aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlex Vitkov <alexvitkov98@gmail.com>2021-01-29 14:01:41 +0200
committerAlex Vitkov <alexvitkov98@gmail.com>2021-01-29 14:01:41 +0200
commitf4d5d71da4f94bf9bc87505e745eed913c9858b9 (patch)
treec5c2e7505c74d4bb500675cc57fdf9b1cf554e34
parentfdea65e03218d175bcc5d5f2bbb426688a6cf42e (diff)
downloadfileup-f4d5d71da4f94bf9bc87505e745eed913c9858b9.tar.gz
Login is now remembered in $_SESSION['username']
If it is set, user is logged in, if it is unset user is not logged in
-rw-r--r--index.php68
-rw-r--r--loginregister.html53
-rw-r--r--php/login.php7
-rw-r--r--php/logout.php10
-rw-r--r--php/register.php4
5 files changed, 86 insertions, 56 deletions
diff --git a/index.php b/index.php
index 90b3f56..b42c5f2 100644
--- a/index.php
+++ b/index.php
@@ -2,7 +2,8 @@
<html>
<head>
<meta charset="utf-8">
- <title>shady file upload</title> <link rel="stylesheet" type="text/css" href="css/style.css"> </head>
+ <title>shady file upload</title> <link rel="stylesheet" type="text/css" href="css/style.css">
+ </head>
<body>
<div class="overlay" style="height: 100%;">
@@ -12,66 +13,27 @@
</div>
<div id="page">
- <div id="hero" class="overlay">
- <div id="arrows">
- <img src="svg/arrow.svg" id="protoarrow" style="display: none">
- </div>
- <div class="vcenter">
- <p>file upload service</p>
- <p class="big">that <span class="blue">just about works</span></p>
- <p>most of the time</p>
- </div>
- </div>
- <div class="vcenter" id="signupform">
- <form name="register_form" action="/php/register.php" method="post" onsubmit="return validate_hero_form()">
- <h2>Get started</h2>
- <div class="content">
- <p>Username</p>
- <input type="text" id="username" name="username">
- <p id="username-length-error" class="hero_form_error" hidden>Please specify a username</p>
+<?php
+ session_start();
+ if (array_key_exists("username", $_SESSION)) {
+ echo "Welcome, $_SESSION[username]";
+?>
- <p>Email address</p>
- <input type="text" id="email" name="email">
- <p id="email-error" class="hero_form_error" hidden>Invalid email address</p>
-
- <p>Password</p>
- <input type="password" id="password" name="password">
- <p id="password-length-error" class="hero_form_error" hidden>Please provide a password</p>
-
- <p>Repeat Password</p>
- <input type="password" id="password2" name="password2">
- <p id="password-match-error" class="hero_form_error" hidden>Passwords didn't match</p>
- <input type="submit" value="Sign up">
- <p style="font-size: 1.1em;">Already have an account? <a href="#" onclick="showLogin(true)">Log in</a>
- </div>
- </form>
- </div>
-
- <div class="vcenter" id="loginform">
- <form name="login_form" action="/php/login.php" method="post" onsubmit="return validate_hero_login_form()">
- <h2>Login</h2>
- <div class="content">
- <p>Username</p>
- <input type="text" id="username" name="username">
- <p id="username-length-error" class="hero_form_error" hidden>Please enter a username</p>
- <p>Password</p>
- <input type="password" id="password" name="password">
- <input type="submit" value="Login">
- <p style="font-size: 1.1em;">Don't have an account? <a href="#" onclick="showLogin(false)">Sign up</a>
- </div>
- </form>
- </div>
+<a href="/php/logout.php">Log out</a>
+<?php
+ }
+ else {
+ require_once("loginregister.html");
+ }
+?>
</div>
</div>
-
<img src="svg/bottom.svg" class="bgbottom">
</div>
-
<script src="main.js"></script>
-
</body>
- <html>
+<html>
diff --git a/loginregister.html b/loginregister.html
new file mode 100644
index 0000000..2d87daf
--- /dev/null
+++ b/loginregister.html
@@ -0,0 +1,53 @@
+<div id="hero" class="overlay">
+ <div id="arrows">
+ <img src="svg/arrow.svg" id="protoarrow" style="display: none">
+ </div>
+
+ <div class="vcenter">
+ <p>file upload service</p>
+ <p class="big">that <span class="blue">just about works</span></p>
+ <p>most of the time</p>
+ </div>
+</div>
+
+<div class="vcenter" id="signupform">
+ <form name="register_form" action="/php/register.php" method="post" onsubmit="return validate_hero_form()">
+ <h2>Get started</h2>
+ <div class="content">
+ <p>Username</p>
+ <input type="text" id="username" name="username">
+ <p id="username-length-error" class="hero_form_error" hidden>Please specify a username</p>
+
+ <p>Email address</p>
+ <input type="text" id="email" name="email">
+ <p id="email-error" class="hero_form_error" hidden>Invalid email address</p>
+
+ <p>Password</p>
+ <input type="password" id="password" name="password">
+ <p id="password-length-error" class="hero_form_error" hidden>Please provide a password</p>
+
+ <p>Repeat Password</p>
+ <input type="password" id="password2" name="password2">
+ <p id="password-match-error" class="hero_form_error" hidden>Passwords didn't match</p>
+ <input type="submit" value="Sign up">
+ <p style="font-size: 1.1em;">Already have an account? <a href="#" onclick="showLogin(true)">Log in</a>
+ </div>
+ </form>
+</div>
+
+<div class="vcenter" id="loginform">
+ <form name="login_form" action="/php/login.php" method="post" onsubmit="return validate_hero_login_form()">
+ <h2>Login</h2>
+ <div class="content">
+ <p>Username</p>
+ <input type="text" id="username" name="username">
+ <p id="username-length-error" class="hero_form_error" hidden>Please enter a username</p>
+ <p>Password</p>
+ <input type="password" id="password" name="password">
+ <input type="submit" value="Login">
+ <p style="font-size: 1.1em;">Don't have an account? <a href="#" onclick="showLogin(false)">Sign up</a>
+ </div>
+ </form>
+</div>
+
+
diff --git a/php/login.php b/php/login.php
index e6d44dc..536a5bf 100644
--- a/php/login.php
+++ b/php/login.php
@@ -3,6 +3,8 @@ require_once "user.php";
require_once "database.php";
require_once "misc.php";
+session_start();
+
$username=$_POST["username"];
$password=$_POST["password"];
/*server side verification*/
@@ -18,8 +20,7 @@ if(!$user)
die("Password or username is incorrect");
}
-echo "Username: {$user->username}\n";
-echo "Email: {$user->email_address}";
-
+$_SESSION['username'] = $user->username;
+header('Location: /');
?>
diff --git a/php/logout.php b/php/logout.php
new file mode 100644
index 0000000..9a4cdd7
--- /dev/null
+++ b/php/logout.php
@@ -0,0 +1,10 @@
+<?php
+// TODO
+// This is dangerous and stupid
+// Right now every webpage can redirect any of its users to http://shady.upload/logout
+// which will log the user out of our webpage
+
+session_start();
+unset($_SESSION['username']);
+header('Location: /');
+?>
diff --git a/php/register.php b/php/register.php
index ef1f238..1d31a91 100644
--- a/php/register.php
+++ b/php/register.php
@@ -31,4 +31,8 @@ if($database->register_user($username,$password,$email))
echo "didn't register";
}
+
+$_SESSION['username'] = $username;
+header('Location: /');
+
?>