diff options
author | Alex Vitkov <alexvitkov98@gmail.com> | 2021-01-29 15:07:18 +0200 |
---|---|---|
committer | Alex Vitkov <alexvitkov98@gmail.com> | 2021-01-29 15:07:18 +0200 |
commit | 9f0a624ea66aa329a78c464f08d99f63c7282ee8 (patch) | |
tree | f645f99ac9b9fb503d98df782525b75c7bae45f7 /php | |
parent | d14f3109973c7d95a15174db1a1346887765988d (diff) | |
parent | 8ba2c35a306719932307ec5f99701101637e1fd2 (diff) | |
download | fileup-9f0a624ea66aa329a78c464f08d99f63c7282ee8.tar.gz |
Merge branch 'live'
Diffstat (limited to 'php')
-rw-r--r-- | php/configuration.php | 18 | ||||
-rw-r--r-- | php/database.php | 8 | ||||
-rw-r--r-- | php/login.php | 7 | ||||
-rw-r--r-- | php/logout.php | 10 | ||||
-rw-r--r-- | php/misc.php | 5 | ||||
-rw-r--r-- | php/register.php | 11 |
6 files changed, 38 insertions, 21 deletions
diff --git a/php/configuration.php b/php/configuration.php index 6b87508..89efb2a 100644 --- a/php/configuration.php +++ b/php/configuration.php @@ -3,15 +3,21 @@ $domain_name="localhost"; -$database_name="adam"; -$database_username="adam"; -$database_password="asdfd"; -$database_location="127.0.0.1"; - +if (file_exists("/home/alex")) { + $database_name="alex"; + $database_username="alex"; + $database_password="lol"; + $database_location="127.0.0.1"; +} +else { + $database_name="adam"; + $database_username="adam"; + $database_password="asdfd"; + $database_location="127.0.0.1"; +} $password_hash_algo=PASSWORD_BCRYPT; - $has_email_verification=false; ?> diff --git a/php/database.php b/php/database.php index ef2b825..f472cbf 100644 --- a/php/database.php +++ b/php/database.php @@ -16,14 +16,8 @@ require_once "misc.php"; global $database_username; global $database_password; global $database_location; - try - { + $this->pdo=new PDO("mysql:dbname={$database_name};host={$database_location}",$database_username,$database_password); - }catch(PDOException $e) - { - error_log("Could not get database {$database_name} from {$database_location}, {$e} "); - die("The cow bought the farm"); - } } /*returns false if this isn't a user, otherwise returns the user*/ diff --git a/php/login.php b/php/login.php index e6d44dc..536a5bf 100644 --- a/php/login.php +++ b/php/login.php @@ -3,6 +3,8 @@ require_once "user.php"; require_once "database.php"; require_once "misc.php"; +session_start(); + $username=$_POST["username"]; $password=$_POST["password"]; /*server side verification*/ @@ -18,8 +20,7 @@ if(!$user) die("Password or username is incorrect"); } -echo "Username: {$user->username}\n"; -echo "Email: {$user->email_address}"; - +$_SESSION['username'] = $user->username; +header('Location: /'); ?> diff --git a/php/logout.php b/php/logout.php new file mode 100644 index 0000000..9a4cdd7 --- /dev/null +++ b/php/logout.php @@ -0,0 +1,10 @@ +<?php +// TODO +// This is dangerous and stupid +// Right now every webpage can redirect any of its users to http://shady.upload/logout +// which will log the user out of our webpage + +session_start(); +unset($_SESSION['username']); +header('Location: /'); +?> diff --git a/php/misc.php b/php/misc.php index 3ab0277..69cd654 100644 --- a/php/misc.php +++ b/php/misc.php @@ -1,11 +1,6 @@ <?php require_once "user.php"; -function validate_credentials(string $username,string $email,string $password,string $password2) : bool -{ - return true; -} - function generate_email_verification_link() { /*TODO*/ diff --git a/php/register.php b/php/register.php index b6b164c..1d31a91 100644 --- a/php/register.php +++ b/php/register.php @@ -8,6 +8,13 @@ $password=$_POST["password"]; $password2=$_POST["password2"]; $email=$_POST["email"]; + +function validate_credentials(string $username,string $email,string $password,string $password2) : bool +{ + return true; +} + + /*check if we are given shady credentials*/ if(!validate_credentials($username,$email,$password,$password2)) { @@ -24,4 +31,8 @@ if($database->register_user($username,$password,$email)) echo "didn't register"; } + +$_SESSION['username'] = $username; +header('Location: /'); + ?> |