stilbruch
/
tildechan
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

added the beginning of the login code to login.php

This commit is contained in:
hayden 2019-06-30 00:27:42 -05:00
parent 240bdf1973
commit c0540bd680
2 changed files with 46 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
login.php
View File

@ -2,7 +2,39 @@
$path = $_SERVER['DOCUMENT_ROOT'];
require_once($path . '/core/header.php');
require_once($path . '/core/footer.php');
require_once($path . '/core/database.php');
if($_SERVER['REQUEST_METHOD'] == 'POST') {
// funtion to handle failed logins
function failed_login($msg = 'invalid username or password') {
header("Location: /login.php?error=$msg");
exit();
}
// assign the form contents to variables
$username = strtolower($_POST['user'] ?? '');
$password = strtolower($_POST['pass'] ?? '');
if ($username == '' || $password == '') failed_login();
$conn = get_database_conn();
$login_sql = "SELECT id, username, password, FROM user WHERE username = ? LIMIT 1";
$stmt = mysqli_prepare($conn, $login_sql);
mysqli_stmt_bind_param($stmt, 's', $username);
if (!mysqli_stmt_execute($stmt)) {
failed_login('login select statement failed');
}
mysqli_stmt_store_result($stmt);
if (!mysqli_stmt_num_rows($stmt) != 1) {
failed_login();
}
mysqli_stmt_bind_result($stmt, $id, $username, $password_hash);
mysqli_stmt_fetch($stmt);
}
display_header("~chan - login");
?>
<div style="
@ -26,6 +58,17 @@ display_header("~chan - login");
</td>
</tr>
</table>
<br>
<button type="Submit">submit</button>
<?php
// displays the error messages
if(isset($_GET['error'])) {
echo "<br><br>";
echo "<div class=\"error\">";
echo htmlspecialchars($_GET['error']);
echo "</div>";
}
?>
</form>
</div>

6
register.php
View File

@ -12,7 +12,7 @@ if($_SERVER['REQUEST_METHOD'] == 'POST') {
// function to handle failed registrations
function failed_register($msg) {
header("Location: /register.php?login_failed=$msg");
header("Location: /register.php?error=$msg");
exit();
}
@ -118,10 +118,10 @@ display_header("~chan - register");
<br>
<button type="Submit">submit</button>
<?php
if(isset($_GET['login_failed'])) {
if(isset($_GET['error'])) {
echo "<br><br>";
echo "<div class=\"error\">";
echo $_GET['login_failed'];
echo htmlspecialchars($_GET['error']);
echo "</div>";
}
?>