<?php session_start();if(!isset($_SESSION['ID'])) { if(isset($_POST['submi

1. <?php
2. session_start();
3. if(!isset($_SESSION['ID'])) {
4. if(isset($_POST['submit'])) {
5. $user_username = mysqli_real_escape_string($dbc, trim($_POST['username']));
6. $user_password = mysqli_real_escape_string($dbc, trim($_POST['password']));
7. $password = strtoupper(hash("whirlpool", $user_password));
8.  
9. $user_username = strip_tags($user_username);
10. $user_password = strip_tags($user_password);
11. $password = strip_tags($password);
12.  
13. if(!empty($user_username) && !empty($user_password)) {
14. $query = "SELECT * FROM `accounts` WHERE Username = '$user_username' AND Password = '$password'";
15. $data = mysqli_query($dbc,$query);
16. if(mysqli_num_rows($data) == 1) {
17. $row = mysqli_fetch_assoc($data);
18. $_SESSION['ID'] = $row['ID'];
19. $_SESSION['IP'] = $row['IP'];
20. $_SESSION['Username']=$row['Username'];
21. $_SESSION['username']=$row['Username'];
22. $_SESSION['email']=$row['email'];
23. $_SESSION['adminlevel'] = $row['adminlevel'];
24. $_SESSION['RegisterDate'] = $row['RegisterDate'];
25. $_SESSION['LoginDate'] = $row['LoginDate'];
26. $home_url = 'https://' . $_SERVER['HTTP_HOST'];
27. header('Location: '. $home_url);
28. }
29. else {
30. echo '<div class="alert alert-danger" role="alert">
31. <strong>Ошибка! </strong> Вы ввели неправильные данные.
32. </div>';
33. }
34. }
35. else {
36. echo '<div class="alert alert-danger" role="alert">
37. <strong>Ошибка!</strong> Вы не заполнили все поля.
38. </div>';
39. }
40. }
41. }
42. ?>
43. <!DOCTYPE html>
44. <html>
45. <?php
46. include 'includes/head.php';
47. ?>
48. <body>
49. <?php
50. include 'includes/header.php';
51. ?>
52. <div class="container-fluid">
53. <div class="container-fluid" style="padding-top: 5em;">
54. <div class="row">
55. <div class="col-md-1"></div>
56. <div class="col-md-10">
57. <br><br>
58. <?php
59. if(empty($_SESSION['Username'])) {
60. ?>
61. <h1 class="text-center">Вход в систему</h1><br>
62. <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
63. <div class="input-group margin-bottom-sm">
64. <span class="input-group-addon"><i class="fa fa-user fa-fw" aria-hidden="true"></i></span>
65. <input class="form-control" type="text" placeholder="Логин" name="username">
66. </div><br>
67. <div class="input-group">
68. <span class="input-group-addon"><i class="fa fa-key fa-fw" aria-hidden="true"></i></span>
69. <input class="form-control" type="password" placeholder="Пароль" name="password" autocomplete="off">
70. </div>
71. <br>
72. <button type="submit" name="submit" class="btn btn-outline-success btn-block">Вход</button>
73. </form>
74. <br>
75. <div class="container">
76. <a href="registration.php"> Регистрация</a><br>
77. </div>
78. </div>
79. </div>
80. <?php
81. include 'includes/footer.php';
82. }
83. else {
84. ?>
85. <div class="text-center">
86. <h2>Вы авторизованы.</h2>
87. <p>Здравствуйте, <?php echo $_SESSION['Username']; ?>.</p>
88. </div>
89. <?php
90. include "includes/footer.php";
91. ?>
92. <?php
93. }
94. ?>
95. <div class="col-sm-1"></div>
96. <script src="https://code.jquery.com/jquery-3.1.1.slim.min.js" integrity="sha384-A7FZj7v+d/sdmMqp/nOQwliLvUsJfDHW+k9Omg/a/EheAdgtzNs3hpfag6Ed950n" crossorigin="anonymous"></script>
97. <script src="https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js" integrity="sha384-DztdAPBWPRXSA/3eYEEUWrWCy7G5KFbe8fFjk5JAIxUYHKkDx6Qin1DkWx51bBrb" crossorigin="anonymous"></script>
98. <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/bootstrap.min.js" integrity="sha384-vBWWzlZJ8ea9aCX4pEW3rVHjgjt7zpkNpZk+02D9phzyeVkE+jo0ieGizqPLForn" crossorigin="anonymous"></script>