From e54e877a7a8dc833c3b9ffdf29781067a7dacda5 Mon Sep 17 00:00:00 2001 From: posweg Date: Sun, 17 May 2020 20:06:22 +0000 Subject: [PATCH] Login improvements and URL rewrites --- index.php | 15 ++++++++++++++- login.php | 8 ++++++-- user.php | 10 ++++++---- 3 files changed, 26 insertions(+), 7 deletions(-) diff --git a/index.php b/index.php index 725826d..8ac31e2 100644 --- a/index.php +++ b/index.php @@ -1,3 +1,16 @@ logout"); +} +else{ + echo("Login"); + //header("Location: /login.php"); die(); +} ?> + + +

LibreCat

+ diff --git a/login.php b/login.php index fb9024c..6ce5243 100644 --- a/login.php +++ b/login.php @@ -11,7 +11,7 @@ $users_table = $db->query("CREATE TABLE IF NOT EXISTS users( )"); $logErrorMsg = ""; -$validUser = false; +$validUser = $_SESSION["login"] === true; if(isset($_SESSION["login"])) $validUser = $_SESSION["login"] === true; if(isset($_POST["log"])){ if($_POST["logname"]){ @@ -19,6 +19,9 @@ if(isset($_POST["log"])){ $shadow = $db->querySingle("SELECT shadow FROM users WHERE username = '$user'"); if(password_verify($_POST["password"],$shadow)){ echo("Logged in"); + $_SESSION["login"] = true; + $_SESSION["uid"] = $db->querySingle("SELECT id FROM users WHERE username = '$user'"); + header("Location: /"); die(); } else{ $logErrorMsg = "Incorrect user or password"; @@ -30,8 +33,9 @@ if(isset($_POST["log"])){ if(!$validUser) $errorMsg = "Invalid username or password."; else $_SESSION["login"] = true; } + if($validUser){ - header("Location: /user/".$_POST["logname"]); + header("Location: /"); die(); } $regErrorMsg = ""; diff --git a/user.php b/user.php index edb0616..1ab05eb 100644 --- a/user.php +++ b/user.php @@ -1,7 +1,9 @@ querySingle('SELECT SQLITE_VERSION()'); +$version = $db->query("SELECT * FROM users;")->fetchArray(SQLITE3_ASSOC); -echo $version . "\n"; -?> +var_dump($version); + +echo "\n"; +?>ñ