DFiNE
/
OdenseTrack
关注 1
点赞 1
派生 0
代码 工单 3 合并请求 0 版本发布 2 百科 动态
"OdenseTrack" is a school assignment/project from AspIT https://aspit.dfine.net/odensetrack
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
1 提交
1 分支
目录树: 9ce532d7fe
分支列表 标签列表
${ item.name }
创建分支 ${ searchTerm }
从 '9ce532d7fe'
${ noResults }
OdenseTrack/_login.php

_login.php 2.1KB
文件历史 原始文件

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 
  1. <?php

  2. 

  3. /*

  4.  * Login page - Users are sent here if they are not properly logged in, or their login expired.

  5.  */

  6. session_start();

  7. 

  8. if(isset($_GET['logout'])) {

  9.     $_SESSION = array();

  10.     session_unset();

  11.     session_destroy();

  12.     header("Location: index.php?page=home");

  13.     die("Error, please enable browser redirects.");

  14. }

  15. 

  16. if (isset($_SESSION['user'])) {

  17.     header("Location: index.php?page=home");

  18.     die("Error, please enable browser redirects.");

  19. }

  20. 

  21. mb_internal_encoding("utf-8"); // Internal encoding set to UTF-8, should fix some charset issues.

  22. 

  23. require_once("include.php"); // Our includes.

  24. 

  25. /*

  26.  * Get variables and sanitize their inputs

  27.  */

  28. $error = array();

  29. 

  30. if (isset($_POST['u']) && isset($_POST['p'])) {

  31.     // If mail and pw is set, lets do some sanitizng.

  32. 

  33.     if (filter_input(INPUT_POST, 'u', FILTER_DEFAULT) == true) {

  34.         $email = $_POST['u'];

  35.     } else {

  36.         $error[] = "Email or username incorrect.";

  37.     }

  38. 

  39.     if (filter_input(INPUT_POST, 'p', FILTER_DEFAULT) == true) {

  40.         $password = $_POST['p'];

  41.     } else {

  42.         $error[] = "Email or username incorrect.";

  43.     }

  44. 

  45.     $db = new DBClass();

  46.     $query = "SELECT * FROM `" . Config::$db_tableusers . "` WHERE `username` = '" . $email . "'";

  47. 

  48.     if ($db->numRows($db->query($query)) >= 1) {

  49.         $result = $db->fetchAll($db->query($query))[0];

  50.         if (password_verify($password, $result['password']) && $email == $result['username']) {

  51.             // SUCCESS!

  52.             $_SESSION['user'] = $result['id'];

  53.             $_SESSION['username'] = $result['username'];

  54.             $_SESSION['lvl'] = $result['level'];

  55. 

  56.             header('Location: index.php?page=news');

  57.             die("Error, please enable browser redirects.");

  58.         } else {

  59.             $error[] = "Mail wrong";

  60.         }

  61.     } else {

  62.         $error[] = "Wrong email or password.";

  63.         header('Location: index.php?page=login&error=1');

  64.     }

  65. }

  66. 

  67. 

  68. /*

  69.  * If no information was sent to the script, or the login was incorrect - HTML below here will be shown.

  70.  */

  71. 

  72. header('Location: ' . Config::$sys_url . '?page=login&error=1');

  73. die("Error, please enable browser redirects.");