diff options
author | adam <adam@> | 2021-01-29 03:26:28 +0200 |
---|---|---|
committer | adam <adam@> | 2021-01-29 03:26:28 +0200 |
commit | 472e170f408e3d8d1db2eb066d445153aad55d73 (patch) | |
tree | 7b748d2b87ab018d7ff451b4111a1b88eeb58416 | |
parent | 5d3d901d968db7eb3da9c038e6d823f7c75f1e10 (diff) | |
download | fileup-472e170f408e3d8d1db2eb066d445153aad55d73.tar.gz |
register and login looks ok
-rw-r--r-- | README | 6 | ||||
-rw-r--r-- | css/style.css | 1 | ||||
-rw-r--r-- | index.html (renamed from index.php) | 7 | ||||
-rw-r--r-- | js/arrows.js | 2 | ||||
-rw-r--r-- | js/validate_hero.js | 25 | ||||
-rw-r--r-- | login.html | 55 | ||||
-rw-r--r-- | php/database.php | 25 | ||||
-rw-r--r-- | php/login.php | 25 | ||||
-rw-r--r-- | php/register.php (renamed from register.php) | 6 |
9 files changed, 128 insertions, 24 deletions
@@ -0,0 +1,6 @@ +FILEUP + + + +for this to work you need to have mysql. Create a database and a user for this service then +modify php/configure.php as needed. Create tables described in sql/fileshare.sql diff --git a/css/style.css b/css/style.css index 76eb6e8..31778c4 100644 --- a/css/style.css +++ b/css/style.css @@ -161,6 +161,7 @@ input[type=submit] { box-shadow: 0 0.2rem 0.6rem #eee; background: #231179; color: white; + outline: none; } input:focus, @@ -27,7 +27,7 @@ </div> <div class="vcenter"> - <form name="hero_form" action="/register.php" method="post" onsubmit="return validate_hero_form()"> + <form name="hero_form" action="/php/register.php" method="post" onsubmit="return validate_hero_form()"> <h2>Get started</h2> <div class="content"> <p>Username</p> @@ -40,12 +40,13 @@ <p>Password</p> <input type="password" id="password" name="password"> + <p id="password-length-error" class="hero_form_error" hidden>Please provide a password</p> <p>Repeat Password</p> <input type="password" id="password2" name="password2"> - <p id="password-error" class="hero_form_error" hidden>Passwords didn't match</p> + <p id="password-match-error" class="hero_form_error" hidden>Passwords didn't match</p> <input type="submit" value="Sign up"> - <p style="font-size: 1.1em;">Already have an account? <a href="login.html">Sign in</a> + <p style="font-size: 1.1em;">Don't have an account? <a href="login.html">Log in</a> </div> </form> </div> diff --git a/js/arrows.js b/js/arrows.js index ec7352c..10ad416 100644 --- a/js/arrows.js +++ b/js/arrows.js @@ -20,7 +20,7 @@ function make_arrow() { setTimeout(make_arrow, delay); setTimeout(() => { svg.remove(); - arrows.remove(ob); + arrows.shift(); }, lifetime); } diff --git a/js/validate_hero.js b/js/validate_hero.js index 118abbf..6d29a53 100644 --- a/js/validate_hero.js +++ b/js/validate_hero.js @@ -8,6 +8,20 @@ function clear_hero_errors() errors[i].hidden = true; } } +function validate_hero_login_form() +{ + var username=document.forms["hero_form"]["username"].value; + var flag=true; + clear_hero_errors(); + + if(username.length==0) + { + document.getElementById("username-length-error").hidden=false; + flag=false; + } + document.activeElement.blur(); + return flag; +} function validate_hero_form() { var username=document.forms["hero_form"]["username"].value; @@ -28,16 +42,17 @@ function validate_hero_form() document.getElementById("email-error").hidden=false; flag=false; } - if(password !== password2) + if(password.length==0) { - document.getElementById("password-error").hidden=false; + document.getElementById("password-length-error").hidden=false; flag=false; } - - if(flag) + if(password !