OpenShorte.old/lib/php/login.php

<?php
    if ( isset ( $_SESSION [ 'user_id' ] ) ) {
        header ( "Location: " . $GLOBALS [ 'config' ] [ 'installation_path' ] . "/dashboard" );
        exit;
    }
    if ( isset ( $GLOBALS [ 'request_uri' ] [ 1 ] ) && $GLOBALS [ 'request_uri' ] [ 1 ] == "forgot" ) {
        include ( 'lib/php/forgot.php' );
        exit;
    }
    if ( isset ( $_POST [ 'username' ] ) && isset ( $_POST [ 'password' ] ) && isset ( $_POST [ 'hashedpassword' ] ) ) {
        function wrong_credentials ( ) {
            header ( 'Content-Type: application/json' );
            http_response_code ( 401 );
            $response = [
                'status' => 401,
                'error_message' => 'Username or password not correct.',
            ];
            echo ( json_encode ( $response ) );
            exit;
        }
        $username = $_POST [ 'username' ];
        $password = $_POST [ 'password' ];
        $hashedpassword = $_POST [ 'hashedpassword' ];
        if ( strcasecmp ( hash ( "sha512", $password ), $hashedpassword ) != 0 ) {
            wrong_credentials ( );
        }
        $database = new Database ( $config [ 'db' ] );
        $database->connect ( );
        $database->prepare ( "SELECT users.id FROM users WHERE users.username = :username AND users.password = :password" );
        $database->bind ( [ ':username' => $username, ':password' => strtoupper ( $hashedpassword ) ] );
        $database->execute ( );
        $result = $database->get_result ( );
        if ( $result->rowCount ( ) == 0 ) {
            wrong_credentials ( );
        }
        else {
            $row = $result->fetchAll ( ) [ 0 ];
            $_SESSION [ 'user_id' ] = $row [ 'id' ];
            header ( 'Content-Type: application/json' );
            $response = [
                'status' => 200,
                'message' => 'Authentication succesfully executed.',
            ];
            echo ( json_encode ( $response ) );
            exit;
        }
    }
    else {
?>
<!DOCTYPE html>
<html>
    <head>
        <title>Login | <?=$GLOBALS['config']['website_name']?></title>
        <link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css" rel="stylesheet">
        <link href="<?=$GLOBALS['config']['installation_path']?>/lib/css/login.css" rel="stylesheet">
        <link href="<?=$GLOBALS['config']['installation_path']?>/favicon.ico" rel="icon" type="image/x-icon">
    </head>
    <body>
    <div class="container col-lg-6 col-md-8 col-sm-12 col-xs-12 login-container" id="login-container">
        <div class="row">
            <div class="col-xs-12 login-form-1">
                <h3>Login</h3>
                <form>
                    <div class="form-group">
                        <input type="text" class="form-control" placeholder="Username" value="" id="form-username" required />
                    </div>
                    <div class="form-group">
                        <input type="password" class="form-control" placeholder="Password" value="" id="form-password" required />
                    </div>
                    <div class="form-group">
                        <input type="button" class="col-md-6 btnSubmit" value="Login" onclick="login()" />
                        <input type="button" class="col-md-6 btnForget" value="Forgot Password?" onclick="window.location.href='<?=$GLOBALS['config']['installation_path']."/login/forgot"?>'">
                    </div>
                    <div class="form-group">
                        <div id="login-response" class="login-response"></div>
                    </div>
                </form>
            </div>
        </div>
        <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js"></script>
        <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js" integrity="sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo=" crossorigin="anonymous"></script>
        <script src="<?=$GLOBALS['config']['installation_path']?>/lib/js/sha512.min.js"></script>
        <script src="<?=$GLOBALS['config']['installation_path']?>/lib/js/login.js"></script>
        <script>var script_name = "<?=$GLOBALS['config']['installation_path']?>/dashboard";</script>
