A simple php website which displays quotes on pictures of pandas.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

144 lines
4.2 KiB

  1. <?php
  2. //ini_set('display_errors', 1);
  3. $errors = array();
  4. if(isset($_POST['logout']))
  5. {
  6. $_SESSION = array();
  7. echo '<h3>You are now logged out</h3>';
  8. echo("<meta http-equiv='refresh' content='1'>");
  9. }
  10. if(isset($_POST['log_in']))
  11. {
  12. //echo 'Login procces';
  13. if(isset($_POST['user_name']))
  14. {
  15. $i_username = @mysqli_real_escape_string($dbc, trim($_POST['user_name']));
  16. }
  17. else
  18. {
  19. $errors['User Name'] = 'You need to enter a user name!';
  20. }
  21. if(isset($_POST['password']))
  22. {
  23. $i_password = @mysqli_real_escape_string($dbc, trim($_POST['password']));
  24. }
  25. else
  26. {
  27. $errors['password'] = "You need to enter a password!";
  28. }
  29. if($i_password && $i_username)
  30. {
  31. //valid username
  32. $q3 = "select * from users where user_name='$i_username'";
  33. //echo $q3;
  34. $r3 = mysqli_query($dbc, $q3);
  35. if(@mysqli_num_rows($r3) == 1)
  36. {
  37. //echo 'das good';
  38. $firstName = "";
  39. while($row = mysqli_fetch_array($r3))
  40. {
  41. $firstName = $row['first_name'];
  42. }
  43. $q2 = "select * from users where user_name = '$i_username' and pass ='" . SHA1($i_password . $firstName) . "'";
  44. //echo $q2;
  45. $r2 = mysqli_query($dbc, $q2);
  46. //30 minutes of error seaching to realize if frogot the s in mysqli
  47. if(@mysqli_num_rows($r2) == 1)
  48. {
  49. while($row = mysqli_fetch_array($r2))
  50. {
  51. $_SESSION['use'] = true;
  52. $_SESSION['fname'] = $firstName;
  53. $_SESSION['user_id'] = $row['user_id'];
  54. $_SESSION['username'] = $row['user_name'];
  55. $_SESSION['agent'] = md5($_SERVER['HTTP_USERAGENT'] . 'salt');
  56. header("Location: index.php");
  57. }
  58. }
  59. else
  60. {
  61. $errors['password'] = "You entered an invalid password";
  62. }
  63. }
  64. else
  65. {
  66. $errors['user'] = "You entered an invalid user name!";
  67. }
  68. }
  69. }
  70. echo '<h1 class="w3-text-teal">';
  71. echo '<center>';
  72. if($loggedIn)
  73. {
  74. echo 'Profile';
  75. }
  76. else
  77. {
  78. echo 'Log In';
  79. }
  80. echo '</center></h1>';
  81. echo '<div class ="w3-card-4 w3-container w3-padding-16">';
  82. if($loggedIn)
  83. {
  84. echo '<h3 class="w3-center">Welcome ' . $_SESSION['fname'] . '</h3>';
  85. echo '<form action="index.php" method ="post">
  86. <input class="w3-padding-16 w3-hover-dark-grey w3-btn-block w3-center-align" type="submit" name ="logout" value="logout" />
  87. <input type="hidden" name="logout" value="TRUE" />
  88. </form>';
  89. }
  90. else
  91. {
  92. //prints login form
  93. echo '<form action ="index.php" method ="post">
  94. <div class="w3-group">
  95. <input class="w3-input" type="text" value="" name="user_name" class="w3-container w3-card-4" required/>
  96. <label class="w3-label w3-validate">User Name</label>
  97. </div>
  98. <div class="w3-group">
  99. <input class="w3-input" type="password" value="" name="password" class="w3-container w3-card-4" required/>
  100. <label class="w3-label w3-validate">Password</label>
  101. </div>
  102. <input type="submit" name="login" value="login" class="w3-padding-16 w3-hover-dark-grey w3-btn-block w3-center-align"/>
  103. <input type="hidden" name="log_in" value="TRUE"/>
  104. </form>';
  105. }
  106. foreach($errors as $msg)
  107. {
  108. echo " - $msg<br />";
  109. }
  110. echo '</div>';
  111. ?>