Login improvements and URL rewrites

This commit is contained in:
posweg 2020-05-17 20:06:22 +00:00
parent a84965fb1d
commit e54e877a7a
3 changed files with 26 additions and 7 deletions

View File

@ -1,3 +1,16 @@
<?php <?php
echo "hocal" session_start();
if($_SESSION["login"] === true){
echo($_SESSION["uid"] . " - ");
echo("<a href='/logout'>logout</a>");
}
else{
echo("<a href='/login'>Login</a>");
//header("Location: /login.php"); die();
}
?> ?>
<html>
<h1>LibreCat</h1>
</html>

View File

@ -11,7 +11,7 @@ $users_table = $db->query("CREATE TABLE IF NOT EXISTS users(
)"); )");
$logErrorMsg = ""; $logErrorMsg = "";
$validUser = false; $validUser = $_SESSION["login"] === true;
if(isset($_SESSION["login"])) $validUser = $_SESSION["login"] === true; if(isset($_SESSION["login"])) $validUser = $_SESSION["login"] === true;
if(isset($_POST["log"])){ if(isset($_POST["log"])){
if($_POST["logname"]){ if($_POST["logname"]){
@ -19,6 +19,9 @@ if(isset($_POST["log"])){
$shadow = $db->querySingle("SELECT shadow FROM users WHERE username = '$user'"); $shadow = $db->querySingle("SELECT shadow FROM users WHERE username = '$user'");
if(password_verify($_POST["password"],$shadow)){ if(password_verify($_POST["password"],$shadow)){
echo("Logged in"); echo("Logged in");
$_SESSION["login"] = true;
$_SESSION["uid"] = $db->querySingle("SELECT id FROM users WHERE username = '$user'");
header("Location: /"); die();
} }
else{ else{
$logErrorMsg = "Incorrect user or password"; $logErrorMsg = "Incorrect user or password";
@ -30,8 +33,9 @@ if(isset($_POST["log"])){
if(!$validUser) $errorMsg = "Invalid username or password."; if(!$validUser) $errorMsg = "Invalid username or password.";
else $_SESSION["login"] = true; else $_SESSION["login"] = true;
} }
if($validUser){ if($validUser){
header("Location: /user/".$_POST["logname"]); header("Location: /"); die();
} }
$regErrorMsg = ""; $regErrorMsg = "";

View File

@ -1,7 +1,9 @@
<?php <?php
$db = new SQLite3('test.db'); $db = new SQLite3('ask.db');
$version = $db->querySingle('SELECT SQLITE_VERSION()'); $version = $db->query("SELECT * FROM users;")->fetchArray(SQLITE3_ASSOC);
echo $version . "\n"; var_dump($version);
?>
echo "\n";
?>ñ