diff options
| -rw-r--r-- | lib/alert.php | 43 | ||||
| -rw-r--r-- | login.php | 11 | ||||
| -rw-r--r-- | register.php | 14 |
3 files changed, 58 insertions, 10 deletions
diff --git a/lib/alert.php b/lib/alert.php new file mode 100644 index 0000000..c481018 --- /dev/null +++ b/lib/alert.php @@ -0,0 +1,43 @@ +<?php +include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/utils.php'; + +function create_alert(string $redirect, int $code, string|null $message, mixed $data) +{ + if (IS_JSON_REQUEST) { + return json_response($code, $message, $data); + } else { + http_response_code($code); + $loc = "Location: $redirect"; + if ($message) { + $loc .= "?e=$code%20$message"; + } + header($loc); + return "$code $message"; + } +} + +function display_alert() +{ + if (!isset($_GET['e']) || empty(trim($_GET['e']))) { + return; + } + + $message = $_GET['e']; + $parts = explode(' ', $message, 2); + + $code = intval($parts[0]); + + if (count($parts) > 1) { + $reason = $parts[1]; + } + + if (isset($reason)) { + echo '<div class="alert'; + if ($code > 299) { + echo ' red'; + } + echo '">'; + echo "<p>$reason</p>"; + echo '</div>'; + } +}
\ No newline at end of file @@ -2,13 +2,14 @@ include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/partials.php'; include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/utils.php'; include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/config.php'; +include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/alert.php'; if ($_SERVER['REQUEST_METHOD'] == 'POST') { $username = $_POST['username'] ?? null; $password = $_POST['password'] ?? null; if (!isset($username, $password)) { - exit(json_response(400, 'Username and password must be sent!', null)); + exit(create_alert('/login.php', 400, 'Username and password must be sent!', null)); } $db = new PDO(DB_URL, DB_USER, DB_PASS); @@ -18,16 +19,16 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') { $user = $stmt->fetch(PDO::FETCH_ASSOC) ?: null; if (!$user) { - exit(json_response(401, 'Incorrect username or password.', null)); + exit(create_alert('/login.php', 401, 'Incorrect username or password.', null)); } if (!password_verify($password, $user['password'])) { - exit(json_response(401, 'Incorrect username or password.', null)); + exit(create_alert('/login.php', 401, 'Incorrect username or password.', null)); } $_SESSION['user'] = $user; - exit(json_response(200, null, $user)); + exit(create_alert('/', 200, null, $user)); } ?> <!DOCTYPE html> @@ -42,6 +43,8 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') { <main> <?php html_navbar(); ?> + <?php display_alert(); ?> + <form action="/login.php" method="post" class="column gap-16"> <h1>Log in to your ilt.su account</h1> diff --git a/register.php b/register.php index 0771788..8892679 100644 --- a/register.php +++ b/register.php @@ -2,29 +2,30 @@ include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/partials.php'; include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/utils.php'; include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/config.php'; +include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/alert.php'; if ($_SERVER['REQUEST_METHOD'] == 'POST') { $username = $_POST['username'] ?? null; $password = $_POST['password'] ?? null; if (!isset($username, $password)) { - exit(json_response(400, 'Username and password must be sent!', null)); + exit(create_alert('/register.php', 400, 'Username and password must be sent!', null)); } $username = trim($username); if (!preg_match('/^[a-zA-Z0-9_]+$/', $username)) { - exit(json_response(400, 'Your username must contain only letters and numbers!', null)); + exit(create_alert('/register.php', 400, 'Your username must contain only letters and numbers!', null)); } $username_len = strlen($username); if ($username_len < 4 || $username_len > 20) { - exit(json_response(400, 'Your username must be between 4 and 20 characters long', null)); + exit(create_alert('/register.php', 400, 'Your username must be between 4 and 20 characters long', null)); } if (strlen($password) < 8) { - exit(json_response(400, 'Your password must be at least 8 characters long', null)); + exit(create_alert('/register.php', 400, 'Your password must be at least 8 characters long', null)); } $db = new PDO(DB_URL, DB_USER, DB_PASS); @@ -33,7 +34,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') { $stmt = $db->prepare('SELECT id FROM users WHERE username = ?'); $stmt->execute([$username]); if ($stmt->rowCount() > 0) { - exit(json_response(409, 'This username has been taken.', null)); + exit(create_alert('/register.php', 409, 'This username has been taken.', null)); } $userid = 0; @@ -51,7 +52,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') { $stmt->execute([$userid]); $user = $stmt->fetch(PDO::FETCH_ASSOC) ?: null; - exit(json_response(200, null, $user)); + exit(create_alert('/login.php', 200, 'Registered! Now log in to your account.', $user)); } ?> <!DOCTYPE html> @@ -65,6 +66,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') { <body> <main> <?php html_navbar(); ?> + <?php display_alert(); ?> <form action="/register.php" method="post" class="column gap-16"> <h1>Register new ilt.su account</h1> |