jrtechs
/
jrtechs-Club-Panda
mirror of https://github.com/jrtechs/Club-Panda.git
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
Simple website with some JavaScript games.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5 Commits
1 Branch
4.1 MiB
Tree: a74f2e3561
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a74f2e3561'
${ noResults }
jrtechs-Club-Panda/user/profile.php

143 lines
4.3 KiB
Raw Normal View History

Initial commit
7 years ago
 
  1. <?php
  2. 

  3.     $errors = array();
  4.     
  5.     if(isset($_POST['logout']))
  6.     {
  7.         $_SESSION = array();
  8.         
  9.         echo '<h3>You are now logged out</h3>';
  10.         
  11.         echo("<meta http-equiv='refresh' content='1'>");
  12.     }
  13. 

  14.     if(isset($_POST['log_in']))
  15.     {
  16.         //echo 'Login procces';

  17.         if(isset($_POST['user_name']))
  18.         {
  19.             $i_username = @mysqli_real_escape_string($dbc, trim($_POST['user_name']));
  20.         }
  21.         else
  22.         {
  23.             $errors['User Name'] = 'You need to enter a user name!';
  24.         }
  25.         
  26.         if(isset($_POST['password']))
  27.         {
  28.             $i_password = @mysqli_real_escape_string($dbc, trim($_POST['password']));
  29.         }
  30.         else
  31.         {
  32.             $errors['password'] = "You need to enter a password!";
  33.         }
  34.         
  35.         
  36.         if($i_password && $i_username)
  37.         {
  38.             
  39.             //valid username

  40.             $q3 = "select * from users where user_name='$i_username'";
  41.             //echo $q3;

  42.             $r3 = mysqli_query($dbc, $q3);
  43.             
  44.             if(@mysqli_num_rows($r3) == 1)
  45.             {
  46.                 //echo 'das good';

  47.                 $firstName = "";
  48.                 while($row = mysqli_fetch_array($r3))
  49.                 {
  50.                     $firstName = $row['first_name'];
  51.                     
  52.                 }
  53.                 
  54.                 $q2 = "select * from users where user_name = '$i_username' and pass ='"  . SHA1($i_password . $firstName) .   "'";
  55.                 
  56.                //echo $q2;

  57.                 
  58.                 $r2 = mysqli_query($dbc, $q2);
  59.                 
  60.                 
  61.                 //30 minutes of error seaching to realize if frogot the s in mysqli

  62.                 if(@mysqli_num_rows($r2) == 1)
  63.                 {
  64.                     while($row = mysqli_fetch_array($r2))
  65.                     {
  66.                         
  67.                         $_SESSION['use'] = true;
  68.                         $_SESSION['fname'] = $firstName;
  69.                         $_SESSION['user_id'] = $row['user_id'];
  70.                         $_SESSION['username'] = $row['user_name'];
  71.                         $_SESSION['agent'] = md5($_SERVER['HTTP_USERAGENT'] . 'salt');
  72.                         
  73.                         
  74.                         header("Location: index.php");
  75.                     }
  76.                 }
  77.                 else
  78.                 {
  79.                     $errors['password'] = "You entered an invalid password";
  80.                 }
  81.             }
  82.             else
  83.             {
  84.                 $errors['user'] = "You entered an invalid user name!";
  85.             }
  86.         }
  87.     }
  88.         
  89.     echo '<h1 class="w3-text-teal">';
  90.     
  91.     echo '<center>';
  92.     
  93.     if($loggedIn)
  94.     {
  95.         echo 'Profile';
  96.     }
  97.     else
  98.     {
  99.         echo 'Log In';
  100.     }
  101.     echo '</center></h1>';
  102.     
  103.     
  104.     echo '<div class ="w3-card-4 w3-container w3-padding-16">';
  105.     if($loggedIn)
  106.     {
  107.         echo '<h3 class="w3-center">Welcome ' . $_SESSION['fname'] . '</h3>';
  108.         
  109.         echo '<form action="index.php" method ="post">
  110.             <input class="w3-padding-16 w3-hover-dark-grey w3-btn-block w3-center-align" type="submit" name ="logout" value="logout" />
  111.             <input type="hidden" name="logout" value="TRUE" />
  112.             </form>';
  113.         
  114.     }
  115.     else 
  116.     {
  117.         //prints login form

  118.         
  119.         echo '<form action ="index.php" method ="post">
  120.             <div class="w3-group">
  121.             <input class="w3-input" type="text" value="" name="user_name" class="w3-container w3-card-4" required/>
  122.             <label class="w3-label w3-validate">User Name</label>
  123.             </div>
  124.             
  125.             <div class="w3-group">
  126.             <input class="w3-input" type="password" value="" name="password" class="w3-container w3-card-4" required/>
  127.             <label class="w3-label w3-validate">Password</label>
  128.             </div>
  129.             
  130.             <input type="submit" name="login" value="login" class="w3-padding-16 w3-hover-dark-grey w3-btn-block w3-center-align"/>
  131.             <input type="hidden" name="log_in" value="TRUE"/>
  132.             </form>';
  133.         
  134.         
  135.         
  136.     }
  137.     foreach($errors as $msg)
  138.     {
  139.         echo " - $msg<br />";
  140.     }
  141.      echo '</div>';   
  142.     
  143. 

  144. ?>