== password2) { - document.getElementById("success").hidden=false; + document.getElementById("password-match-error").hidden=false; + flag=false; } + document.activeElement.blur(); return flag; } diff --git a/login.html b/login.html new file mode 100644 index 0000000..525358f --- /dev/null +++ b/login.html @@ -0,0 +1,55 @@ +<!DOCTYPE html> +<html> + <head> + <meta charset="utf-8"> + <title>shady file upload</title> + <link rel="stylesheet" type="text/css" href="css/style.css"> + </head> + + <body> + <div class="overlay" style="height: 100%;"> + <div class="vert2"> + <div id="header"> + <p class="logo">shady_file_upload</p> + </div> + + <div id="page"> + <div id="hero" class="overlay"> + <div id="arrows"> + <img src="svg/arrow.svg" id="protoarrow" style="display: none"> + </div> + + <div class="vcenter"> + <p>file upload service</p> + <p class="big">that <span class="blue">just about works</span></p> + <p>most of the time</p> + </div> + </div> + + <div class="vcenter"> + <form name="hero_form" action="/php/login.php" method="post" onsubmit="return validate_hero_login_form()"> + <h2>Login</h2> + <div class="content"> + <p>Username</p> + <input type="text" id="username" name="username"> + <p id="username-length-error" class="hero_form_error" hidden>Please enter a username</p> + <p>Password</p> + <input type="password" id="password" name="password"> + <input type="submit" value="Login"> + <p style="font-size: 1.1em;">Already have an account? <a href="index.html">Sign up</a> + </div> + </form> + </div> + + + </div> + </div> + + <img src="svg/bottom.svg" class="bgbottom"> + </div> + + <script src="js/arrows.js"></script> + <script src="js/validate_hero.js"></script> + + </body> + <html> diff --git a/php/database.php b/php/database.php index 934aafa..ef2b825 100644 --- a/php/database.php +++ b/php/database.php @@ -26,7 +26,7 @@ require_once "misc.php"; } } - /*returns false if this isn't a user, otherwise returns the userid*/ + /*returns false if this isn't a user, otherwise returns the user*/ function get_user(string $user) { $ret=new User; @@ -53,24 +53,25 @@ require_once "misc.php"; function authenticate(string $user, string $password) { $ret=new User; - global $password_hash_algo; - - - $hashed_pass=password_hash($password,$password_hash_algo); - $prep=$this->pdo->prepare("select user_id,username,email from users where username=:username and password=:password"); + $prep=$this->pdo->prepare("select user_id,username,email,password from users where username=:username"); $prep->bindParam(':username',$user); - $prep->bindParam(':password',$hashed_pass); - $prep->execute(); $hold=$prep->fetch(PDO::FETCH_ASSOC); + if($hold) { - $ret->user_id=hold["user_id"]; - $ret->username=hold["username"]; - $ret->email_address["email"]; - return $ret; + if(password_verify($password,$hold["password"])) + { + $ret->user_id=$hold["user_id"]; + $ret->username=$hold["username"]; + $ret->email_address=$hold["email"]; + return $ret; + }else + { + return false; + } }else { return false; diff --git a/php/login.php b/php/login.php new file mode 100644 index 0000000..e6d44dc --- /dev/null +++ b/php/login.php @@ -0,0 +1,25 @@ +<?php +require_once "user.php"; +require_once "database.php"; +require_once "misc.php"; + +$username=$_POST["username"]; +$password=$_POST["password"]; +/*server side verification*/ +if(gettype($username)!="string" || gettype($password)!="string") +{ + die("You didn't specify the pass or the username"); +} + +$database=new Database(); +$user=$database->authenticate($username,$password); +if(!$user) +{ + die("Password or username is incorrect"); +} + +echo "Username: {$user->username}\n"; +echo "Email: {$user->email_address}"; + + +?> diff --git a/register.php b/php/register.php index 0c00ad4..b6b164c 100644 --- a/register.php +++ b/php/register.php @@ -1,7 +1,7 @@ <?php -require_once "php/database.php"; -require_once "php/misc.php"; -require_once "php/configuration.php"; +require_once "database.php"; +require_once "misc.php"; +require_once "configuration.php"; $username=$_POST["username"]; $password=$_POST["password"]; |