Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include("config.php");
- session_start();
- //Varijabla error za spremanje greske pilikom logina
- $error = "";
- //Ako je logovan tj. ako sesija jos uvijek postoji preusmjeri na panel
- if (isset($_SESSION['login_user'])) {
- header("location:admin.php");
- }
- if ($_SERVER["REQUEST_METHOD"] == "POST") {
- //Spremi unesene podatke iz polja
- $entered_username = mysqli_real_escape_string($db, $_POST['username']);
- $entered_password = mysqli_real_escape_string($db, $_POST['password']);
- //Provjeri bazu
- if (!$db) {
- printf("Konekcija s bazom ti je na postelji na UKCu odjel: %s\n", mysqli_connect_error());
- exit();
- } else {
- //Prepared statement da povuce podatke iz baze za uneseni username
- $stmt = $db->prepare("SELECT * FROM users WHERE username = ?");
- $stmt->bind_param('s', $entered_username);
- $stmt->execute();
- //Spremi podatke
- $stmt->bind_result($user_id, $username, $password, $firstname, $lastname, $role, $imagelink);
- $stmt->store_result();
- }
- //Provjeri da li postoji korisnik tj. samo jedan red kao rezultat
- if ($stmt->num_rows == 1) {
- //Fetchuj podatke
- if ($stmt->fetch()) {
- //Provjeri da li se uneseni pw poklapa sa Hashom iz baze tj. provjeri da li je pw tacan
- if (password_verify($entered_password, $password)) {
- //Provjera da li treba Rehash (ukoliko postoji noviji hash algoritam)
- if (password_needs_rehash($password, PASSWORD_DEFAULT)) {
- //Ako postoji noviji Hash po php password default algoritmu update-uj ga u bazi
- $newHash = password_hash($entered_password, PASSWORD_DEFAULT);
- $stmt_reahash = $db->prepare("INSERT INTO users (password) VALUES ('?') WHERE username = '?'");
- $stmt_reahash->bind_param('ss', $newHash, $entered_username);
- $stmt_reahash->execute();
- $stmt_reahash->close();
- }
- //Nakon provjere ili eventualnog update-a stvori sesiju i preusmjeri korisnika na panel
- $_SESSION['login_user'] = $entered_username;
- header("location: admin.php");
- } else {
- $error = "Netačan password";
- }
- }
- } else {
- $error = "Korisnik ne postoji";
- }
- $stmt->close();
- $db->close();
- }
- ?>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
- <meta name="description" content="OPIS">
- <meta name="author" content="Venan Osmic">
- <title>Store Management System - Login</title>
- <!-- Bootstrap core CSS -->
- <link href="dist/css/bootstrap.min.css" rel="stylesheet">
- <!-- Custom Styles -->
- <link href="dist/css/custom.css" rel="stylesheet">
- <!-- Custom JS -->
- <script src="dist/js/customJS.js"></script>
- </head>
- <body>
- <div class="login-page">
- <div class="form">
- <form class="login-form" action = "" method = "post">
- <p style="font-weight: bold; color:red;"> <?php
- echo $error;
- ?> </p>
- <input type="text" placeholder="username" name="username"/>
- <input type="password" placeholder="password" name="password"/>
- <button type="submit"> Login </button>
- </form>
- </div>
- </div>
- <!-- Bootstrap core JavaScript
- ================================================== -->
- <!-- Placed at the end of the document so the pages load faster -->
- <script src="https://code.jquery.com/jquery-3.1.1.slim.min.js" integrity="sha384-A7FZj7v+d/sdmMqp/nOQwliLvUsJfDHW+k9Omg/a/EheAdgtzNs3hpfag6Ed950n" crossorigin="anonymous"></script>
- <script>window.jQuery || document.write('<script src="../../assets/js/vendor/jquery.min.js"><\/script>')</script>
- <script src="https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js" integrity="sha384-DztdAPBWPRXSA/3eYEEUWrWCy7G5KFbe8fFjk5JAIxUYHKkDx6Qin1DkWx51bBrb" crossorigin="anonymous"></script>
- <script src="dist/js/bootstrap.min.js"></script>
- <!-- IE10 viewport hack for Surface/desktop Windows 8 bug -->
- <script src="../../assets/js/ie10-viewport-bug-workaround.js"></script>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
