This repository has been archived by the owner on Jan 11, 2019. It is now read-only.
/
login.php
120 lines (89 loc) · 2.64 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
<?php
// start session (starts a new one, or continues the already started one)
session_start();
// already logged in!
if (isset($_SESSION['user'])) {
header('location: index.php');
exit();
}
// var to tell if we have a login error
$formErrors = array();
// form submitted
if (isset($_POST['moduleAction']) && ($_POST['moduleAction'] == 'login')) {
// extract sent in username & password
$username = isset($_POST['username']) ? trim($_POST['username']) : '';
$password = isset($_POST['password']) ? trim($_POST['password']) : '';
// username & password are valid
// @note: this will most likely be the result of a query
if (($username != '') && ($username === $password)) {
// store user (usually returned from database) in session
$_SESSION['user'] = array(
'username' => $username
);
// redirect to index
header('location: index.php');
exit();
}
// username & password are not valid
else {
$formErrors[] = 'Invalid login credentials';
}
}
?><!DOCTYPE html>
<html lang="en">
<head>
<title>My login protected site</title>
<meta charset="utf-8" />
<style>
.note {
background: #FFFF99;
}
.error {
background: #FF9999;
}
</style>
<script>
window.addEventListener('load', function(e) {
document.getElementsByTagName('input')[0].focus();
document.forms[0].addEventListener('submit', function(e) {
e.preventDefault();
e.stopPropagation();
var formValid = (document.getElementById('username').value != '') && (document.getElementById('password').value != '');
if (!formValid) {
alert('Please enter your login credentials');
document.getElementsByTagName('input')[0].focus();
} else {
document.forms[0].submit();
}
});
});
</script>
</head>
<body>
<h1>My login protected site</h1>
<?php
if (sizeof($formErrors) > 0) {
echo '<p>Error while logging in:</p>';
echo '<ul>' . PHP_EOL;
foreach ($formErrors as $error) {
echo '<li>' . $error . '</li>';
}
echo '</ul>' . PHP_EOL;
}
?>
<form action="login.php" method="post">
<fieldset>
<legend>Please log in</legend>
<dl>
<dt><label for="username">Username</label></dt>
<dd><input type="text" name="username" id="username" value="" /></dd>
<dt><label for="password">Password</label></dt>
<dd><input type="password" name="password" id="password" value="" /></dd>
</dl>
<input type="hidden" name="moduleAction" id="moduleAction" value="login" />
<input type="submit" name="btnSubmit" value="Log in >" />
</fieldset>
</form>
<p class="note">Use the same username and password to log in. Any username and password can be used.</p>
</body>
</html>