aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--README6
-rw-r--r--css/style.css1
-rw-r--r--index.html (renamed from index.php)7
-rw-r--r--js/arrows.js2
-rw-r--r--js/validate_hero.js25
-rw-r--r--login.html55
-rw-r--r--php/database.php25
-rw-r--r--php/login.php25
-rw-r--r--php/register.php (renamed from register.php)6
9 files changed, 128 insertions, 24 deletions
diff --git a/README b/README
new file mode 100644
index 0000000..e9f371a
--- /dev/null
+++ b/README
@@ -0,0 +1,6 @@
+FILEUP
+
+
+
+for this to work you need to have mysql. Create a database and a user for this service then
+modify php/configure.php as needed. Create tables described in sql/fileshare.sql
diff --git a/css/style.css b/css/style.css
index 76eb6e8..31778c4 100644
--- a/css/style.css
+++ b/css/style.css
@@ -161,6 +161,7 @@ input[type=submit] {
box-shadow: 0 0.2rem 0.6rem #eee;
background: #231179;
color: white;
+ outline: none;
}
input:focus,
diff --git a/index.php b/index.html
index 38eb660..6a2018b 100644
--- a/index.php
+++ b/index.html
@@ -27,7 +27,7 @@
</div>
<div class="vcenter">
- <form name="hero_form" action="/register.php" method="post" onsubmit="return validate_hero_form()">
+ <form name="hero_form" action="/php/register.php" method="post" onsubmit="return validate_hero_form()">
<h2>Get started</h2>
<div class="content">
<p>Username</p>
@@ -40,12 +40,13 @@
<p>Password</p>
<input type="password" id="password" name="password">
+ <p id="password-length-error" class="hero_form_error" hidden>Please provide a password</p>
<p>Repeat Password</p>
<input type="password" id="password2" name="password2">
- <p id="password-error" class="hero_form_error" hidden>Passwords didn't match</p>
+ <p id="password-match-error" class="hero_form_error" hidden>Passwords didn't match</p>
<input type="submit" value="Sign up">
- <p style="font-size: 1.1em;">Already have an account? <a href="login.html">Sign in</a>
+ <p style="font-size: 1.1em;">Don't have an account? <a href="login.html">Log in</a>
</div>
</form>
</div>
diff --git a/js/arrows.js b/js/arrows.js
index ec7352c..10ad416 100644
--- a/js/arrows.js
+++ b/js/arrows.js
@@ -20,7 +20,7 @@ function make_arrow() {
setTimeout(make_arrow, delay);
setTimeout(() => {
svg.remove();
- arrows.remove(ob);
+ arrows.shift();
}, lifetime);
}
diff --git a/js/validate_hero.js b/js/validate_hero.js
index 118abbf..6d29a53 100644
--- a/js/validate_hero.js
+++ b/js/validate_hero.js
@@ -8,6 +8,20 @@ function clear_hero_errors()
errors[i].hidden = true;
}
}
+function validate_hero_login_form()
+{
+ var username=document.forms["hero_form"]["username"].value;
+ var flag=true;
+ clear_hero_errors();
+
+ if(username.length==0)
+ {
+ document.getElementById("username-length-error").hidden=false;
+ flag=false;
+ }
+ document.activeElement.blur();
+ return flag;
+}
function validate_hero_form()
{
var username=document.forms["hero_form"]["username"].value;
@@ -28,16 +42,17 @@ function validate_hero_form()
document.getElementById("email-error").hidden=false;
flag=false;
}
- if(password !== password2)
+ if(password.length==0)
{
- document.getElementById("password-error").hidden=false;
+ document.getElementById("password-length-error").hidden=false;
flag=false;
}
-
- if(flag)
+ if(password !== password2)
{
- document.getElementById("success").hidden=false;
+ document.getElementById("password-match-error").hidden=false;
+ flag=false;
}
+ document.activeElement.blur();
return flag;
}
diff --git a/login.html b/login.html
new file mode 100644
index 0000000..525358f
--- /dev/null
+++ b/login.html
@@ -0,0 +1,55 @@
+<!DOCTYPE html>
+<html>
+ <head>
+ <meta charset="utf-8">
+ <title>shady file upload</title>
