mirror of https://github.com/pikami/palm-paste.git
Added users system! (They can login and logout)
This commit is contained in:
parent
ea3acba182
commit
beb9cdd9ec
|
@ -0,0 +1,33 @@
|
|||
<?php
|
||||
function GetUsersIDBySession($sid,$skey){
|
||||
include "config/config.php";
|
||||
//SELECT * FROM pastes WHERE uid=
|
||||
$stmt = $conn->prepare("SELECT uid FROM sessions WHERE id=:sid AND skey=:skey");
|
||||
$stmt->bindParam(':skey', $skey);
|
||||
$stmt->bindParam(':sid', $sid);
|
||||
$stmt->execute();
|
||||
if($result = $stmt->fetch()){
|
||||
$conn = null;
|
||||
return $result[0];
|
||||
} else {
|
||||
$conn = null;
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
function LogOutUserBySession($sid,$skey){
|
||||
include "config/config.php";
|
||||
$stmt = $conn->prepare("DELETE FROM sessions WHERE id=:sid AND skey=:skey");
|
||||
$stmt->bindParam(':skey', $skey);
|
||||
$stmt->bindParam(':sid', $sid);
|
||||
$stmt->execute();
|
||||
$conn = null;
|
||||
}
|
||||
function UnsetBrowserCookies(){
|
||||
//These cookies expired an hour ago! What are you doind browser? :D
|
||||
setcookie("pp_sid", '', time() - 3600);
|
||||
setcookie("pp_skey", '', time() - 3600);
|
||||
}
|
||||
function GetUsernameByID(){
|
||||
//Placeholder
|
||||
}
|
||||
?>
|
51
index.php
51
index.php
|
@ -21,16 +21,63 @@
|
|||
<li><a href="#">Page 2</a></li>
|
||||
</ul>
|
||||
<ul class="nav navbar-nav navbar-right">
|
||||
<li><a href="#"><span class="glyphicon glyphicon-user"></span> Sign Up</a></li>
|
||||
<li><a href="#"><span class="glyphicon glyphicon-log-in"></span> Login</a></li>
|
||||
<?php
|
||||
include "includes/user.php";
|
||||
$userID = -1;
|
||||
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
|
||||
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
|
||||
if($userID == -1){
|
||||
echo "<li><a href=\"#\"><span class=\"glyphicon glyphicon-user\"></span> Sign Up</a></li>";
|
||||
echo "<li><a data-toggle=\"modal\" data-target=\"#LoginPopup\" href=\"#\"><span class=\"glyphicon glyphicon-log-in\"></span> Login</a></li>";
|
||||
} else {
|
||||
echo "<li><a href=\"login.php?logout=1\"><span class=\"glyphicon glyphicon-log-out\"></span> Logout</a></li>";
|
||||
}
|
||||
?>
|
||||
</ul>
|
||||
</div>
|
||||
</nav>
|
||||
<!-- LoginPopup -->
|
||||
<div id="LoginPopup" class="modal fade" role="dialog">
|
||||
<div class="modal-dialog">
|
||||
|
||||
<div class="modal-content">
|
||||
<div class="modal-header">
|
||||
<button type="button" class="close" data-dismiss="modal">×</button>
|
||||
<h4 class="modal-title">Login</h4>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
<!-- Login form -->
|
||||
<form role="form" method="POST" action="login">
|
||||
<div class="form-group">
|
||||
<label for="user">Username:</label>
|
||||
<input type="user" class="form-control" id="user" name="user">
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="pwd">Password:</label>
|
||||
<input type="password" class="form-control" id="pwd" name="pwd">
|
||||
</div>
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="remember"> Remember me</label>
|
||||
</div>
|
||||
<input type='hidden' name='type' value='login'></input>
|
||||
<button type="submit" class="btn btn-default">Submit</button>
|
||||
</form>
|
||||
<!-- END Login form -->
|
||||
</div>
|
||||
<div class="modal-footer">
|
||||
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
<!-- Content -->
|
||||
<?php
|
||||
if (isset($_GET["page"])){
|
||||
if($_GET["page"] == "create"){
|
||||
include "NewPaste.php";
|
||||
} else if($_GET["page"] == "login"){
|
||||
include "login.php";
|
||||
} else {
|
||||
$uid = $_GET["page"];
|
||||
include "ViewPaste.php";
|
||||
|
|
|
@ -0,0 +1,55 @@
|
|||
<?php
|
||||
function generate_skey(){
|
||||
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
|
||||
$key = '';
|
||||
for ($i = 0; $i < 32; $i++) {
|
||||
$key .= $chars[mt_rand(0, 61)];
|
||||
}
|
||||
return $key;
|
||||
}
|
||||
if(isset($_GET["logout"])){
|
||||
include "includes/user.php";
|
||||
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
|
||||
LogOutUserBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
|
||||
UnsetBrowserCookies();
|
||||
}
|
||||
header("Location: index.php");
|
||||
}
|
||||
if(isset($_POST["type"])){
|
||||
if($_POST["type"]=="login" && isset($_POST["user"]) && isset($_POST["pwd"])){
|
||||
//Get options
|
||||
$user = $_POST["user"];
|
||||
$pwd = $_POST["pwd"];
|
||||
$remember = 0;
|
||||
if(isset($_POST["remember"]) && $_POST["remember"]=="on")
|
||||
$remember = 1;
|
||||
//Try to login
|
||||
include "config/config.php";
|
||||
$stmt = $conn->prepare('SELECT * FROM users WHERE user=?');
|
||||
$stmt->execute(array($user));
|
||||
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
|
||||
if (password_verify($pwd, $result["password"])){ //$hash = password_hash($pwd ,CRYPT_BLOWFISH);
|
||||
$skey = generate_skey();
|
||||
$stmt = $conn->prepare("INSERT INTO sessions (skey, uid)
|
||||
VALUES (:skey, :uid)");
|
||||
$stmt->bindParam(':skey', $skey);
|
||||
$stmt->bindParam(':uid', $result["id"]);
|
||||
$stmt->execute();
|
||||
$sid = $conn->lastInsertId();
|
||||
$conn = null;
|
||||
if($remember == 1){
|
||||
setcookie("pp_sid", $sid, time()+63072000); //Dies in 2 years
|
||||
setcookie("pp_skey", $skey, time()+63072000); //Dies in 2 years
|
||||
} else {
|
||||
setcookie("pp_sid", $sid); //Dies when browser closes
|
||||
setcookie("pp_skey", $skey); //Dies when browser closes
|
||||
}
|
||||
header("Location: index.php");
|
||||
die();
|
||||
}
|
||||
else echo "No!"; //TODO: Wrong password
|
||||
} else echo "Fail!"; //TODO: No user or SQL fail.
|
||||
$conn = null;
|
||||
}
|
||||
}
|
||||
?>
|
2
post.php
2
post.php
|
@ -12,7 +12,7 @@ function generate_uid () {
|
|||
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
|
||||
$name = '';
|
||||
for ($i = 0; $i < 8; $i++) {
|
||||
$name .= $chars[mt_rand(0, 25)];
|
||||
$name .= $chars[mt_rand(0, 61)];
|
||||
// $chars string length is hardcoded, should use a variable to store it?
|
||||
}
|
||||
// Check if a paste with the same uid does already exist in the database
|
||||
|
|
Loading…
Reference in New Issue