-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.php
76 lines (74 loc) · 2.12 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
<?
$msg = '';
include 'include/functions.php';
// Delete cookie if the URL ends with ?logout
if (isset($_GET['logout'])){
setcookie('user', '', time()-60000);
}
// Redirect the user to the appropriate page if they are logged in
if (isset($_COOKIE['user'])){
if ($_COOKIE['user'] == 'admin'){
header('location: admin.php');
} else {
header('location: user.php');
}
}
// Validate user login details
if (isset($_POST['login'])){
$username = addslashes($_POST['username']);
$password = addslashes($_POST['password']);
$hash = hash('sha512',$username.hash('sha512',$password));
$result = query_DB("SELECT * FROM users WHERE username='$username'");
$row = mysqli_fetch_assoc($result);
if (count($row) == 0){
$msg .= 'Username incorrect';
} else {
if ($row['password'] == $hash){
setcookie('user', $row['username'], time()+3600*24*30);
if ($row['username'] == 'admin'){
header('location: admin.php');
} else {
header('location: user.php');
}
} else {
$msg .= 'Password incorrect';
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>PropView</title>
<? include 'include/head.php' ?>
<link rel="stylesheet" href="css/index.css">
</head>
<body>
<div id="container">
<? include 'include/header.php' ?>
<section id="right">
<div id="login_container">
<figure>
<a href="index.php"><img src="files/logo.png" id="logo" alt="PropView Logo"></a>
<figcaption>Virtual Property Supervision</figcaption>
</figure>
<form method="post" class="pure-form pure-form-stacked login">
<?=$msg?>
<fieldset>
<div>
<label for="username-input">Username:</label>
<input type="text" id="username-input" name="username" placeholder="Username" required>
</div>
<div>
<label for="password-input">Password:</label>
<input type="password" id="password-input" name="password" placeholder="Password" required>
</div>
<button type="submit" name="login" class="pure-button">Login</button>
</fieldset>
</form>
</div>
</section>
<? include 'include/footer.php' ?>
</div>
</body>
</html>