Just added second type login method

siamon123 · Oct 28, 2015 · d47eca7 · d47eca7
1 parent 0d1ebd7
commit d47eca7
Show file tree

Hide file tree

Showing 5 changed files with 88 additions and 36 deletions.
diff --git a/auth_v2.php b/auth_v2.php
@@ -0,0 +1,40 @@
+<?php include_once('includes/load.php'); ?>
+<?php
+$req_fields = array('username','password' );
+validate_fields($req_fields);
+$username = remove_junk($_POST['username']);
+$password = remove_junk($_POST['password']);
+
+  if(empty($errors)){
+
+    $user = authenticate_v2($username, $password);
+
+        if($user):
+           //create session with id
+           $session->login($user['id']);
+           //Update Sign in time
+           updateLastLogIn($user['id']);
+           // redirect user to group home page by user level
+           if($user['user_level'] === '1'):
+             $session->msg("s", "Hello ".$user['username'].", Welcome to OSWA-INV.");
+             redirect('admin.php',false);
+           elseif ($user['user_level'] === '2'):
+              $session->msg("s", "Hello ".$user['username'].", Welcome to OSWA-INV.");
+             redirect('special.php',false);
+           else:
+              $session->msg("s", "Hello ".$user['username'].", Welcome to OSWA-INV.");
+             redirect('home.php',false);
+           endif;
+
+        else:
+          $session->msg("d", "Sorry Username/Password incorrect.");
+          redirect('index.php',false);
+        endif;
+
+  } else {
+
+     $session->msg("d", $errors);
+     redirect('login_v2.php',false);
+  }
+
+?>
diff --git a/includes/.DS_Store b/includes/.DS_Store
diff --git a/includes/sql.php b/includes/sql.php
@@ -96,6 +96,27 @@ function authenticate($username='', $password='') {
     }
    return false;
   }
+  /*--------------------------------------------------------------*/
+  /* Login with the data provided in $_POST,
+  /* coming from the login_v2.php form.
+  /* If you used this method then remove authenticate function.
+ /*--------------------------------------------------------------*/
+   function authenticate_v2($username='', $password='') {
+     global $db;
+     $username = $db->escape($username);
+     $password = $db->escape($password);
+     $sql  = sprintf("SELECT id,username,password,user_level FROM users WHERE username ='%s' LIMIT 1", $username);
+     $result = $db->query($sql);
+     if($db->num_rows($result)){
+       $user = $db->fetch_assoc($result);
+       $password_request = sha1($password);
+       if($password_request === $user['password'] ){
+         return $user;
+       }
+     }
+    return false;
+   }
+
 
   /*--------------------------------------------------------------*/
   /* Find current log in user by session id

diff --git a/login_v2.php b/login_v2.php
@@ -0,0 +1,27 @@
+<?php
+  ob_start();
+  require_once('includes/load.php');
+  if($session->isUserLoggedIn(true)) { redirect('home.php', false);}
+?>
+
+<div class="login-page">
+    <div class="text-center">
+       <h1>Welcome</h1>
+       <p>Sign in to start your session</p>
+     </div>
+     <?php echo display_msg($msg); ?>
+      <form method="post" action="auth_v2.php" class="clearfix">
+        <div class="form-group">
+              <label for="username" class="control-label">Username</label>
+              <input type="name" class="form-control" name="username" placeholder="Username">
+        </div>
+        <div class="form-group">
+            <label for="Password" class="control-label">Password</label>
+            <input type="password" name= "password" class="form-control" placeholder="password">
+        </div>
+        <div class="form-group">
+                <button type="submit" class="btn btn-info  pull-right">Login</button>
+        </div>
+    </form>
+</div>
+<?php include_once('layouts/header.php'); ?>
diff --git a/sample.php b/sample.php