diff --git a/index.php b/index.php index bc8b76d..df030a1 100644 --- a/index.php +++ b/index.php @@ -1,8 +1,7 @@ 0 && !empty($_SESSION["email"]); +} + +function doLogin(){ + global $mysqli; + if(!empty($_POST["email"]) && !empty($_POST["password"])){ + $email = $_POST["email"]; + $pass = $_POST["password"]; + /* prepare statement */ + $stmt = $mysqli->prepare("SELECT ID, FirstName, LastName, Nickname, PasswordHash, MinecraftNick, isAdmin FROM Users WHERE EMAIL = ? AND isActive = 1"); + $stmt->bind_param("s", $email); + $stmt->execute(); + $idcko = 0; + $fname = ""; + $lname = ""; + $nickname = ""; + $pwdhash = ""; + $mcnick = ""; + $isadmin = false; + /* bind variables to prepared statement */ + $stmt->bind_result($idcko, $fname, $lname, $nickname, $pwdhash, $mcnick, $isadmin); + + $found = false; + /* fetch values */ + while ($stmt->fetch()) { + if (password_verify($pass, $pwdhash)){ + $_SESSION["ID"] = $idcko; + $_SESSION["first_name"] = $fname; + $_SESSION["last_name"] = $lname; + $_SESSION["nickname"] = $nickname; + $_SESSION["email"] = $email; + $_SESSION["mcnick"] = $mcnick; + $_SESSION["isadmin"] = $isadmin; + $found = true; + break; + } + else{ + $found = false; + } + break; + } + $stmt->close(); + if($found){ + $status = ["status" => "success"]; + } + else{ + $status = ["status" => "fail"]; + } + echo json_encode($status); + } +} + +function doLogout(){ + if(isLoggedIn()){ + session_destroy(); + $status = ["status" => "success"]; + } + else{ + $status = ["status" => "fail"]; + } + echo json_encode($status); +} + +function doRegister(){ + $status = ["status" => "fail"]; + if (!empty($_POST["activationtoken"])){ + global $mysqli; + + $firstName = $_POST["firstname"]; + $lastName = $_POST["lastname"]; + $nickname = $_POST["nickname"]; + $email = $_POST["email"]; + $password = $_POST["password"]; + $minecraftNick = $_POST["minecraftnick"]; + $activationToken = $_POST["activationtoken"]; + if (!empty($firstName) && !empty($lastName) && !empty($nickname) && !empty($email) && !empty($password) && !empty($activationToken)){ + $passwordHash = password_hash($password, PASSWORD_DEFAULT); + + $stmt = $mysqli->prepare("UPDATE Users SET FirstName = ?, LastName = ?, Nickname = ?, Email = ?, PasswordHash = ?, MinecraftNick = ?, isAdmin = 0, isActivated = 1 WHERE isActivated = 0 AND ActivationToken = ?"); + $stmt->bind_param("ssssss", $firstName, $lastName, $nickname, $email, $passwordHash, $minecraftNick, $activationToken); + $stmt->execute(); + if ($stmt->affected_rows > 0) { + $status["status"] = "success"; + } + $stmt->close(); + } + } +} + +?> \ No newline at end of file diff --git a/templates/navpages.php b/lib/navpages.php similarity index 100% rename from templates/navpages.php rename to lib/navpages.php diff --git a/lib/routing.php b/lib/routing.php new file mode 100644 index 0000000..fbf1bf3 --- /dev/null +++ b/lib/routing.php @@ -0,0 +1,40 @@ + \ No newline at end of file diff --git a/pages/global/account.php b/pages/global/account.php new file mode 100644 index 0000000..ed323b1 --- /dev/null +++ b/pages/global/account.php @@ -0,0 +1,39 @@ + 0){ + $account_template = file_get_contents($template_dir . "account.html"); + echo $account_template; +} +else{ + $login_template = file_get_contents($template_dir . "login.html"); + echo $login_template; +} + +return ob_get_clean(); + +?> \ No newline at end of file diff --git a/pages/global/login.php b/pages/global/login.php deleted file mode 100644 index dd6e9e2..0000000 --- a/pages/global/login.php +++ /dev/null @@ -1,56 +0,0 @@ -prepare("SELECT ID, PSWD, IGN, ISADMIN FROM Users where EMAIL = ?"); - $stmt->bind_param("s", $email); - $stmt->execute(); - /* bind variables to prepared statement */ - $stmt->bind_result($idcko, $hash, $ign, $isadmin); - - $found = false; - /* fetch values */ - while ($stmt->fetch()) { - if (password_verify($pass, $hash)){ - $_SESSION["ID"] = $idcko; - $_SESSION["email"] = $email; - $_SESSION["ign"] = $ign; - $_SESSION["isadmin"] = $isadmin; - $found = true; - break; - } - else{ - $_SESSION["ID"] = 0; - $_SESSION["email"] = ""; - $_SESSION["ign"] = ""; - $_SESSION["isadmin"] = 0; - $found = false; - } - break; - } - if($found){ - echo "Login successful"; - } - else{ - echo "Login failed"; - } - } -} -if ($_SESSION["ID"] > 0){ - $account_template = file_get_contents($template_dir . "account.html"); - echo $account_template; -} -else{ - $login_template = file_get_contents($template_dir . "login.html"); - echo $login_template; -} - -return ob_get_clean(); - -?> \ No newline at end of file