Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- declare(strict_types=1);
- // Start session.
- session_start();
- // Include helper functions.
- require_once 'helpers.php';
- // Redirect user to homepage/dashboard if authenticated.
- if (check_auth()) {
- redirect('index.php');
- return;
- }
- if ($_SERVER['REQUEST_METHOD'] === 'POST') {
- $pdo = new PDO('mysql:host=localhost;dbname=test;charset=utf8mb4', 'root', '', [
- PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
- PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_OBJ,
- PDO::ATTR_EMULATE_PREPARES => false,
- ]);
- $stmt = $pdo->prepare('SELECT * FROM accounts WHERE username = ?');
- $stmt->execute([$_POST['username']]);
- $user = $stmt->fetch();
- if (! ($user && password_verify($_POST['password'], $user->password))) {
- echo json_encode([
- 'success' => false,
- 'message' => 'These credentials don\'t match our records.',
- ]);
- return;
- }
- // Log user in if another is not authenticated.
- if (filesize('current_user.txt') === 0) {
- file_put_contents('current_user.txt', json_encode([
- 'user_id' => $user->id,
- 'created_at' => (new DateTime('now'))->format('Y-m-d H:i:s'),
- ]));
- $_SESSION['user_id'] = $user->id;
- echo json_encode([
- 'success' => true,
- ]);
- return;
- }
- $trace = json_decode(file_get_contents('current_user.txt'));
- // Log user in if the last authenticated user is himself/herself.
- if ((int) $trace->user_id === $user->id) {
- $trace->created_at = (new DateTime('now'))->format('Y-m-d H:i:s');
- file_put_contents('current_user.txt', json_encode($trace));
- $_SESSION['user_id'] = $user->id;
- echo json_encode([
- 'success' => true,
- ]);
- return;
- }
- // Ask user if he/she wants to take over.
- echo json_encode([
- 'success' => false,
- 'takeover' => true,
- 'message' => 'Another user is logged in. Do you want to take over?',
- ]);
- return;
- }
- ?>
- <!doctype html>
- <html lang="en">
- <head>
- <meta charset="UTF-8">
- <meta name="viewport"
- content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
- <meta http-equiv="X-UA-Compatible" content="ie=edge">
- <title>Login</title>
- </head>
- <body>
- <form method="post" id="form">
- <div>
- <label for="email">Email:</label>
- <input type="text" name="username" placeholder="Username" id="username" required>
- </div>
- <div>
- <label for="password">Password:</label>
- <input type="password" id="password" name="password" placeholder="Password">
- </div>
- <div>
- <span id="message" style="color: red;"></span>
- </div>
- <button>Log in</button>
- </form>
- <script src="https://code.jquery.com/jquery-3.5.1.min.js"></script>
- <script>
- $(function () {
- $('#form').submit(function (e) {
- e.preventDefault();
- $('#message').text('');
- $.post('login.php', $(this).serialize(), function (response) {
- const res = JSON.parse(response);
- if (res.takeover) {
- // Ask user if he/she wants to take over. If user confirms, run `confirmed()` function.
- confirm(res.message) && confirmed();
- return;
- }
- if (res.success) {
- // Login is successful. Reload or redirect user to another page.
- location.reload();
- } else {
- // Login failed. Incorrect email or password entered.
- $('#message').text(res.message || '');
- }
- });
- });
- function confirmed() {
- $.post('confirmed.php', function (response) {
- const res = JSON.parse(response);
- console.log(res.data);
- });
- }
- });
- </script>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement