jrtechs
/
jrtechs-Club-Panda
mirror of https://github.com/jrtechs/Club-Panda.git
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
Simple website with some JavaScript games.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
1.7 MiB
Tree: 7495189694
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7495189694'
${ noResults }
jrtechs-Club-Panda/user/profile.php

144 lines
4.4 KiB
Raw Normal View History

Initial commit
7 years ago
 
  1. <?php
  2. 

  3.     //ini_set('display_errors', 1);

  4.     $errors = array();
  5.     
  6.     if(isset($_POST['logout']))
  7.     {
  8.         $_SESSION = array();
  9.         
  10.         echo '<h3>You are now logged out</h3>';
  11.         
  12.         echo("<meta http-equiv='refresh' content='1'>");
  13.     }
  14. 

  15.     if(isset($_POST['log_in']))
  16.     {
  17.         //echo 'Login procces';

  18.         if(isset($_POST['user_name']))
  19.         {
  20.             $i_username = @mysqli_real_escape_string($dbc, trim($_POST['user_name']));
  21.         }
  22.         else
  23.         {
  24.             $errors['User Name'] = 'You need to enter a user name!';
  25.         }
  26.         
  27.         if(isset($_POST['password']))
  28.         {
  29.             $i_password = @mysqli_real_escape_string($dbc, trim($_POST['password']));
  30.         }
  31.         else
  32.         {
  33.             $errors['password'] = "You need to enter a password!";
  34.         }
  35.         
  36.         
  37.         if($i_password && $i_username)
  38.         {
  39.             
  40.             //valid username

  41.             $q3 = "select * from users where user_name='$i_username'";
  42.             //echo $q3;

  43.             $r3 = mysqli_query($dbc, $q3);
  44.             
  45.             if(@mysqli_num_rows($r3) == 1)
  46.             {
  47.                 //echo 'das good';

  48.                 $firstName = "";
  49.                 while($row = mysqli_fetch_array($r3))
  50.                 {
  51.                     $firstName = $row['first_name'];
  52.                     
  53.                 }
  54.                 
  55.                 $q2 = "select * from users where user_name = '$i_username' and pass ='"  . SHA1($i_password . $firstName) .   "'";
  56.                 
  57.                //echo $q2;

  58.                 
  59.                 $r2 = mysqli_query($dbc, $q2);
  60.                 
  61.                 
  62.                 //30 minutes of error seaching to realize if frogot the s in mysqli

  63.                 if(@mysqli_num_rows($r2) == 1)
  64.                 {
  65.                     while($row = mysqli_fetch_array($r2))
  66.                     {
  67.                         
  68.                         $_SESSION['use'] = true;
  69.                         $_SESSION['fname'] = $firstName;
  70.                         $_SESSION['user_id'] = $row['user_id'];
  71.                         $_SESSION['username'] = $row['user_name'];
  72.                         $_SESSION['agent'] = md5($_SERVER['HTTP_USERAGENT'] . 'salt');
  73.                         
  74.                         
  75.                         header("Location: index.php");
  76.                     }
  77.                 }
  78.                 else
  79.                 {
  80.                     $errors['password'] = "You entered an invalid password";
  81.                 }
  82.             }
  83.             else
  84.             {
  85.                 $errors['user'] = "You entered an invalid user name!";
  86.             }
  87.         }
  88.     }
  89.         
  90.     echo '<h1 class="w3-text-teal">';
  91.     
  92.     echo '<center>';
  93.     
  94.     if($loggedIn)
  95.     {
  96.         echo 'Profile';
  97.     }
  98.     else
  99.     {
  100.         echo 'Log In';
  101.     }
  102.     echo '</center></h1>';
  103.     
  104.     
  105.     echo '<div class ="w3-card-4 w3-container w3-padding-16">';
  106.     if($loggedIn)
  107.     {
  108.         echo '<h3 class="w3-center">Welcome ' . $_SESSION['fname'] . '</h3>';
  109.         
  110.         echo '<form action="index.php" method ="post">
  111.             <input class="w3-padding-16 w3-hover-dark-grey w3-btn-block w3-center-align" type="submit" name ="logout" value="logout" />
  112.             <input type="hidden" name="logout" value="TRUE" />
  113.             </form>';
  114.         
  115.     }
  116.     else 
  117.     {
  118.         //prints login form

  119.         
  120.         echo '<form action ="index.php" method ="post">
  121.             <div class="w3-group">
  122.             <input class="w3-input" type="text" value="" name="user_name" class="w3-container w3-card-4" required/>
  123.             <label class="w3-label w3-validate">User Name</label>
  124.             </div>
  125.             
  126.             <div class="w3-group">
  127.             <input class="w3-input" type="password" value="" name="password" class="w3-container w3-card-4" required/>
  128.             <label class="w3-label w3-validate">Password</label>
  129.             </div>
  130.             
  131.             <input type="submit" name="login" value="login" class="w3-padding-16 w3-hover-dark-grey w3-btn-block w3-center-align"/>
  132.             <input type="hidden" name="log_in" value="TRUE"/>
  133.             </form>';
  134.         
  135.         
  136.         
  137.     }
  138.     foreach($errors as $msg)
  139.     {
  140.         echo " - $msg<br />";
  141.     }
  142.      echo '</div>';   
  143.     
  144. 

  145. ?>