bryanpedini/OpenShorte.old
Archived
0
0
Fork 0
Code Releases Activity
This repository has been archived on 2020-11-15. You can view files and clone it, but cannot push or open issues or pull requests.
master
OpenShorte.old/lib/php/login.php

96 lines
4.3 KiB
PHP
Raw Permalink Blame History

<?php
if ( isset ( $_SESSION [ 'user_id' ] ) ) {
header ( "Location: " . $config [ 'installation_path' ] . "/dashboard" );
exit;
}
if ( isset ( $request_uri [ 1 ] ) && $request_uri [ 1 ] == "forgot" ) {
include ( 'lib/php/forgot.php' );
exit;
}
if ( isset ( $_POST [ 'username' ] ) && isset ( $_POST [ 'password' ] ) && isset ( $_POST [ 'hashedpassword' ] ) ) {
function wrong_credentials ( ) {
header ( 'Content-Type: application/json' );
http_response_code ( 401 );
$response = [
'status' => 401,
'error_message' => 'Username or password not correct.',
];
echo ( json_encode ( $response ) );
exit;
}
$username = $_POST [ 'username' ];
$password = $_POST [ 'password' ];
$hashedpassword = $_POST [ 'hashedpassword' ];
if ( strcasecmp ( hash ( "sha512", $password ), $hashedpassword ) != 0 ) {
wrong_credentials ( );
}
$database = new Database ( $config [ 'db' ] );
$database->connect ( );
$database->prepare ( "SELECT users.id FROM users WHERE users.username = :username AND users.password = :password" );
$database->bind ( [ ':username' => $username, ':password' => strtoupper ( $hashedpassword ) ] );
$database->execute ( );
$result = $database->get_result ( );
if ( $result->rowCount ( ) == 0 ) {
wrong_credentials ( );
}
else {
$row = $result->fetchAll ( ) [ 0 ];
$_SESSION [ 'user_id' ] = $row [ 'id' ];
header ( 'Content-Type: application/json' );
$response = [
'status' => 200,
'message' => 'Authentication succesfully executed.',
];
echo ( json_encode ( $response ) );
exit;
}
}
else {
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css" rel="stylesheet">
<link href="<?=$config['installation_path']?>/favicon.ico" rel="icon" type="image/x-icon">
<link href="<?=$config['installation_path']?>/lib/css/main.css" rel="stylesheet">
<link href="<?=$config['installation_path']?>/lib/css/login.css" rel="stylesheet">
<title>Login | <?=$config['website_name']?></title>
</head>
<body>
<div class="container col-lg-6 col-md-8 col-sm-12 col-xs-12 login-container" id="login-container">
<div class="row">
<div class="col-xs-12 login-form-1">
<h3>Login</h3>
<form>
<div class="form-group">
<input type="text" class="form-control" placeholder="Username" value="" id="form-username" required />
</div>
<div class="form-group">
<input type="password" class="form-control" placeholder="Password" value="" id="form-password" required />
</div>
<div class="form-group">
<input type="button" class="col-md-6 btnSubmit" value="Login" onclick="login()" />
<input type="button" class="col-md-6 btnForget" value="Forgot Password?" onclick="window.location.href='<?=$config['installation_path']."/login/forgot"?>'">
</div>
<div class="form-group">
<div id="login-response" class="login-response"></div>
</div>
</form>
</div>
</div>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js" integrity="sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo=" crossorigin="anonymous"></script>
<script src="<?=$config['installation_path']?>/lib/js/sha512.min.js"></script>
<script src="<?=$config['installation_path']?>/lib/js/login.js"></script>
<script>
var script_name = "<?=$config['installation_path']?>/dashboard";
</script>
</body>
</html>
<?php
}
View Git Blame Copy Permalink