Added users system! (They can login and logout)

2016-06-12 09:57:55 +00:00 · 2016-06-12 09:57:55 +00:00 · beb9cdd9ec
parent ea3acba182
commit beb9cdd9ec
4 changed files with 138 additions and 3 deletions
--- a/includes/user.php
+++ b/includes/user.php
@ -0,0 +1,33 @@
+<?php
+function GetUsersIDBySession($sid,$skey){
+	include "config/config.php";
+	//SELECT * FROM pastes WHERE uid=
+	$stmt = $conn->prepare("SELECT uid FROM sessions WHERE id=:sid AND skey=:skey");
+	$stmt->bindParam(':skey', $skey);
+	$stmt->bindParam(':sid', $sid);
+	$stmt->execute();
+	if($result = $stmt->fetch()){
+		$conn = null;
+		return $result[0];
+	} else {
+		$conn = null;
+		return -1;
+	}
+}
+function LogOutUserBySession($sid,$skey){
+	include "config/config.php";
+	$stmt = $conn->prepare("DELETE FROM sessions WHERE id=:sid AND skey=:skey");
+	$stmt->bindParam(':skey', $skey);
+	$stmt->bindParam(':sid', $sid);
+	$stmt->execute();
+	$conn = null;
+}
+function UnsetBrowserCookies(){
+	//These cookies expired an hour ago! What are you doind browser? :D
+	setcookie("pp_sid", '', time() - 3600);
+	setcookie("pp_skey", '', time() - 3600);
+}
+function GetUsernameByID(){
+	//Placeholder
+}
+?>
--- a/index.php
+++ b/index.php
@ -21,16 +21,63 @@
      <li><a href="#">Page 2</a></li>
    </ul>
    <ul class="nav navbar-nav navbar-right">
-      <li><a href="#"><span class="glyphicon glyphicon-user"></span> Sign Up</a></li>
-      <li><a href="#"><span class="glyphicon glyphicon-log-in"></span> Login</a></li>
+	  <?php
+	    include "includes/user.php";
+		$userID = -1;
+		if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
+		  $userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
+	    if($userID == -1){
+			echo "<li><a href=\"#\"><span class=\"glyphicon glyphicon-user\"></span> Sign Up</a></li>";
+			echo "<li><a data-toggle=\"modal\" data-target=\"#LoginPopup\" href=\"#\"><span class=\"glyphicon glyphicon-log-in\"></span> Login</a></li>";
+		} else {
+			echo "<li><a href=\"login.php?logout=1\"><span class=\"glyphicon glyphicon-log-out\"></span> Logout</a></li>";
+		}
+	  ?>
    </ul>
  </div>
 </nav>
+<!-- LoginPopup -->
+<div id="LoginPopup" class="modal fade" role="dialog">
+  <div class="modal-dialog">
+
+    <div class="modal-content">
+      <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal">&times;</button>
+        <h4 class="modal-title">Login</h4>
+      </div>
+      <div class="modal-body">
+	  <!-- Login form -->
+        <form role="form" method="POST" action="login">
+          <div class="form-group">
+            <label for="user">Username:</label>
+            <input type="user" class="form-control" id="user" name="user">
+          </div>
+          <div class="form-group">
+            <label for="pwd">Password:</label>
+            <input type="password" class="form-control" id="pwd" name="pwd">
+          </div>
+          <div class="checkbox">
+            <label><input type="checkbox" name="remember"> Remember me</label>
+          </div>
+		  <input type='hidden' name='type' value='login'></input>
+          <button type="submit" class="btn btn-default">Submit</button>
+        </form>
+	  <!-- END Login form -->
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
+      </div>
+    </div>
+
+  </div>
+</div>
 <!-- Content -->
 <?php
 if (isset($_GET["page"])){
  if($_GET["page"] == "create"){
    include "NewPaste.php";
+  } else if($_GET["page"] == "login"){
+    include "login.php";
  } else {
 	  $uid = $_GET["page"];
 	  include "ViewPaste.php";
--- a/login.php
+++ b/login.php
@ -0,0 +1,55 @@
+<?php
+function generate_skey(){
+        $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
+        $key  = '';
+        for ($i = 0; $i < 32; $i++) {
+            $key .= $chars[mt_rand(0, 61)];
+        }
+        return $key;
+}
+if(isset($_GET["logout"])){
+	include "includes/user.php";
+	if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
+		LogOutUserBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
+		UnsetBrowserCookies();
+	}
+	header("Location: index.php");
+}
+if(isset($_POST["type"])){
+	if($_POST["type"]=="login" && isset($_POST["user"]) && isset($_POST["pwd"])){
+		//Get options
+		$user = $_POST["user"];
+		$pwd = $_POST["pwd"];
+		$remember = 0;
+		if(isset($_POST["remember"]) && $_POST["remember"]=="on")
+			$remember = 1;
+		//Try to login
+		include "config/config.php";
+		$stmt = $conn->prepare('SELECT * FROM users WHERE user=?');
+		$stmt->execute(array($user));
+		if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
+			if (password_verify($pwd, $result["password"])){ //$hash = password_hash($pwd ,CRYPT_BLOWFISH);
+				$skey = generate_skey();
+				$stmt = $conn->prepare("INSERT INTO sessions (skey, uid)
+					VALUES (:skey, :uid)");
+				$stmt->bindParam(':skey', $skey);
+				$stmt->bindParam(':uid', $result["id"]);
+				$stmt->execute();
+				$sid = $conn->lastInsertId();
+				$conn = null;
+				if($remember == 1){
+					setcookie("pp_sid", $sid, time()+63072000); //Dies in 2 years
+					setcookie("pp_skey", $skey, time()+63072000); //Dies in 2 years
+				} else {
+					setcookie("pp_sid", $sid); //Dies when browser closes
+					setcookie("pp_skey", $skey); //Dies when browser closes
+				}
+				header("Location: index.php");
+				die();
+			}
+			else echo "No!";		//TODO: Wrong password
+		} else echo "Fail!";		//TODO: No user or SQL fail.
+		$conn = null;
+	}
+}
+?>
--- a/post.php
+++ b/post.php
@ -12,7 +12,7 @@ function generate_uid () {
 		$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
 		$name  = '';
 		for ($i = 0; $i < 8; $i++) {
-			$name .= $chars[mt_rand(0, 25)];
+			$name .= $chars[mt_rand(0, 61)];
 			// $chars string length is hardcoded, should use a variable to store it?
 		}
 		// Check if a paste with the same uid does already exist in the database