This repository was archived by the owner on Aug 13, 2025. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.php
More file actions
71 lines (66 loc) · 2.42 KB
/
index.php
File metadata and controls
71 lines (66 loc) · 2.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<?php
// Include a config which *go figure* configures the connections
// XD
include "config.php";
include "header.php";
if (isset($_SESSION["loggedin"]))
header("location: account.php");
// VARIABLES
$un = $pw = "";
$un_error = $pw_error = 0;
if (isset($_POST["un"]) && isset($_POST["pw"])) {
$un = trim($_POST["un"]);
$pw = trim($_POST["pw"]);
}
// Check if the un is not valid and if so displaying a warning
if (isset($un) && isset($_POST["un"])) {
$result = $conn->query("SELECT ID FROM Accounts WHERE Username='$un'");
if ($result->num_rows == 0)
$un_error = 1;
}
if ($un_error != 1 && $pw_error != 1 && !empty($un) && !empty($pw) && isset($_POST["un"]) && isset($_POST["pw"])) {
$prepared = mysqli_prepare($conn, "SELECT ID,Username,Password FROM Accounts WHERE Username=?");
$prepared->bind_param("s", $un);
if (mysqli_stmt_execute($prepared) == true) { // true == success
mysqli_stmt_store_result($prepared);
if (mysqli_stmt_num_rows($prepared) == 1) {
mysqli_stmt_bind_result($prepared, $id, $un, $hpw);
if (mysqli_stmt_fetch($prepared) == true) { // if data fetched
if (password_verify($pw, $hpw)) {
session_start();
$_SESSION["loggedin"] = true;
$_SESSION["id"] = $id;
$_SESSION["un"] = $un;
// redirect to profile
header("location: store.php");
} else {
$pw_error = 1;
}
}
}
}
mysqli_stmt_close($prepared);
}
// Close connection
mysqli_close($conn);
?>
<main class="uppages">
<title>Purrfect</title>
<h2>Your one stop shop for everything about cats</h2>
<br>
<br>
<form method="post" id="grid">
<label for="un">Username:</label>
<input type="text" name="un" required placeholder="Username">
<?php if ($un_error == 1) {
echo ("<p id=error>Username is not found, maybe sign up</p>");
} ?>
<label for="pw">Password:</label>
<input type="password" name="pw" required minlength="6" placeholder="Password">
<?php if ($pw_error == 1) {
echo ("<p id=error>Password does not match $un </p>");
} ?>
<button type="submit" name="lgin">Login</button>
</form>
<p>Does it not work? Maybe you need an account, <a href="signup.php">sign up here</a> </p>
</main>