added the beginning of the login code to login.php
This commit is contained in:
parent
240bdf1973
commit
c0540bd680
43
login.php
43
login.php
|
@ -2,7 +2,39 @@
|
|||
$path = $_SERVER['DOCUMENT_ROOT'];
|
||||
require_once($path . '/core/header.php');
|
||||
require_once($path . '/core/footer.php');
|
||||
require_once($path . '/core/database.php');
|
||||
|
||||
if($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||
|
||||
// funtion to handle failed logins
|
||||
function failed_login($msg = 'invalid username or password') {
|
||||
header("Location: /login.php?error=$msg");
|
||||
exit();
|
||||
}
|
||||
|
||||
// assign the form contents to variables
|
||||
$username = strtolower($_POST['user'] ?? '');
|
||||
$password = strtolower($_POST['pass'] ?? '');
|
||||
|
||||
if ($username == '' || $password == '') failed_login();
|
||||
|
||||
$conn = get_database_conn();
|
||||
$login_sql = "SELECT id, username, password, FROM user WHERE username = ? LIMIT 1";
|
||||
$stmt = mysqli_prepare($conn, $login_sql);
|
||||
mysqli_stmt_bind_param($stmt, 's', $username);
|
||||
if (!mysqli_stmt_execute($stmt)) {
|
||||
failed_login('login select statement failed');
|
||||
}
|
||||
mysqli_stmt_store_result($stmt);
|
||||
if (!mysqli_stmt_num_rows($stmt) != 1) {
|
||||
failed_login();
|
||||
}
|
||||
mysqli_stmt_bind_result($stmt, $id, $username, $password_hash);
|
||||
mysqli_stmt_fetch($stmt);
|
||||
|
||||
|
||||
}
|
||||
|
||||
display_header("~chan - login");
|
||||
?>
|
||||
<div style="
|
||||
|
@ -26,6 +58,17 @@ display_header("~chan - login");
|
|||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<br>
|
||||
<button type="Submit">submit</button>
|
||||
<?php
|
||||
// displays the error messages
|
||||
if(isset($_GET['error'])) {
|
||||
echo "<br><br>";
|
||||
echo "<div class=\"error\">";
|
||||
echo htmlspecialchars($_GET['error']);
|
||||
echo "</div>";
|
||||
}
|
||||
?>
|
||||
</form>
|
||||
</div>
|
||||
|
||||
|
|
|
@ -12,7 +12,7 @@ if($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|||
|
||||
// function to handle failed registrations
|
||||
function failed_register($msg) {
|
||||
header("Location: /register.php?login_failed=$msg");
|
||||
header("Location: /register.php?error=$msg");
|
||||
exit();
|
||||
}
|
||||
|
||||
|
@ -118,10 +118,10 @@ display_header("~chan - register");
|
|||
<br>
|
||||
<button type="Submit">submit</button>
|
||||
<?php
|
||||
if(isset($_GET['login_failed'])) {
|
||||
if(isset($_GET['error'])) {
|
||||
echo "<br><br>";
|
||||
echo "<div class=\"error\">";
|
||||
echo $_GET['login_failed'];
|
||||
echo htmlspecialchars($_GET['error']);
|
||||
echo "</div>";
|
||||
}
|
||||
?>
|
||||
|
|
Loading…
Reference in New Issue