Login improvements and URL rewrites

2020-05-17 20:06:22 +00:00 · 2020-05-17 20:06:22 +00:00 · e54e877a7a
parent a84965fb1d
commit e54e877a7a
3 changed files with 26 additions and 7 deletions
--- a/index.php
+++ b/index.php
@ -1,3 +1,16 @@
 <?php
-echo "hocal"
+session_start();
 if($_SESSION["login"] === true){
 	echo($_SESSION["uid"] . " - ");
 	echo("<a href='/logout'>logout</a>");
 }
 else{
 	echo("<a href='/login'>Login</a>");
 	//header("Location: /login.php"); die();
 }
 ?>
 <html>
 <h1>LibreCat</h1>
 </html>
--- a/login.php
+++ b/login.php
@ -11,7 +11,7 @@ $users_table = $db->query("CREATE TABLE IF NOT EXISTS users(
 	)");
 $logErrorMsg = "";
-$validUser = false;
+$validUser = $_SESSION["login"] === true;
 if(isset($_SESSION["login"])) $validUser = $_SESSION["login"] === true;
 if(isset($_POST["log"])){
 	if($_POST["logname"]){
@ -19,6 +19,9 @@ if(isset($_POST["log"])){
 		$shadow = $db->querySingle("SELECT shadow FROM users WHERE username = '$user'");
 		if(password_verify($_POST["password"],$shadow)){
 			echo("Logged in");
 			$_SESSION["login"] = true;
 			$_SESSION["uid"] = $db->querySingle("SELECT id FROM users WHERE username = '$user'");
 			header("Location: /"); die();
 		}
 		else{
 			$logErrorMsg = "Incorrect user or password";
@ -30,8 +33,9 @@ if(isset($_POST["log"])){
 	if(!$validUser) $errorMsg = "Invalid username or password.";
 	else $_SESSION["login"] = true;
 }
 if($validUser){
-	header("Location: /user/".$_POST["logname"]);
+	header("Location: /"); die();
 }
 $regErrorMsg = "";
--- a/user.php
+++ b/user.php
@ -1,7 +1,9 @@
 <?php 
-$db = new SQLite3('test.db');
+$db = new SQLite3('ask.db');
-$version = $db->querySingle('SELECT SQLITE_VERSION()');
+$version = $db->query("SELECT * FROM users;")->fetchArray(SQLITE3_ASSOC);
-echo $version . "\n";
+var_dump($version);
-?>
+
 echo "\n";
 ?>ñ