thies/loginpagefoo
Template
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Wiki Activity

commented login.php

Browse Source
This commit is contained in:
Thies Mueller 2021-01-12 17:00:14 +01:00
parent 94259e06ee
commit fc63a94627
1 changed files with 19 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
login.php
View File

@ -1,18 +1,24 @@
<?php
session_start();
include 'db.inc.php';
/*
author: Thies Müller
contact: contactme@td00.de
source: https://github.com/td00/loginpagefoo
license: AGPL 3.0
*/
session_start(); //here the session starts again
include 'db.inc.php'; //we need a db connection here too!
if(isset($_GET['login'])) {
$username = $_POST['username'];
$password = $_POST['password'];
if(isset($_GET['login'])) { //same as register. looks for "?login=1" in the url
$username = $_POST['username']; //gets the username as variable
$password = $_POST['password']; //and the password
$statement = $pdo->prepare("SELECT * FROM users WHERE username = :username");
$statement = $pdo->prepare("SELECT * FROM users WHERE username = :username"); //looking in the database for "usernane"
$result = $statement->execute(array('username' => $username));
$user = $statement->fetch();
if ($user !== false && password_verify($password, $user['password'])) {
$_SESSION['userid'] = $user['id'];
if ($user !== false && password_verify($password, $user['password'])) { //if user exist & posted hash of password = saved password hash do the following:
$_SESSION['userid'] = $user['id']; //adding some user infos in the session
$_SESSION['email'] = $user['email'];
$_SESSION['username'] = $user['username'];
$_SESSION['givenName'] = $user['givenName'];
@ -21,12 +27,13 @@ if(isset($_GET['login'])) {
$_SESSION['updated_at'] = $user['updated_at'];
$_SESSION['isadmin'] = $user['isadmin'];
$_SESSION['profilepicture'] = $user['profilepicture'];
die('<div class="alert alert-success" role="alert"> successfull. go to: <a href="start.php">start page</a></div> <meta http-equiv="refresh" content="0; URL=start.php">');
die('<div class="alert alert-success" role="alert"> successfull. go to: <a href="start.php">start page</a></div> <meta http-equiv="refresh" content="0; URL=start.php">'); //successful login, thats all.
} else {
$errorMessage = '<div class="alert alert-danger" role="alert">somethings wrong (maybe wrong password or wrong user)</div><br>';
$errorMessage = '<div class="alert alert-danger" role="alert">somethings wrong (maybe wrong password or wrong user)</div><br>'; //if password not match or username doesn't exist print this line
}
}
//now lets get some html started for the webpage!
?>
<!DOCTYPE html>
<html>
@ -38,9 +45,10 @@ if(isset($_GET['login'])) {
<body>
<?php
if(isset($errorMessage)) {
if(isset($errorMessage)) { //if there is an error Message print it
echo $errorMessage;
}
//an now the form is starting (also with bootstrap for some eyecandy)
?>
<script src="ressources/js/bootstrap.min.js"></script>
<div class="jumbotron jumbotron-fluid">