1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 |
- <div class="container">
- <div class="textContainer">
- <p>
- You probably do not want to log in here. You cannot create any
- account here, an admin must do this for you. There is not really
- much to see either.
- </p>
- <p>
- Anyway here is the login form.
- </p>
-
- <form action="index.php?section=login" method="POST">
- <p>
- <div class="inputName">username</div>
- <input class="inputForm" name="user">
- </p>
- <p>
- <div class="inputName">password</div>
- <input class="inputForm" name="password" type="password">
- </p>
- <p>
- <input class="submitForm" type="submit" value="login">
- </p>
- </form>
-
- <?php
- if(session_status() == PHP_SESSION_NONE)
- {
- session_start();
- }
- if(isset($_POST["user"]))
- {
- $username = filter_input(INPUT_POST, "user");
- $password = filter_input(INPUT_POST, "password");
- require_once('database.php');
- $db_connection = new databank();
- $db_connection->connect();
- if($db_connection->isConnected())
- {
- $user = $db_connection->getUser($username, $password);
- if($user != null)
- {
- $_SESSION["user"] = $user->username;
- if($user->admin)
- {
- $_SESSION["admin"] = true;
- }
- header("Location: index.php");
- }
- else
- {
- echo "There is no account with this credentials.";
- }
- }
- $db_connection->disconnect();
-
- // hash with password_hash($password, PASSWORD_DEFAULT))
- /*if($user == "kajetan" && password_verify($password, '$2y$10$LT4rMKf81UNRlfpKdLHVVOC9IKGrZehg9qqhkJoEMjvmtyubRYtoK'))
- {
- $_SESSION["user"] = user;
- header("Location: index.php");
- }*/
- }
- ?>
- </div>
- </div>
|