    </body>
</html>
<?php
    }
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`<?php`
			`if ( isset ( $_SESSION [ 'user_id' ] ) ) {`
deleted config.json - no more need of it, added installer to create config.json 2019-06-02 13:20:08 +00:00			`header ( "Location: " . $GLOBALS [ 'config' ] [ 'installation_path' ] . "/dashboard" );`
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`exit;`
			`}`
Corrected redirect bug - fixed request_uri position during checks. 2019-04-30 10:00:55 +00:00			`if ( isset ( $GLOBALS [ 'request_uri' ] [ 1 ] ) && $GLOBALS [ 'request_uri' ] [ 1 ] == "forgot" ) {`
Corrected password reset page inclusion in /lib/php/login.php 2019-05-29 17:06:48 +00:00			`include ( 'lib/php/forgot.php' );`
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`exit;`
			`}`
Added secondary security login with double password 2019-06-05 22:59:20 +00:00			`if ( isset ( $_POST [ 'username' ] ) && isset ( $_POST [ 'password' ] ) && isset ( $_POST [ 'hashedpassword' ] ) ) {`
			`function wrong_credentials ( ) {`
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`header ( 'Content-Type: application/json' );`
Minor changes Moved config into $GLOBALS Moved request_uri into $GLOBALS Modified all files accordingly Modified logout page for future improvements (not deleting the entire $_SESSION) Fixed LICENSEs, moved LICENSE for PHP files in /lib/php subfolder instead of /lib 2019-04-06 09:57:35 +00:00			`http_response_code ( 401 );`
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`$response = [`
			`'status' => 401,`
			`'error_message' => 'Username or password not correct.',`
			`];`
			`echo ( json_encode ( $response ) );`
Refactored database, refactored config file, corrected login redirection Moved database function in class "Database"; Corrected database-using webpages accordingly; Moved config file from PHP to JSON with more config variables; Corrected login page redirection on wrong username or password. 2019-03-21 11:07:23 +00:00			`exit;`
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`}`
Added secondary security login with double password 2019-06-05 22:59:20 +00:00			`$username = $_POST [ 'username' ];`
			`$password = $_POST [ 'password' ];`
			`$hashedpassword = $_POST [ 'hashedpassword' ];`
			`if ( strcasecmp ( hash ( "sha512", $password ), $hashedpassword ) != 0 ) {`
			`wrong_credentials ( );`
			`}`
			`$database = new Database ( $config [ 'db' ] );`
			`$database->connect ( );`
			`$database->prepare ( "SELECT users.id FROM users WHERE users.username = :username AND users.password = :password" );`
			`$database->bind ( [ ':username' => $username, ':password' => strtoupper ( $hashedpassword ) ] );`
			`$database->execute ( );`
			`$result = $database->get_result ( );`
			`if ( $result->rowCount ( ) == 0 ) {`
			`wrong_credentials ( );`
			`}`
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`else {`
Website refactored Converted MySQLi Database.php class to PHP_PDO objects 2019-05-29 17:27:41 +00:00			`$row = $result->fetchAll ( ) [ 0 ];`
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`$_SESSION [ 'user_id' ] = $row [ 'id' ];`
			`header ( 'Content-Type: application/json' );`
			`$response = [`
			`'status' => 200,`
			`'message' => 'Authentication succesfully executed.',`
			`];`
			`echo ( json_encode ( $response ) );`
Refactored database, refactored config file, corrected login redirection Moved database function in class "Database"; Corrected database-using webpages accordingly; Moved config file from PHP to JSON with more config variables; Corrected login page redirection on wrong username or password. 2019-03-21 11:07:23 +00:00			`exit;`
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`}`
			`}`
			`else {`
			`?>`
Refactored the website Renamed "includes" to "templates" Added .htaccess to redirect requests to index.php Added function to split request URL into array Corrected locations in scripts and pages 2019-02-07 11:36:44 +00:00			`<!DOCTYPE html>`
			`<html>`
			`<head>`
Corrected login page title 2019-05-29 17:04:11 +00:00			`<title>Login \| <?=$GLOBALS['config']['website_name']?></title>`
