trinkey/tlm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

logging in works now

Browse source
This commit is contained in:
trinkey 2025-03-22 08:32:13 -04:00
parent d8f1874ebb
commit 6a10ff81f6
3 changed files with 40 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
index.php
View file

@ -1,6 +1,9 @@
<?php <?php
include "config.php"; include "config.php";
include "helper.php";
include "boilerplate/head.php"; include "boilerplate/head.php";
echo(is_logged_in());
?> ?>
<a href="login.php">Log In</a> <a href="login.php">Log In</a>

47
login.php
View file

@ -1,28 +1,47 @@
<?php <?php
include "config.php"; include "config.php";
include "helper.php";
if (is_logged_in()) {
header("Location: index.php");
exit();
}
$u = "";
$p = "";
if ($_SERVER["REQUEST_METHOD"] === "POST") { if ($_SERVER["REQUEST_METHOD"] === "POST") {
$u = $_POST["username"]; $u = strtolower(str_replace(" ", "", $_POST["username"]));
$p = $_POST["password"]; $p = $_POST["password"];
if ($u && $p) { if (!($u && $p)) {
$response = pg_select( $err = "Bad request, missing username or password parameter";
$db, } else if (strlen($u) > 64 || strlen($u) === 0) {
"users", $err = "Username must be 1-64 chars";
array("username" => $u) } else if (!preg_match("/^[a-z0-9_-]{1,64}$/", $u)) {
); $err = "Username can only include a-z, 0-9, _, and -";
} else {
$query = "SELECT password_hash FROM users WHERE username='$u' LIMIT 1;";
if (sizeof($response) === 0) { $response = pg_query($db, $query);
if (pg_num_rows($response) === 0) {
$err = "User '" . htmlspecialchars($u) . "' not found"; $err = "User '" . htmlspecialchars($u) . "' not found";
} else { } else {
echo json_encode($response); $user = pg_fetch_array($response);
if (password_verify($p, $user["password_hash"])) {
setcookie(
"token",
$token,
time() + 60 * 60 * 24 * 30 * 265 // 1 year from now
);
header("Location: index.php");
exit();
} else {
$err = "Incorrect password";
}
} }
} else {
$err = "Bad request, missing username or password parameter";
} }
} else {
$u = "";
$p = "";
} }
$title = "Log In"; $title = "Log In";

11
signup.php
View file

@ -78,7 +78,7 @@
} }
} }
$title = "Log In"; $title = "Sign Up";
include "boilerplate/head.php"; include "boilerplate/head.php";
?> ?>
@ -86,15 +86,10 @@
<div><input placeholder="Username" name="username" value="<?php echo htmlspecialchars($u); ?>" maxlength="64" required></div> <div><input placeholder="Username" name="username" value="<?php echo htmlspecialchars($u); ?>" maxlength="64" required></div>
<div><input placeholder="Password" name="password" type="password" value="<?php echo htmlspecialchars($p); ?>" required></div> <div><input placeholder="Password" name="password" type="password" value="<?php echo htmlspecialchars($p); ?>" required></div>
<div><input placeholder="Verify Password" name="verify" type="password" required></div> <div><input placeholder="Verify Password" name="verify" type="password" required></div>
<div><input type="submit" value="Log in"></div> <div><input type="submit" value="Sign Up"></div>
<p><a href="login.php">Log in instead?</a></p>
</form> </form>
<?php <?php
$q = "SELECT count(*) FROM users LIMIT 1;";
if ($signups !== false || ($signups === false && pg_fetch_array(pg_query($db, $q))["count"] !== 0)) {
echo "<p><a href=\"signup.php\">Sign up instead?</a></p>";
}
include "boilerplate/foot.php"; include "boilerplate/foot.php";
?> ?>