-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.php
66 lines (60 loc) · 1.89 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
<?php
// Import util functions
require("util.php");
// Import password library for backwards compatibility
require("lib/password.php");
checkEmptySession();
dbConnect();
if (!empty($_POST)) {
// Get submitted email and password
$email = htmlspecialchars($_POST["email"]);
$password = htmlspecialchars($_POST["password"]);
$result = userFromEmail($email);
// Display error if user not found
if (empty($result)) {
setError("Email or password invalid.");
} else {
// Verify password
if (password_verify($password, $result["password"])) {
if ($result["confirmed"] == 0) {
$_SESSION["errorMessage"] = "<p id=\"error\">Confirm your account before logging in.</p>";
header("Location: confirm.php");
die();
} else {
// Create session
$_SESSION["id"] = $result["id"];
header("Location: index.php");
die();
}
// Display error if password incorrect
} else {
setError("Email or password invalid.");
}
}
}
echoHeader(0);
?>
<div id="form">
<form method="post" action=<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>>
<table style="margin: 0 auto;">
<?php if (!empty($errorMessage)) { echo("<tr><td colspan=\"2\">" . $errorMessage . "</td></tr>"); } ?>
<tr>
<td id="label" align="right">Email: </td>
<td id="label"><input type="email" name="email" /></td>
</tr>
<tr>
<td id="label" align="right">Password: </td>
<td id="label"><input type="password" name="password" /></td>
</tr>
<tr>
<td id="label" align="right"><input type="submit" name="login" value="Login" /></td>
<td id="link"><a href="recover.php">Forgot your password?</a></td>
</tr>
<tr>
<td id="link" colspan="2"><a href="register.php">Don't have an account? Register now!</a></td>
</tr>
</table>
</form>
</div>
</body>
</html>