login.php (1603B) download
1<?php
2
3const login = "email";
4const pwd = "password";
5
6$login = function (&$vars) {
7 $missing_fields = Utils::missing_fields($_POST, [login, pwd]);
8
9 if(sizeof($missing_fields) > 0) {
10 $vars["msg"] = "<p style=\"color:red;\">Incorrect username or password.</p>";
11 return "views/login.html";
12 }
13
14
15 //create a SQLDatabase clas
16 $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "panda");
17 //create a Database object class, with the table User
18 $u = $db->get(Model\User::class);
19
20 //check if the email exists in db
21 if(!$u->load($_POST["email"])) {
22 $vars["msg"] = "<p style=\"color:red;\">Invalid E-Mail.</p>";
23 return "views/login.html";
24 }
25
26 if(!password_verify($_POST[pwd], $u->{pwd})) {
27 $vars["msg"] = "<p style=\"color:red;\">Invalid Password.</p>";
28 return "views/login.html";
29 }
30
31 foreach($u->getData() as $key => $data) {
32 if($key != pwd) {
33 $_SESSION[$key] = $data;
34 }
35 }
36
37 //get permissions form db and set sessions_permissions
38 $p = $db->all_where(Model\PermissionUser::class, [login => $u->{login}]);
39 $user_permissions = [];
40 foreach($p as $permission) {
41 $user_permissions[] = $permission->id_permission;
42 }
43 $_SESSION['user_permissions'] = $user_permissions;
44
45 header("Location: /dashboard");
46 exit();
47};
48
49$logout = function () {
50 // Start the session
51 session_start();
52
53 // Unset all session variables
54 $_SESSION = array();
55
56 // Destroy the session
57 session_destroy();
58
59 header("Location: /");
60 exit();
61};