thies/loginpagefoo
Template
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Wiki Activity

commented login.php

Browse Source
This commit is contained in:
Thies Mueller 2021-01-12 17:00:14 +01:00
parent 94259e06ee
commit fc63a94627
1 changed files with 19 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
login.php
View File

@ -1,18 +1,24 @@
<?php <?php
session_start(); /*
include 'db.inc.php'; author: Thies Müller
contact: contactme@td00.de
source: https://github.com/td00/loginpagefoo
license: AGPL 3.0
*/
session_start(); //here the session starts again
include 'db.inc.php'; //we need a db connection here too!
if(isset($_GET['login'])) { if(isset($_GET['login'])) { //same as register. looks for "?login=1" in the url
$username = $_POST['username']; $username = $_POST['username']; //gets the username as variable
$password = $_POST['password']; $password = $_POST['password']; //and the password
$statement = $pdo->prepare("SELECT * FROM users WHERE username = :username"); $statement = $pdo->prepare("SELECT * FROM users WHERE username = :username"); //looking in the database for "usernane"
$result = $statement->execute(array('username' => $username)); $result = $statement->execute(array('username' => $username));
$user = $statement->fetch(); $user = $statement->fetch();
if ($user !== false && password_verify($password, $user['password'])) { if ($user !== false && password_verify($password, $user['password'])) { //if user exist & posted hash of password = saved password hash do the following:
$_SESSION['userid'] = $user['id']; $_SESSION['userid'] = $user['id']; //adding some user infos in the session
$_SESSION['email'] = $user['email']; $_SESSION['email'] = $user['email'];
$_SESSION['username'] = $user['username']; $_SESSION['username'] = $user['username'];
$_SESSION['givenName'] = $user['givenName']; $_SESSION['givenName'] = $user['givenName'];
@ -21,12 +27,13 @@ if(isset($_GET['login'])) {
$_SESSION['updated_at'] = $user['updated_at']; $_SESSION['updated_at'] = $user['updated_at'];
$_SESSION['isadmin'] = $user['isadmin']; $_SESSION['isadmin'] = $user['isadmin'];
$_SESSION['profilepicture'] = $user['profilepicture']; $_SESSION['profilepicture'] = $user['profilepicture'];
die('<div class="alert alert-success" role="alert"> successfull. go to: <a href="start.php">start page</a></div> <meta http-equiv="refresh" content="0; URL=start.php">'); die('<div class="alert alert-success" role="alert"> successfull. go to: <a href="start.php">start page</a></div> <meta http-equiv="refresh" content="0; URL=start.php">'); //successful login, thats all.
} else { } else {
$errorMessage = '<div class="alert alert-danger" role="alert">somethings wrong (maybe wrong password or wrong user)</div><br>'; $errorMessage = '<div class="alert alert-danger" role="alert">somethings wrong (maybe wrong password or wrong user)</div><br>'; //if password not match or username doesn't exist print this line
} }
} }
//now lets get some html started for the webpage!
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
@ -38,9 +45,10 @@ if(isset($_GET['login'])) {
<body> <body>
<?php <?php
if(isset($errorMessage)) { if(isset($errorMessage)) { //if there is an error Message print it
echo $errorMessage; echo $errorMessage;
} }
//an now the form is starting (also with bootstrap for some eyecandy)
?> ?>
<script src="ressources/js/bootstrap.min.js"></script> <script src="ressources/js/bootstrap.min.js"></script>
<div class="jumbotron jumbotron-fluid"> <div class="jumbotron jumbotron-fluid">