~chan - login");

1
register.php
View File

@ -57,7 +57,6 @@ if($_SERVER['REQUEST_METHOD'] == 'POST') {
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
//finally, hash the pasword and insert the new user into the database //finally, hash the pasword and insert the new user into the database
//hash with blowfish with 10 rounds
$hash = password_hash($password, PASSWORD_BCRYPT); $hash = password_hash($password, PASSWORD_BCRYPT);
$insert_user_sql = "INSERT INTO user (username, password, admin, registered, last_login) $insert_user_sql = "INSERT INTO user (username, password, admin, registered, last_login)
VALUES (?, ?, 0, now(), NULL);"; VALUES (?, ?, 0, now(), NULL);";