Refactored database, refactored config file, corrected login redirection Moved database function in class "Database"; Corrected database-using webpages accordingly; Moved config file from PHP to JSON with more config variables; Corrected login page redirection on wrong username or password. 2019-03-21 11:07:23 +00:00			`<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css" rel="stylesheet">`
Website refactored Prepared the website structure for the new layout 2019-05-29 17:01:38 +00:00			`<link href="<?=$GLOBALS['config']['installation_path']?>/lib/css/login.css" rel="stylesheet">`
			`<link href="<?=$GLOBALS['config']['installation_path']?>/favicon.ico" rel="icon" type="image/x-icon">`
Refactored the website Renamed "includes" to "templates" Added .htaccess to redirect requests to index.php Added function to split request URL into array Corrected locations in scripts and pages 2019-02-07 11:36:44 +00:00			`</head>`
			`<body>`
small login adjustements, finished unminimizing sha512.js 2019-05-30 12:17:10 +00:00			`<div class="container col-lg-6 col-md-8 col-sm-12 col-xs-12 login-container" id="login-container">`
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`<div class="row">`
small login adjustements, finished unminimizing sha512.js 2019-05-30 12:17:10 +00:00			`<div class="col-xs-12 login-form-1">`
Corrected login form title. 2019-03-18 10:32:39 +00:00			`<h3>Login</h3>`
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`<form>`
			`<div class="form-group">`
small login adjustements, finished unminimizing sha512.js 2019-05-30 12:17:10 +00:00			`<input type="text" class="form-control" placeholder="Username" value="" id="form-username" required />`
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`</div>`
			`<div class="form-group">`
small login adjustements, finished unminimizing sha512.js 2019-05-30 12:17:10 +00:00			`<input type="password" class="form-control" placeholder="Password" value="" id="form-password" required />`
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`</div>`
			`<div class="form-group">`
small login adjustements, finished unminimizing sha512.js 2019-05-30 12:17:10 +00:00			`<input type="button" class="col-md-6 btnSubmit" value="Login" onclick="login()" />`
			`<input type="button" class="col-md-6 btnForget" value="Forgot Password?" onclick="window.location.href='<?=$GLOBALS['config']['installation_path']."/login/forgot"?>'">`
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`</div>`
			`<div class="form-group">`
small login adjustements, finished unminimizing sha512.js 2019-05-30 12:17:10 +00:00			`<div id="login-response" class="login-response"></div>`
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`</div>`
			`</form>`
			`</div>`
			`</div>`
Refactored database, refactored config file, corrected login redirection Moved database function in class "Database"; Corrected database-using webpages accordingly; Moved config file from PHP to JSON with more config variables; Corrected login page redirection on wrong username or password. 2019-03-21 11:07:23 +00:00			`<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js"></script>`
Added new lines at the end of files, added edit functionality 2019-06-02 12:46:51 +00:00			`<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js" integrity="sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo=" crossorigin="anonymous"></script>`
Website refactored Prepared the website structure for the new layout 2019-05-29 17:01:38 +00:00			`<script src="<?=$GLOBALS['config']['installation_path']?>/lib/js/sha512.min.js"></script>`
			`<script src="<?=$GLOBALS['config']['installation_path']?>/lib/js/login.js"></script>`
fixed weird redirect under nginx proxy_pass over apache2 2019-06-02 13:28:58 +00:00			`<script>var script_name = "<?=$GLOBALS['config']['installation_path']?>/dashboard";</script>`
Refactored the website Renamed "includes" to "templates" Added .htaccess to redirect requests to index.php Added function to split request URL into array Corrected locations in scripts and pages 2019-02-07 11:36:44 +00:00			`</body>`
Updated the login page with a new cool template. Source template from https://bootsnipp.com/snippets/z8aQr. 2019-03-18 10:23:48 +00:00			`</html>`
			`<?php`
			`}`