commit 129a11420bc66c89a39b935fe78f1a1149d533a0
Author: root <root@posweg.es>
Date:   Sun May 17 00:02:20 2020 +0000

    initial commit

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..466a2e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+*.db
+
diff --git a/index.php b/index.php
new file mode 100644
index 0000000..725826d
--- /dev/null
+++ b/index.php
@@ -0,0 +1,3 @@
+<?php
+echo "hocal"
+?>
diff --git a/login.php b/login.php
new file mode 100644
index 0000000..5d831d0
--- /dev/null
+++ b/login.php
@@ -0,0 +1,87 @@
+<?php
+session_start();
+$db = new SQLite3('ask.db');
+
+//$version = $db->querySingle('SELECT SQLITE_VERSION()');
+
+
+$users_table = $db->query("CREATE TABLE IF NOT EXISTS users(
+	id INTEGER PRIMARY KEY,
+	username TEXT,
+	shadow TEXT,
+	name TEXT,
+	bio TEXT
+	)");
+
+$logErrorMsg = "";
+$validUser = false;
+if(isset($_SESSION["login"])) $validUser = $_SESSION["login"] === true;
+if(isset($_POST["log"])){
+	$validUser = $_POST["logname"] == "admin" && password_verify($_POST["password"], $hash);
+	if(!$validUser) $errorMsg = "Invalid username or password.";
+	else $_SESSION["login"] = true;
+}
+if($validUser){
+	header("Location: /user/".$_POST["logname"]);
+}
+
+$regErrorMsg = "";
+if(isset($_POST["reg"])){
+	if(password_verify($_POST["invite"],"$2y$10\$Mofyx6QsxEartbq..53zlu.FwTX0aMmUeRCNnISvfmrC44iA1SfSO")){
+		if($_POST["regname"]){
+
+			// Set user
+			$user = $_POST["regname"];
+
+			if(preg_match("/[^a-z0-9]/", $_POST["regname"])){
+				$regErrorMsg = "Only lowercase letters and numbers are allowed";
+			}
+			else if($db->querySingle("SELECT * FROM users WHERE username = '$user';")){
+				$regErrorMsg = "Username taken";
+			}
+			else{
+				if($_POST["password"]){
+
+					// Set password
+					$shadow = password_hash($_POST["password"], PASSWORD_DEFAULT);
+
+					// Insert user into DB
+					$db->exec("INSERT INTO users(username,shadow) VALUES ('$user','$shadow')");
+					unset($_POST["regname"],$_POST["password"],$_POST["invite"]);
+
+					$regErrorMsg = "Account created successfully";
+				}
+				else $regErrorMsg = "Please input a password";
+			} 
+		}
+		else $regErrorMsg = "Please input a username";
+	}
+	else $regErrorMsg = "Wrong invitation code";
+}
+
+?>
+
+<!DOCTYPE html>
+<html>
+<head>
+	<meta http-equiv="content-type" content="text/html;chartset=utf8"/>
+	<title>Login</title>
+</head>
+<body>
+	<h2>Login</h2>
+	<form name="input" action="" method="post">
+		<label for="logname">Username:</label><input type="text" value="<?= $_POST["logname"] ?>" id="logname" name="logname"/><br/>
+		<label for="password">Password:</label><input type="password" id="password" name="password"/>
+		<?php if(isset($logErrorMsg)) echo "<p>$logErrorMsg</p>\n"; ?>
+		<input type="submit" value="Login" name="log"/>
+	</form>
+	<h2>Register</h2>
+	<form name="input" action="" method="post">
+		<label for="regname">Username:</label><input type="text" value="<?= $_POST["regname"] ?>" id="regname" name="regname"/><br/>
+		<label for="password">Password:</label><input type="password" id="password" name="password"/><br/>
+		<label for="invite">Invite code:</label><input type="text" value="<?= $_POST["invite"] ?>" id="invite" name="invite"/><br/>
+		<?php if(isset($regErrorMsg)) echo "<p>$regErrorMsg</p>\n"; ?>
+		<input type="submit" value="Register" name="reg"/>
+	</form>
+</body>
+</html>
diff --git a/user.php b/user.php
new file mode 100644
index 0000000..edb0616
--- /dev/null
+++ b/user.php
@@ -0,0 +1,7 @@
+<?php 
+$db = new SQLite3('test.db');
+
+$version = $db->querySingle('SELECT SQLITE_VERSION()');
+
+echo $version . "\n";
+?>