-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.php
70 lines (61 loc) · 1.7 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<?php
require_once 'lib/common.php';
// We need to test for a minimum version of PHP, because earlier versions have bugs that affect security
if (version_compare(PHP_VERSION, '5.3.7') < 0) {
throw new Exception(
'This system needs PHP 5.3.7 or later'
);
}
session_start();
// If we're already logged in, go back home
if (isLoggedIn()) {
redirectAndExit('index.php');
}
// Handle the form posting
$username = '';
if ($_POST) {
// Init the the database
$pdo = getPDO();
// We redirect only if the password is correct
$username = $_POST['username'];
$ok = tryLogin($pdo, $username, $_POST['password']);
if ($ok) {
login($username);
redirectAndExit('index.php');
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>
EchoZone - A blog application | Login
</title>
<?php require 'templates/head.php' ?>
</head>
<body>
<?php require 'templates/title.php' ?>
<?php // If we have a username, then the user got something wrong, so let's have an error ?>
<?php if ($username): ?>
<div class="error box">
The username or password is incorrect, try again
</div>
<?php endif ?>
<p>Login here:</p>
<form method="post" class="user-form">
<div>
<label for="username">
Username:
</label>
<input type="text" id="username" name="username" value="<?php echo htmlEscape($username) ?>" />
</div>
<div>
<label for="password">
Password:
</label>
<input type="password" id="password" name="password" />
</div>
<input type="submit" name="submit" value="Login" />
</form>
</body>
</html>