Changes in html and Login/Register php
This commit is contained in:
parent
4c43261455
commit
a7c943676f
21
login.php
21
login.php
@ -7,18 +7,23 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
$username = $_POST['username'];
|
||||
$password = $_POST['password'];
|
||||
|
||||
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
|
||||
// Prepare and execute the SQL query using prepared statements
|
||||
$query = "SELECT id, username, password, isAdmin FROM users WHERE username = ?";
|
||||
$stmt = $mysqli->prepare($query);
|
||||
$stmt->bind_param("s", $username);
|
||||
$stmt->execute();
|
||||
$stmt->bind_result($user_id, $user_username, $user_password, $user_isAdmin);
|
||||
|
||||
$query = "SELECT * FROM users WHERE username = '$username' AND password = '$hashed_password'";
|
||||
$result = mysqli_query($mysqli, $query);
|
||||
|
||||
if (mysqli_num_rows($result) == 1) {
|
||||
$user = mysqli_fetch_assoc($result);
|
||||
$_SESSION['user_id'] = $user['id'];
|
||||
header('Location: main.php');
|
||||
// Fetch the result
|
||||
if ($stmt->fetch() && password_verify($password, $user_password)) {
|
||||
$_SESSION['user_id'] = $user_id;
|
||||
header('Location: index.php');
|
||||
exit();
|
||||
} else {
|
||||
echo "Invalid username or password.";
|
||||
}
|
||||
|
||||
// Close the statement
|
||||
$stmt->close();
|
||||
}
|
||||
?>
|
||||
|
@ -0,0 +1,28 @@
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<title>Welcome</title>
|
||||
<link rel="stylesheet" href="../styles/pages/index.css">
|
||||
</head>
|
||||
<body>
|
||||
<h2>Welcome</h2>
|
||||
<?php
|
||||
echo "Logged in as " . $user['username'];
|
||||
if ($user['isAdmin'] == 1) {
|
||||
echo " (Admin)";
|
||||
}
|
||||
?>
|
||||
|
||||
<!-- Display Gravatar image -->
|
||||
<?php
|
||||
$email = $user['email'];
|
||||
$hash = md5(strtolower(trim($email)));
|
||||
$gravatarUrl = "https://www.gravatar.com/avatar/$hash?s=100";
|
||||
echo "<img src='$gravatarUrl' alt='Gravatar Profile Picture'>";
|
||||
?>
|
||||
|
||||
<a href="logout.php">Logout</a>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,16 @@
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<title>Login</title>
|
||||
<link rel="stylesheet" href="../styles/pages/login.css">
|
||||
</head>
|
||||
<body>
|
||||
<h2>Login</h2>
|
||||
<form action="../login.php" method="post">
|
||||
<!-- Add your login form fields here (e.g., username, password) -->
|
||||
<input type="submit" value="Login">
|
||||
</form>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,16 @@
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<title>Register</title>
|
||||
<link rel="stylesheet" href="../styles/pages/register.css">
|
||||
</head>
|
||||
<body>
|
||||
<h2>Register</h2>
|
||||
<form action="../register.php" method="post">
|
||||
<!-- Add your registration form fields here (e.g., username, email, password) -->
|
||||
<input type="submit" value="Register">
|
||||
</form>
|
||||
</body>
|
||||
</html>
|
15
register.php
15
register.php
@ -11,14 +11,21 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
// Hash the password
|
||||
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
|
||||
|
||||
// Insert user into the database
|
||||
$query = "INSERT INTO users (username, email, password) VALUES ('$username', '$email', '$hashed_password')";
|
||||
$result = mysqli_query($mysqli, $query);
|
||||
// Prepare and execute the SQL query using prepared statements
|
||||
$query = "INSERT INTO users (username, email, password) VALUES (?, ?, ?)";
|
||||
$stmt = $mysqli->prepare($query);
|
||||
$stmt->bind_param("sss", $username, $email, $hashed_password);
|
||||
|
||||
// Execute the statement
|
||||
$result = $stmt->execute();
|
||||
|
||||
if ($result) {
|
||||
echo "Registration successful. <a href='login.html'>Login here</a>.";
|
||||
} else {
|
||||
echo "Error: " . mysqli_error($mysqli);
|
||||
echo "Error: " . $mysqli->error;
|
||||
}
|
||||
|
||||
// Close the statement
|
||||
$stmt->close();
|
||||
}
|
||||
?>
|
||||
|
Loading…
Reference in New Issue
Block a user