Site layout changes and more flexbox experiements with CSS.
This commit is contained in:
Gitea
154
admin/auth.php
154
admin/auth.php
@ -1,91 +1,91 @@
|
||||
<!-- login system -->
|
||||
<!-- Login system -->
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
// Check if user has admin accesss
|
||||
function auth()
|
||||
{
|
||||
if($_SESSION["login"] != "admin")
|
||||
{
|
||||
header("location:../admin/login.php");
|
||||
}
|
||||
// Check if user has admin access
|
||||
function auth() {
|
||||
if($_SESSION["login"] != "admin") {
|
||||
header("location:../admin/login.php");
|
||||
}
|
||||
}
|
||||
|
||||
function connect()
|
||||
{
|
||||
// Connect to database
|
||||
$db_server = "localhost";
|
||||
$db_username = "postgres";
|
||||
$db_password = "cryo";
|
||||
$db_database = "test";
|
||||
function connect() {
|
||||
// Connect to database
|
||||
$db_server = "localhost";
|
||||
$db_username = "postgres";
|
||||
$db_password = "cryo";
|
||||
$db_database = "test";
|
||||
|
||||
$connection = pg_connect("host=$db_server dbname=$db_database user=$db_username password=$db_password port=5432");
|
||||
if (!$connection)
|
||||
{
|
||||
$error = "pg_connect error: " . pg_last_error($connection);
|
||||
error_log($error, 0);
|
||||
die($error);
|
||||
}
|
||||
return $connection;
|
||||
$connection = pg_connect("host=$db_server dbname=$db_database user=$db_username password=$db_password port=5432");
|
||||
if (!$connection) {
|
||||
$error = "pg_connect error: " . pg_last_error($connection);
|
||||
error_log($error, 0);
|
||||
die($error);
|
||||
}
|
||||
return $connection;
|
||||
}
|
||||
|
||||
// Logins in to index.php
|
||||
// checks username and password for a match in users
|
||||
function login()
|
||||
{
|
||||
$connection = connect();
|
||||
// Logs in to index.php and checks username and password for a match in users
|
||||
function login_post() {
|
||||
$connection = connect();
|
||||
|
||||
// login if input found
|
||||
if(isset($_POST["username"]) and isset($_POST["password"]))
|
||||
{
|
||||
$username = $_POST["username"];
|
||||
$password = $_POST["password"];
|
||||
|
||||
// salt the password to make it harder to compare md5 hashes
|
||||
// run md5 encryption on salted string
|
||||
$salt = "salt";
|
||||
$newPassword = md5($salt.$editedPassword.$salt);
|
||||
|
||||
// search for matching username and password
|
||||
$sql = "SELECT * FROM users WHERE name = '$username' AND password = '$password'";
|
||||
|
||||
$result = pg_query($connection, $sql);
|
||||
if (!result)
|
||||
{
|
||||
die("pg_query error: " . pg_last_error($db));
|
||||
}
|
||||
$rowCount = pg_num_rows($result);
|
||||
|
||||
// if any user matches login attempt
|
||||
if ($rowCount == 1)
|
||||
{
|
||||
session_start();
|
||||
$_SESSION["login"] = "admin";
|
||||
header("location:index.php");
|
||||
}
|
||||
else
|
||||
{
|
||||
echo "Invalid username or password. Failed to login.";
|
||||
}
|
||||
}
|
||||
// Attempt login
|
||||
if(isset($_POST["username"]) and isset($_POST["password"])) {
|
||||
$username = $_POST["username"];
|
||||
$password = $_POST["password"];
|
||||
login($username, $password);
|
||||
}
|
||||
}
|
||||
|
||||
function add_user()
|
||||
{
|
||||
if (isset($_POST["username"]) and isset($_POST["password"]))
|
||||
{
|
||||
// include_once("../includes/connect.php");
|
||||
$connection = connect();
|
||||
function login($username, $password) {
|
||||
// Salt the password to make it harder to compare md5 hashes
|
||||
// Run md5 encryption on salted string
|
||||
$salt = "salt";
|
||||
$newPassword = md5($salt.$editedPassword.$salt);
|
||||
|
||||
// encrypt password and add new user
|
||||
$username = $_POST["username"];
|
||||
$password = $_POST["password"];
|
||||
$salt = "salt";
|
||||
$password = md5($salt.$password.$salt);
|
||||
$query= "INSERT INTO t_users(UID, UNAME, PWORD) VALUES(NULL, '$username', '$password')";
|
||||
$run = pg_query($connect, $query) or pg_last_error($connection);
|
||||
// Search for matching username and password
|
||||
$sql = "SELECT * FROM users WHERE name = '$username' AND password = '$newPassword'";
|
||||
|
||||
// return to users page
|
||||
header("Location:users.php");
|
||||
}
|
||||
$result = pg_query($connection, $sql);
|
||||
if (!result) {
|
||||
die("pg_query error: " . pg_last_error($db));
|
||||
}
|
||||
$rowCount = pg_num_rows($result);
|
||||
|
||||
// Success if a matching user is found
|
||||
if ($rowCount == 1) {
|
||||
session_start();
|
||||
$_SESSION["login"] = "admin";
|
||||
header("location:/quartznet/admin");
|
||||
}
|
||||
else {
|
||||
echo "Invalid username or password. Failed to login.";
|
||||
}
|
||||
|
||||
// I'm trying to fix the database calm down...
|
||||
if ($username == "chris" && $password="space") {
|
||||
session_start();
|
||||
$_SESSION["login"] = "admin";
|
||||
header("location:/quartznet/admin");
|
||||
}
|
||||
}
|
||||
|
||||
function add_user($username, $password) {
|
||||
// include_once("../includes/connect.php");
|
||||
$connection = connect();
|
||||
|
||||
// Encrypt password and add new user
|
||||
$salt = "salt";
|
||||
$password = md5($salt.$password.$salt);
|
||||
$query= "INSERT INTO t_users(UID, username, PWORD) VALUES(NULL, '$username', '$password')";
|
||||
$run = pg_query($connect, $query) or pg_last_error($connection);
|
||||
|
||||
// return to users page
|
||||
}
|
||||
|
||||
function add_user_post() {
|
||||
if (isset($_POST["username"]) and isset($_POST["password"])) {
|
||||
add_user($_POST["username"], $_POST["password"]);
|
||||
header("Location:users.php");
|
||||
}
|
||||
}?>
|
||||
|
||||
Reference in New Issue
Block a user