+ <link rel="stylesheet" type="text/css" href="css/style.css">
+ </head>
+
+ <body>
+ <div class="overlay" style="height: 100%;">
+ <div class="vert2">
+ <div id="header">
+ <p class="logo">shady_file_upload</p>
+ </div>
+
+ <div id="page">
+ <div id="hero" class="overlay">
+ <div id="arrows">
+ <img src="svg/arrow.svg" id="protoarrow" style="display: none">
+ </div>
+
+ <div class="vcenter">
+ <p>file upload service</p>
+ <p class="big">that <span class="blue">just about works</span></p>
+ <p>most of the time</p>
+ </div>
+ </div>
+
+ <div class="vcenter">
+ <form name="hero_form" action="/php/login.php" method="post" onsubmit="return validate_hero_login_form()">
+ <h2>Login</h2>
+ <div class="content">
+ <p>Username</p>
+ <input type="text" id="username" name="username">
+ <p id="username-length-error" class="hero_form_error" hidden>Please enter a username</p>
+ <p>Password</p>
+ <input type="password" id="password" name="password">
+ <input type="submit" value="Login">
+ <p style="font-size: 1.1em;">Already have an account? <a href="index.html">Sign up</a>
+ </div>
+ </form>
+ </div>
+
+
+ </div>
+ </div>
+
+ <img src="svg/bottom.svg" class="bgbottom">
+ </div>
+
+ <script src="js/arrows.js"></script>
+ <script src="js/validate_hero.js"></script>
+
+ </body>
+ <html>
diff --git a/php/database.php b/php/database.php
index 934aafa..ef2b825 100644
--- a/php/database.php
+++ b/php/database.php
@@ -26,7 +26,7 @@ require_once "misc.php";
}
}
- /*returns false if this isn't a user, otherwise returns the userid*/
+ /*returns false if this isn't a user, otherwise returns the user*/
function get_user(string $user)
{
$ret=new User;
@@ -53,24 +53,25 @@ require_once "misc.php";
function authenticate(string $user, string $password)
{
$ret=new User;
- global $password_hash_algo;
-
-
- $hashed_pass=password_hash($password,$password_hash_algo);
- $prep=$this->pdo->prepare("select user_id,username,email from users where username=:username and password=:password");
+ $prep=$this->pdo->prepare("select user_id,username,email,password from users where username=:username");
$prep->bindParam(':username',$user);
- $prep->bindParam(':password',$hashed_pass);
-
$prep->execute();
$hold=$prep->fetch(PDO::FETCH_ASSOC);
+
if($hold)
{
- $ret->user_id=hold["user_id"];
- $ret->username=hold["username"];
- $ret->email_address["email"];
- return $ret;
+ if(password_verify($password,$hold["password"]))
+ {
+ $ret->user_id=$hold["user_id"];
+ $ret->username=$hold["username"];
+ $ret->email_address=$hold["email"];
+ return $ret;
+ }else
+ {
+ return false;
+ }
}else
{
return false;
diff --git a/php/login.php b/php/login.php
new file mode 100644
index 0000000..e6d44dc
--- /dev/null
+++ b/php/login.php
@@ -0,0 +1,25 @@
+<?php
+require_once "user.php";
+require_once "database.php";
+require_once "misc.php";
+
+$username=$_POST["username"];
+$password=$_POST["password"];
+/*server side verification*/
+if(gettype($username)!="string" || gettype($password)!="string")
+{
+ die("You didn't specify the pass or the username");
+}
+
+$database=new Database();
+$user=$database->authenticate($username,$password);
+if(!$user)
+{
+ die("Password or username is incorrect");
+}
+
+echo "Username: {$user->username}\n";
+echo "Email: {$user->email_address}";
+
+
+?>
diff --git a/register.php b/php/register.php
index 0c00ad4..b6b164c 100644
--- a/register.php
+++ b/php/register.php
@@ -1,7 +1,7 @@
<?php
-require_once "php/database.php";
-require_once "php/misc.php";
-require_once "php/configuration.php";
+require_once "database.php";
+require_once "misc.php";
+require_once "configuration.php";
$username=$_POST["username"];
$password=$_POST["password"];