diff options
Diffstat (limited to 'php')
-rw-r--r-- | php/login.php | 7 | ||||
-rw-r--r-- | php/logout.php | 10 | ||||
-rw-r--r-- | php/register.php | 4 |
3 files changed, 18 insertions, 3 deletions
diff --git a/php/login.php b/php/login.php index e6d44dc..536a5bf 100644 --- a/php/login.php +++ b/php/login.php @@ -3,6 +3,8 @@ require_once "user.php"; require_once "database.php"; require_once "misc.php"; +session_start(); + $username=$_POST["username"]; $password=$_POST["password"]; /*server side verification*/ @@ -18,8 +20,7 @@ if(!$user) die("Password or username is incorrect"); } -echo "Username: {$user->username}\n"; -echo "Email: {$user->email_address}"; - +$_SESSION['username'] = $user->username; +header('Location: /'); ?> diff --git a/php/logout.php b/php/logout.php new file mode 100644 index 0000000..9a4cdd7 --- /dev/null +++ b/php/logout.php @@ -0,0 +1,10 @@ +<?php +// TODO +// This is dangerous and stupid +// Right now every webpage can redirect any of its users to http://shady.upload/logout +// which will log the user out of our webpage + +session_start(); +unset($_SESSION['username']); +header('Location: /'); +?> diff --git a/php/register.php b/php/register.php index ef1f238..1d31a91 100644 --- a/php/register.php +++ b/php/register.php @@ -31,4 +31,8 @@ if($database->register_user($username,$password,$email)) echo "didn't register"; } + +$_SESSION['username'] = $username; +header('Location: /'); + ?> |