login.php (1602B) download
1<?php
2
3const login = "email";
4const pwd = "password";
5
6$login = function (&$vars) {
7 $missing_fields = Utils::missing_fields($_POST, [login, pwd]);
8
9 if(sizeof($missing_fields) > 0) {
10 $vars["msg"] = "<p style=\"color:red;\">Incorrect username or password.</p>";
11 return "views/login.html";
12 }
13
14
15 //create a SQLDatabase clas
16 $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "panda");
17 //create a Database object class, with the table User
18 $u = $db->get(Model\User::class);
19
20 //check if the email exists in db
21 if(!$u->load($_POST["email"])) {
22 $vars["msg"] = "<p style=\"color:red;\">Invalid E-Mail.</p>";
23 return "views/login.html";
24 }
25
26 if(!password_verify($_POST[pwd], $u->{pwd})) {
27 $vars["msg"] = "<p style=\"color:red;\">Invalid Password.</p>";
28 return "views/login.html";
29 }
30
31 foreach($u->getData() as $key => $data) {
32 if($key != pwd) {
33 $_SESSION[$key] = $data;
34 }
35 }
36 //get permissions form db and set sessions_permissions
37 $p = $db->all_where(Model\PermissionUser::class, [login => $u->{login}]);
38 $user_permissions = [];
39 foreach($p as $permission) {
40 $user_permissions[] = $permission->id_permission;
41 }
42 $_SESSION['user_permissions'] = $user_permissions;
43
44 header("Location: /dashboard");
45 exit();
46};
47
48$logout = function () {
49 // Start the session
50 session_start();
51
52 // Unset all session variables
53 $_SESSION = array();
54
55 // Destroy the session
56 session_destroy();
57
58 header("Location: /");
59 exit();
60};