Skip to content
Snippets Groups Projects
Commit dff76704 authored by Sibidharan's avatar Sibidharan :speech_balloon:
Browse files

WIP: Too many redirects after user libary

parent b4fc4e67
No related branches found
No related tags found
No related merge requests found
Showing
with 340 additions and 216 deletions
File added
File added
File added
File added
File added
File added
File added
File added
File added
File added
<?php
include 'library/auth.php';
include_once 'library/autoload.php';
if(isset($_POST['type'])){
if($_POST['type'] == 'login'){
$username = $_POST['username'];
$password = $_POST['password'];
if(do_login($username, $password)){
echo "Login success";
$remember = isset($_POST['remember']) ? $_POST['remember'] : '0';
if(do_login($username, $password, $remember)){
header('Location: home.php');
} else {
echo "Login failed";
header('Location: index.php?error=1');
}
} else if($_POST['type'] == 'signup'){
$full_name = $_POST['full_name'];
......
This diff is collapsed.
<?php
if(isset($_POST['auth']) and $_POST['email'] == "admin@gmail.com" and $_POST['password'] == "password"){
$flag = 1;
} else {
$flag = 0;
}
include 'library/auth.php';
if(isset($_POST['auth'])){
if($flag == 1){
if(isset($_COOKIE['username']) and isset($_COOKIE['token'])){
if(verify_session($_COOKIE['username'], $_COOKIE['token'])){
header("Location: home.php");
} else {
header("Location: index.php?error=1");
}
}
?>
<!doctype html>
......@@ -83,7 +78,7 @@ if(isset($_POST['auth'])){
<input type="hidden" id="auth" name="type" value="login">
<div class="checkbox mb-3">
<label>
<input type="checkbox" value="remember-me"> Remember me
<input type="checkbox" value="1" name="remember"> Remember me
</label>
</div>
<input class="w-100 btn btn-lg btn-success" type="submit" value="Sign In">
......
......@@ -27,12 +27,80 @@ function get_db_connection() {
}
}
function do_login($username, $password){
function is_loggedin(){
if(isset($_COOKIE['username']) and isset($_COOKIE['token'])){
if(!verify_session($_COOKIE['username'], $_COOKIE['token'])){
return false;
} else {
return true;
}
} else {
return false;
}
}
function do_login($username, $password, $remember){
$password = get_hashed_password($password);
$query = "SELECT * FROM lahtp_3_web.auth WHERE username='$username' AND password='$password';";
$connection = get_db_connection();
$result = mysqli_query($connection, $query);
return mysqli_num_rows($result);
if(mysqli_num_rows($result) == 1){
return add_session($username, $password, $remember, $connection);
} else {
return false;
}
}
function add_session($username, $password, $remember, $db_conn){
$token = get_hashed_password($password.time());
$query = "INSERT INTO `lahtp_3_web`.`sessions` (`username`, `session_token`, `remember`) VALUES ('$username', '$token', $remember);";
$result = mysqli_query($db_conn, $query);
if($result){
if($remember == '1'){
setcookie('username', $username, time()+(7*24*60*60)); //remember for 7 days
setcookie('token', $token, time()+(7*24*60*60));
} else {
setcookie('username', $username); //remember for session
setcookie('token', $token);
}
return 1;
}
}
function verify_session($username, $token){
$query = "SELECT * FROM lahtp_3_web.sessions WHERE username='$username' AND session_token='$token';";
$connection = get_db_connection();
$result = mysqli_query($connection, $query);
if(mysqli_num_rows($result) == 1){
$row = mysqli_fetch_assoc($result);
if($row['is_valid'] == 1){
$time = strtotime($row['created_on']);
if($row['remember'] == '1'){
if(time() <= $time+(7*24*60*60)){
return true;
} else {
return false;
}
} else {
if(time() <= $time+(1*24*60*60)){
return true;
} else {
return false;
}
}
} else {
return false;
}
}
}
function logout($username, $token){
print_r($username);
print_r($token);
$query = "UPDATE `lahtp_3_web`.`sessions` SET is_valid = '0' WHERE username = '$username' AND session_token = '$token';";
$db_conn = get_db_connection();
return mysqli_query($db_conn, $query);
//die();
}
function do_signup($username, $password, $full_name, $mobile){
......
<?php
include_once 'auth.php';
include_once 'user.php';
\ No newline at end of file
<?php
function get_fullname(){
if(is_loggedin()){
$username = $_COOKIE['username'];
$query = "SELECT * FROM lahtp_3_web.auth WHERE username='$username'";
$connection = get_db_connection();
$result = mysqli_query($connection, $query);
if(mysqli_num_rows($result) == 1){
$row = mysqli_fetch_assoc($connection, $query);
return $row['full_name'];
} else {
return null;
}
} else {
return null;
}
}
<?php
include_once 'library/autoload.php';
if(isset($_COOKIE['username']) and isset($_COOKIE['token'])){
logout($_COOKIE['username'], $_COOKIE['token']);
}
setcookie('username', '', time()-60);
setcookie('token', '', time()-60);
header("Location: index.php");
\ No newline at end of file
......@@ -5,13 +5,18 @@
// print_r($_REQUEST);
echo "POST: \n";
print_r($_POST);
echo "GET: \n";
//echo gettype($_POST['remember']);
echo "\nGET: \n";
print_r($_GET);
// print_r($_FILES);
// print_r($_ENV);
// print_r($_COOKIE);
echo "\nCOOKIE: \n";
print_r($_COOKIE);
// print_r($_SESSION);
//print_r($_SERVER);
//setcookie('testcookie', 'testvalue', time()+60, '/sg.php', 'lahtp-b3.vhx.cloud');
//setcookie('username', 'djsnf');
?>
</pre>
\ No newline at end of file
<?php
include 'library/auth.php';
if(isset($_COOKIE['username']) and isset($_COOKIE['token'])){
if(verify_session($_COOKIE['username'], $_COOKIE['token'])){
header("Location: home.php");
}
}
?>
<!doctype html>
<html lang="en">
<head>
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment