-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.php
71 lines (54 loc) · 1.75 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
<?php
function saveToken($token,$session_id){
$myfile = fopen("authKeys.txt", "a") or die("Unable to open file!");
$string = $session_id.":".$token."\n";
fwrite($myfile, $string);
fclose($myfile);
}
function generateToken( $uname ) {
$secretKey = mt_rand();
$sessionId = session_id();
$csrf_token = sha1( $uname.$sessionId.$secretKey );
saveToken($csrf_token,$sessionId);
}
if ($_SESSION['loggedIn']){
header('Location:form.php');
}else{
if (count($_POST)>0) {
if ($_POST['uname'] != "" || $_POST['passwd'] != "") {
if ($_POST['uname'] == "chathura" && $_POST['pwd'] == "abc") {
session_start();
generateToken( $_POST['uname'] );
$_SESSION['loggedIn'] = true;
header('Location:form.php');
}
} else {
header('Location:index.php');
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link href="css/bootstrap.min.css" rel="stylesheet">
<link href="css/form-validation.css" rel="stylesheet">
</head>
<body>
<h2>Login Form</h2>
<div class="container">
<form action="index.php" method="post">
<div class="form-group">
<label for="userName">Username</label>
<input name="uname" type="test" class="form-control" id="userName" aria-describedby="userName" placeholder="Enter Username">
</div>
<div class="form-group">
<label for="exampleInputPassword1">Password</label>
<input name="pwd" type="password" class="form-control" id="exampleInputPassword1" placeholder="Password">
</div>
<button type="submit" class="btn btn-primary">Login</button>
</form>
</div>
</body>
</html>