diff options
| -rw-r--r-- | login.php | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/login.php b/login.php new file mode 100644 index 0000000..3652a8d --- /dev/null +++ b/login.php @@ -0,0 +1,69 @@ +<?php +include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/partials.php'; +include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/utils.php'; +include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/config.php'; + +if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $username = $_POST['username'] ?? null; + $password = $_POST['password'] ?? null; + + if (!isset($username, $password)) { + exit(json_response(400, 'Username and password must be sent!', null)); + } + + $db = new PDO(DB_URL, DB_USER, DB_PASS); + + $stmt = $db->prepare('SELECT * FROM users WHERE username = ?'); + $stmt->execute([$username]); + $user = $stmt->fetch(PDO::FETCH_ASSOC) ?: null; + + if (!$user) { + exit(json_response(401, 'Incorrect username or password.', null)); + } + + if (!password_verify($password, $user['password'])) { + exit(json_response(401, 'Incorrect username or password.', null)); + } + + session_start(); + $_SESSION['user'] = $user; + + exit(json_response(200, null, $user)); +} +?> +<!DOCTYPE html> +<html> + +<head> + <title>id</title> + <link rel="stylesheet" href="/static/style.css"> +</head> + +<body> + <main> + <?php html_navbar(); ?> + + <form action="/login.php" method="post" class="column gap-16"> + <h1>Log in to your ilt.su account</h1> + + <div class="column"> + <label for="username">Username</label> + <div> + <input type="text" name="username" id="username" pattern="^[a-zA-Z0-9_]+$" required> + </div> + </div> + <div class="column"> + <label for="password">Password</label> + <div> + <input type="password" name="password" id="password" required> + </div> + </div> + <div class="row gap-8 align-bottom"> + <button type="submit">Log in</button> + <a href="/register.php">Register</a> + </div> + </form> + </main> +</body> + +</html>
\ No newline at end of file |