<?php require("header.php"); if ($_SERVER['REQUEST_METHOD'] == 'POST') {

1. <?php
2. require("header.php");
3.  
4. if ($_SERVER['REQUEST_METHOD'] == 'POST') {
5. if (isset($_POST['username']) && isset($_POST['password'])) {
6. $username = $_POST['username'];
7. $password = $_POST['password'];
8.  
9. if (preg_match("/^[A-Z][a-z]+\s[A-Z][a-z]+$/", $username) && preg_match("/^[\w]{6,}$/", $password)) {
10. $query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
11. $result = $Conn->query($query);
12. $count = mysqli_num_rows($result);
13. if ($count == 1) {
14. while($row = $result->fetch_assoc()) {
15. if ($row['active'] == 1) {
16. $user = $username;
17. $ip = $_SERVER['REMOTE_ADDR'];
18. $query2 = "INSERT INTO logs (user, ip, type, target, text) VALUES ('$user', '$ip', 'login', 'system', 'Logged in.')";
19. $result2 = $Conn->query($query2);
20.  
21.  
22. $_SESSION['username'] = $username;
23. $_SESSION['id'] = $row['id'];
24. } elseif ($row['active'] == 0) {
25. $Error = "Account not verified. Contact system admin to be verified.";
26. } elseif ($row['active'] == -1) {
27. $Error = "Account deactivated. Contact system admin to be reactivated.";
28. }
29. }
30. } else {
31. $Error = "Invalid username or password.";
32. }
33. } else {
34. $Error = "Invalid username or password.";
35. }
36. }
37. }
38.  
39. if (isset($_SESSION['username'])) {
40. header('Location: index.php');
41. }
42.  
43. ?>
44. <div class="container">
45.  
46. <form class="form-signin" method="post">
47. <h2 class="form-signin-heading">Admin Panel <small>Sign In</small></h2>
48. <label for="username" class="sr-only">Username</label>
49. <input type="text" name="username" id="username" class="form-control" placeholder="Username" required autofocus>
50. <label for="password" class="sr-only">Password</label>
51. <input type="password" name="password" id="password" class="form-control" placeholder="Password" required>
52. <?php if (isset($Error)) echo "<div class=\"alert alert-danger\" style=\"margin-bottom:0px;\" role=\"alert\">$Error</div><br>"; ?>
53. <button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
54. <input type="hidden" id="loginAttempted" value="beepboop">
55. </form>
56. <form class="form-signin" action="register.php">
57. <button class="btn btn-lg btn-secondary btn-block btn-sm" type="submit">Register</button>
58. </form>
59.  
60. </div> <!-- /container -->
61.  
62.  
63. <?php
64. require("footer.php");
65. ?>