diff options
author | Alex Vitkov <alexvitkov98@gmail.com> | 2021-01-29 14:01:41 +0200 |
---|---|---|
committer | Alex Vitkov <alexvitkov98@gmail.com> | 2021-01-29 14:01:41 +0200 |
commit | f4d5d71da4f94bf9bc87505e745eed913c9858b9 (patch) | |
tree | c5c2e7505c74d4bb500675cc57fdf9b1cf554e34 /php | |
parent | fdea65e03218d175bcc5d5f2bbb426688a6cf42e (diff) | |
download | fileup-f4d5d71da4f94bf9bc87505e745eed913c9858b9.tar.gz |
Login is now remembered in $_SESSION['username']
If it is set, user is logged in, if it is unset
user is not logged in
Diffstat (limited to 'php')
-rw-r--r-- | php/login.php | 7 | ||||
-rw-r--r-- | php/logout.php | 10 | ||||
-rw-r--r-- | php/register.php | 4 |
3 files changed, 18 insertions, 3 deletions
diff --git a/php/login.php b/php/login.php index e6d44dc..536a5bf 100644 --- a/php/login.php +++ b/php/login.php @@ -3,6 +3,8 @@ require_once "user.php"; require_once "database.php"; require_once "misc.php"; +session_start(); + $username=$_POST["username"]; $password=$_POST["password"]; /*server side verification*/ @@ -18,8 +20,7 @@ if(!$user) die("Password or username is incorrect"); } -echo "Username: {$user->username}\n"; -echo "Email: {$user->email_address}"; - +$_SESSION['username'] = $user->username; +header('Location: /'); ?> diff --git a/php/logout.php b/php/logout.php new file mode 100644 index 0000000..9a4cdd7 --- /dev/null +++ b/php/logout.php @@ -0,0 +1,10 @@ +<?php +// TODO +// This is dangerous and stupid +// Right now every webpage can redirect any of its users to http://shady.upload/logout +// which will log the user out of our webpage + +session_start(); +unset($_SESSION['username']); +header('Location: /'); +?> diff --git a/php/register.php b/php/register.php index ef1f238..1d31a91 100644 --- a/php/register.php +++ b/php/register.php @@ -31,4 +31,8 @@ if($database->register_user($username,$password,$email)) echo "didn't register"; } + +$_SESSION['username'] = $username; +header('Location: /'); + ?> |