From df49a36e140acc211fdc31480d40281404110310 Mon Sep 17 00:00:00 2001
From: Cflip <36554078+cflip@users.noreply.github.com>
Date: Fri, 22 Jan 2021 20:45:43 -0700
Subject: Inital commit with existing code
---
signin.php | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 60 insertions(+)
create mode 100644 signin.php
(limited to 'signin.php')
diff --git a/signin.php b/signin.php
new file mode 100644
index 0000000..287eeda
--- /dev/null
+++ b/signin.php
@@ -0,0 +1,60 @@
+Sign in
';
+
+if ($_SERVER['REQUEST_METHOD'] != 'POST') {
+ echo '
+
+ ';
+} else {
+ $errors = array();
+
+ if (!isset($_POST['user_name'])) {
+ $errors[] = 'Please provide a username.';
+ }
+
+ if (!isset($_POST['user_pass'])) {
+ $errors[] = 'Please provide a password.';
+ }
+
+ if (!empty($errors)) {
+ echo 'Please check the following problems: ';
+ foreach ($errors as $err) {
+ echo '- ' . $err . '
';
+ }
+ echo '
';
+ } else {
+ $sql = "SELECT user_id, user_name FROM users WHERE user_name = '" . mysqli_real_escape_string($dbc, $_POST['user_name']) . "' AND user_pass = '" . sha1($_POST['user_pass']) ."'";
+ $result = mysqli_query($dbc, $sql);
+
+ if (!$result) {
+ echo 'An error occurred while signing in.';
+ echo mysqli_error($dbc);
+ } else {
+ if (mysqli_num_rows($result) == 0) {
+ echo 'There is no user with that username/password combination! Please try again';
+ } else {
+ $_SESSION['signed_in'] = true;
+
+ while ($row = mysqli_fetch_assoc($result)) {
+ $_SESSION['user_id'] = $row['user_id'];
+ $_SESSION['user_name'] = $row['user_name'];
+ }
+
+ echo 'You are now signed in as ' . $_SESSION['user_name'];
+ }
+ }
+ }
+}
+
+echo '';
+include_once 'footer.php';
\ No newline at end of file
--
cgit v1.2.3