-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsession.php
88 lines (78 loc) · 2.93 KB
/
session.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
<?php
session_start();
$db = new PDO('sqlite:forum.db');
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->exec("CREATE TABLE IF NOT EXISTS users (id INTEGER PRIMARY KEY AUTOINCREMENT, username TEXT NOT NULL, password TEXT NOT NULL)");
$db->exec("CREATE TABLE IF NOT EXISTS posts (id INTEGER PRIMARY KEY AUTOINCREMENT, title TEXT NOT NULL, content TEXT NOT NULL, user_id INTEGER NOT NULL, date DATETIME, FOREIGN KEY (user_id) REFERENCES users(id))");
if (isset($_POST['login'])) {
$username = htmlspecialchars(trim($_POST['username']));
$password = htmlspecialchars($_POST['password']);
if (empty($username) || empty($password)) {
echo 'Please enter username and password';
exit;
}
$query = "SELECT * FROM users WHERE username=:username AND password=:password";
$stmt = $db->prepare($query);
$stmt->execute(array(':username' => $username, ':password' => $password));
$user = $stmt->fetch();
if ($user) {
$_SESSION['user_id'] = $user['id'];
setcookie('user_id', $user['id'], time() + (365 * 24 * 60 * 60), '/');
header('Location: index.php');
exit;
} else {
echo 'Invalid username or password';
exit;
}
} elseif (isset($_POST['register'])) {
$username = htmlspecialchars(trim($_POST['username']));
$password = htmlspecialchars($_POST['password']);
if (empty($username) || empty($password)) {
echo 'Please enter username and password';
exit;
}
$query = "SELECT * FROM users WHERE username=:username";
$stmt = $db->prepare($query);
$stmt->execute(array(':username' => $username));
$user = $stmt->fetch();
if ($user) {
echo 'Username already taken';
exit;
}
$query = "INSERT INTO users (username, password) VALUES (:username, :password)";
$stmt = $db->prepare($query);
$stmt->execute(array(':username' => $username, ':password' => $password));
$_SESSION['user_id'] = $db->lastInsertId();
setcookie('user_id', $_SESSION['user_id'], time() + (365 * 24 * 60 * 60), '/');
header('Location: index.php');
exit;
}
?>
<!DOCTYPE html>
<html lang="en" data-bs-theme="dark">
<head>
<title>HiroFORUM - Login/Register</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
</head>
<body>
<div align="center">
<br><br><br><br><br><br>
<h1>Login and Register</h1>
<form method="post">
<div>
<input type="text" name="username" class="form-control rounded-3" id="floatingInput" placeholder="Username">
</div>
<br>
<div>
<input type="password" name="password" class="form-control rounded-3" id="floatingPassword" placeholder="Password">
</div>
<br>
<div>
<button class="btn btn-primary fw-bold rounded w-50" type="submit" name="login">Login</button>
<button class="btn btn-primary fw-bold rounded w-50" type="submit" name="register">Register</button>
</div>
</form>
</div>
</body>
</html>