commit 129a11420bc66c89a39b935fe78f1a1149d533a0
Author: root
Date: Sun May 17 00:02:20 2020 +0000
initial commit
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..466a2e5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+*.db
+
diff --git a/index.php b/index.php
new file mode 100644
index 0000000..725826d
--- /dev/null
+++ b/index.php
@@ -0,0 +1,3 @@
+
diff --git a/login.php b/login.php
new file mode 100644
index 0000000..5d831d0
--- /dev/null
+++ b/login.php
@@ -0,0 +1,87 @@
+querySingle('SELECT SQLITE_VERSION()');
+
+
+$users_table = $db->query("CREATE TABLE IF NOT EXISTS users(
+ id INTEGER PRIMARY KEY,
+ username TEXT,
+ shadow TEXT,
+ name TEXT,
+ bio TEXT
+ )");
+
+$logErrorMsg = "";
+$validUser = false;
+if(isset($_SESSION["login"])) $validUser = $_SESSION["login"] === true;
+if(isset($_POST["log"])){
+ $validUser = $_POST["logname"] == "admin" && password_verify($_POST["password"], $hash);
+ if(!$validUser) $errorMsg = "Invalid username or password.";
+ else $_SESSION["login"] = true;
+}
+if($validUser){
+ header("Location: /user/".$_POST["logname"]);
+}
+
+$regErrorMsg = "";
+if(isset($_POST["reg"])){
+ if(password_verify($_POST["invite"],"$2y$10\$Mofyx6QsxEartbq..53zlu.FwTX0aMmUeRCNnISvfmrC44iA1SfSO")){
+ if($_POST["regname"]){
+
+ // Set user
+ $user = $_POST["regname"];
+
+ if(preg_match("/[^a-z0-9]/", $_POST["regname"])){
+ $regErrorMsg = "Only lowercase letters and numbers are allowed";
+ }
+ else if($db->querySingle("SELECT * FROM users WHERE username = '$user';")){
+ $regErrorMsg = "Username taken";
+ }
+ else{
+ if($_POST["password"]){
+
+ // Set password
+ $shadow = password_hash($_POST["password"], PASSWORD_DEFAULT);
+
+ // Insert user into DB
+ $db->exec("INSERT INTO users(username,shadow) VALUES ('$user','$shadow')");
+ unset($_POST["regname"],$_POST["password"],$_POST["invite"]);
+
+ $regErrorMsg = "Account created successfully";
+ }
+ else $regErrorMsg = "Please input a password";
+ }
+ }
+ else $regErrorMsg = "Please input a username";
+ }
+ else $regErrorMsg = "Wrong invitation code";
+}
+
+?>
+
+
+
+
+
+ Login
+
+
+ Login
+
\n"; ?>
+
+
+ Register
+
+
+
diff --git a/user.php b/user.php
new file mode 100644
index 0000000..edb0616
--- /dev/null
+++ b/user.php
@@ -0,0 +1,7 @@
+querySingle('SELECT SQLITE_VERSION()');
+
+echo $version . "\n";
+?>