You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
68 lines
1.5 KiB
68 lines
1.5 KiB
<?php
|
|
|
|
// remove next 3 lines when you're done, so that errors don't show up in a browser
|
|
ini_set("display_errors", "1");
|
|
ini_set("display_startup_errors", "1");
|
|
error_reporting(E_ALL);
|
|
|
|
$is_invalid = false;
|
|
|
|
if ($_SERVER["REQUEST_METHOD"] === "POST") {
|
|
|
|
$mysqli = require __DIR__ . "/database.php";
|
|
|
|
$sql = sprintf("SELECT * FROM user WHERE email = '%s'", $mysqli->real_escape_string($_POST["email"]));
|
|
|
|
$result = $mysqli->query($sql);
|
|
|
|
$user = $result->fetch_assoc();
|
|
|
|
if ($user) {
|
|
|
|
if (password_verify($_POST["password"], $user["password_hash"])) {
|
|
|
|
session_start();
|
|
|
|
session_regenerate_id();
|
|
|
|
$_SESSION["user_id"] = $user["id"];
|
|
|
|
header("Location: index.php");
|
|
exit;
|
|
}
|
|
}
|
|
|
|
$is_invalid = true;
|
|
}
|
|
|
|
?>
|
|
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>Login</title>
|
|
<meta charset="UTF-8">
|
|
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/water.css@2/out/water.css">
|
|
</head>
|
|
<body>
|
|
|
|
<h1>Login</h1>
|
|
|
|
<?php if ($is_invalid): ?>
|
|
<em>Invalid login</em>
|
|
<?php endif; ?>
|
|
|
|
<form method="post">
|
|
<label for="email">email</label>
|
|
<input type="email" name="email" id="email"
|
|
value="<?= htmlspecialchars($_POST["email"] ?? "") ?>">
|
|
|
|
<label for="password">password</label>
|
|
<input type="password" name="password" id="password">
|
|
|
|
<button>Log in</button>
|
|
</form>
|
|
|
|
</body>
|
|
</html>
|