Commit 780651e8 authored by Jyrki's avatar Jyrki 🐾
Browse files

added login thing

parent 4a9bf156
......@@ -68,6 +68,10 @@ if (!isset($notemplate)) {
$res = $sql->query("SELECT `value` FROM `config` WHERE `key` = \"sitename\";")->fetch_assoc();
$site_name = htmlspecialchars($res['value']);
// user name
$res = $sql->query("SELECT `value` FROM `config` WHERE `key` = \"username\";")->fetch_assoc();
$user_name = htmlspecialchars($res['value']);
// the flash
$message = null;
if (isset($_SESSION['flash'])) {
......@@ -77,6 +81,7 @@ if (!isset($notemplate)) {
$tpl->assign("logged_in", $_SESSION['logged_in']);
$tpl->assign("site_name", $site_name);
$tpl->assign("user_name", $user_name);
$tpl->assign("words_total", $words_total_count);
$tpl->assign("inbox_count", $new_words_count);
$tpl->assign("message", $message);
......
......@@ -20,12 +20,47 @@
include_once 'config.php';
function check_privileges() {
if (!$_SESSION['logged_in']) {
$_SESSION['flash'] = "Log in to continue.";
header('Location: ucp.php?page=login');
exit();
}
}
switch ($_GET['page']) {
case "login": {
$tpl->draw("login");
if ($_SESSION['logged_in']) {
$_SESSION['flash'] = "You're already logged in.";
header('Location: ucp.php');
exit();
}
if (!isset($_POST['login'])) {
$tpl->draw("login");
} else {
$res = $sql->query("SELECT `value` FROM `config` WHERE `key` = \"username\";")->fetch_assoc();
$username = $res['value'];
$res = $sql->query("SELECT `value` FROM `config` WHERE `key` = \"password\";")->fetch_assoc();
$password = $res['value'];
$post_pass = crypt($_POST['password'], $password);
if (($_POST['username'] === $username) && ($post_pass === $password)) {
// successful login
$_SESSION['logged_in'] = true;
$_SESSION['flash'] = "You are now logged in.";
header('Location: ucp.php');
exit();
} else {
// failed login
$_SESSION['flash'] = "Wrong user name or password";
header('Location: ucp.php?page=login');
exit();
}
}
break;
}
case "logout": {
check_privileges();
session_destroy();
session_start();
$_SESSION['flash'] = "Sucessfully logged out";
......@@ -34,11 +69,15 @@ switch ($_GET['page']) {
break;
}
case "settings": {
check_privileges();
$tpl->draw("settings");
break;
}
case "inbox":
default: {
check_privileges();
$tpl->draw("inbox");
}
}
\ No newline at end of file
......@@ -4,10 +4,10 @@
{if="$message"}
<div class="alert alert-info">{$message}</div>
{/if}
<form role="form" method="POST">
<form role="form" method="POST" action="ucp.php?page=login">
<div class="form-group">
<label for="InputUsername">Username</label>
<input type="text" class="form-control" id="InputUsername" name="user_name" placeholder="Enter username">
<input type="text" class="form-control" id="InputUsername" name="username" placeholder="Enter username">
</div>
<div class="form-group">
<label for="InputPassword">Password</label>
......
......@@ -18,8 +18,10 @@
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">{$user_name}<b class="caret"></b></a>
<ul class="dropdown-menu">
<li><a href="ucp.php">Inbox{if="$new_words_count > 0"}{$new_words_count}{/if}</a></li>
<li><a href="ucp.php">Inbox{if="$new_words_count > 0"} ({$new_words_count}){/if}</a></li>
<li><a href="ucp.php?page=settings">Settings</a></li>
<li class="divider"></li>
<li><a href="ucp.php?page=logout">Logout</a></li>
{else}
<li><a href="ucp.php?page=login">Login</a></li>
{/if}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment