diff options
-rw-r--r-- | index.php | 68 | ||||
-rw-r--r-- | loginregister.html | 53 | ||||
-rw-r--r-- | php/login.php | 7 | ||||
-rw-r--r-- | php/logout.php | 10 | ||||
-rw-r--r-- | php/register.php | 4 |
5 files changed, 86 insertions, 56 deletions
@@ -2,7 +2,8 @@ <html> <head> <meta charset="utf-8"> - <title>shady file upload</title> <link rel="stylesheet" type="text/css" href="css/style.css"> </head> + <title>shady file upload</title> <link rel="stylesheet" type="text/css" href="css/style.css"> + </head> <body> <div class="overlay" style="height: 100%;"> @@ -12,66 +13,27 @@ </div> <div id="page"> - <div id="hero" class="overlay"> - <div id="arrows"> - <img src="svg/arrow.svg" id="protoarrow" style="display: none"> - </div> - <div class="vcenter"> - <p>file upload service</p> - <p class="big">that <span class="blue">just about works</span></p> - <p>most of the time</p> - </div> - </div> - <div class="vcenter" id="signupform"> - <form name="register_form" action="/php/register.php" method="post" onsubmit="return validate_hero_form()"> - <h2>Get started</h2> - <div class="content"> - <p>Username</p> - <input type="text" id="username" name="username"> - <p id="username-length-error" class="hero_form_error" hidden>Please specify a username</p> +<?php + session_start(); + if (array_key_exists("username", $_SESSION)) { + echo "Welcome, $_SESSION[username]"; +?> - <p>Email address</p> - <input type="text" id="email" name="email"> - <p id="email-error" class="hero_form_error" hidden>Invalid email address</p> - - <p>Password</p> - <input type="password" id="password" name="password"> - <p id="password-length-error" class="hero_form_error" hidden>Please provide a password</p> - - <p>Repeat Password</p> - <input type="password" id="password2" name="password2"> - <p id="password-match-error" class="hero_form_error" hidden>Passwords didn't match</p> - <input type="submit" value="Sign up"> - <p style="font-size: 1.1em;">Already have an account? <a href="#" onclick="showLogin(true)">Log in</a> - </div> - </form> - </div> - - <div class="vcenter" id="loginform"> - <form name="login_form" action="/php/login.php" method="post" onsubmit="return validate_hero_login_form()"> - <h2>Login</h2> - <div class="content"> - <p>Username</p> - <input type="text" id="username" name="username"> - <p id="username-length-error" class="hero_form_error" hidden>Please enter a username</p> - <p>Password</p> - <input type="password" id="password" name="password"> - <input type="submit" value="Login"> - <p style="font-size: 1.1em;">Don't have an account? <a href="#" onclick="showLogin(false)">Sign up</a> - </div> - </form> - </div> +<a href="/php/logout.php">Log out</a> +<?php + } + else { + require_once("loginregister.html"); + } +?> </div> </div> - <img src="svg/bottom.svg" class="bgbottom"> </div> - <script src="main.js"></script> - </body> - <html> +<html> diff --git a/loginregister.html b/loginregister.html new file mode 100644 index 0000000..2d87daf --- /dev/null +++ b/loginregister.html @@ -0,0 +1,53 @@ +<div id="hero" class="overlay"> + <div id="arrows"> + <img src="svg/arrow.svg" id="protoarrow" style="display: none"> + </div> + + <div class="vcenter"> + <p>file upload service</p> + <p class="big">that <span class="blue">just about works</span></p> + <p>most of the time</p> + </div> +</div> + +<div class="vcenter" id="signupform"> + <form name="register_form" action="/php/register.php" method="post" onsubmit="return validate_hero_form()"> + <h2>Get started</h2> + <div class="content"> + <p>Username</p> + <input type="text" id="username" name="username"> + <p id="username-length-error" class="hero_form_error" hidden>Please specify a username</p> + + <p>Email address</p> + <input type="text" id="email" name="email"> + <p id="email-error" class="hero_form_error" hidden>Invalid email address</p> + + <p>Password</p> + <input type="password" id="password" name="password"> + <p id="password-length-error" class="hero_form_error" hidden>Please provide a password</p> + + <p>Repeat Password</p> + <input type="password" id="password2" name="password2"> + <p id="password-match-error" class="hero_form_error" hidden>Passwords didn't match</p> + <input type="submit" value="Sign up"> + <p style="font-size: 1.1em;">Already have an account? <a href="#" onclick="showLogin(true)">Log in</a> + </div> + </form> +</div> + +<div class="vcenter" id="loginform"> + <form name="login_form" action="/php/login.php" method="post" onsubmit="return validate_hero_login_form()"> + <h2>Login</h2> + <div class="content"> + <p>Username</p> + <input type="text" id="username" name="username"> + <p id="username-length-error" class="hero_form_error" hidden>Please enter a username</p> + <p>Password</p> + <input type="password" id="password" name="password"> + <input type="submit" value="Login"> + <p style="font-size: 1.1em;">Don't have an account? <a href="#" onclick="showLogin(false)">Sign up</a> + </div> + </form> +</div> + + diff --git a/php/login.php b/php/login.php index e6d44dc..536a5bf 100644 --- a/php/login.php +++ b/php/login.php @@ -3,6 +3,8 @@ require_once "user.php"; require_once "database.php"; require_once "misc.php"; +session_start(); + $username=$_POST["username"]; $password=$_POST["password"]; /*server side verification*/ @@ -18,8 +20,7 @@ if(!$user) die("Password or username is incorrect"); } -echo "Username: {$user->username}\n"; -echo "Email: {$user->email_address}"; - +$_SESSION['username'] = $user->username; +header('Location: /'); ?> diff --git a/php/logout.php b/php/logout.php new file mode 100644 index 0000000..9a4cdd7 --- /dev/null +++ b/php/logout.php @@ -0,0 +1,10 @@ +<?php +// TODO +// This is dangerous and stupid +// Right now every webpage can redirect any of its users to http://shady.upload/logout +// which will log the user out of our webpage + +session_start(); +unset($_SESSION['username']); +header('Location: /'); +?> diff --git a/php/register.php b/php/register.php index ef1f238..1d31a91 100644 --- a/php/register.php +++ b/php/register.php @@ -31,4 +31,8 @@ if($database->register_user($username,$password,$email)) echo "didn't register"; } + +$_SESSION['username'] = $username; +header('Location: /'); + ?> |