-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.php
108 lines (83 loc) · 2.63 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
<?php
$name = getenv('MYNAME');
session_start();
// redirect if user is already logged in
if(isset($_SESSION['username']) && isset($_SESSION['userID']) && isset($_SESSION['api_key'])) {
header("Location:index.php");
exit();
}
$username = $_POST['username'] ?? "";
$passwordOne = $_POST['passwordOne'] ?? "";
$error = '';
if(isset($_POST['submit'])){
// check for any invalid data provided by the user (because of you the html is setup only one error message will be shown at once)
if (empty($username)){ $error = 'no username given'; }
else if (empty($passwordOne)) { $error = 'no password given'; }
else {
//connect to the database
require './includes/library.php';
$pdo = connectdb();
//find user with given username
$query = 'SELECT * FROM cois3430_users WHERE username = ?';
$stmt = $pdo->prepare($query);
$stmt->execute([$username]);
$databaseUser = $stmt->fetch();
if(empty($databaseUser)) { $error = 'username not found'; }
else {
//check if password is correct
if (!password_verify($passwordOne, $databaseUser['password'])){ $error = 'incorrect password'; }
else {
//save all relevant information to session
$_SESSION['username'] = $databaseUser['username'];
$_SESSION['userID'] = $databaseUser['userID'];
$_SESSION['api_key'] = $databaseUser['api_key'];
//redirect user
header("Location:index.php");
exit();
}
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login</title>
<link rel="stylesheet" href="./styles/login.css">
<link rel="stylesheet" href="./styles/main.css">
</head>
<body>
<?php include './components/nav.php'; ?>
<div class="loginForm">
<h1>Login</h1>
<form id="create-account" method="post" action="">
<div class="textInput">
<input
type="text"
name="username"
value="<?= $username ?>"
placeholder=' '
/>
<label for="username">Username</label>
</div>
<div class="textInput">
<input
type="password"
name="passwordOne"
value="<?= $passwordOne ?>"
placeholder=' '
/>
<label for="password">Password</label>
</div>
<input type="submit" name="submit" value="Login">
</form>
<?php if ($error != ''): ?>
<p class="error"> error: <?= $error ?> </p>
<?php endif ?>
<p>Dont have an account?</p>
<a href='/~<?= $name ?>/3430/assn/cois-3430-2024su-a2-BigBeill/create-account'>create account</a>
</div>
</body>
</html>