Реструктура стилей, страница логина, уведомления
This commit is contained in:
@@ -0,0 +1,89 @@
|
||||
<?php
|
||||
// Logging into account
|
||||
|
||||
|
||||
|
||||
// Includes
|
||||
if ($IS_FRONTEND) {
|
||||
require_once("api/_auth.php");
|
||||
require_once("api/_utils.php");
|
||||
require_once("api/_errorslist.php");
|
||||
require_once("api/_types.php");
|
||||
require_once("api/user/index.php");
|
||||
} else {
|
||||
require_once("../_auth.php");
|
||||
require_once("../_utils.php");
|
||||
require_once("../_errorslist.php");
|
||||
require_once("../_types.php");
|
||||
require_once("./index.php");
|
||||
}
|
||||
|
||||
|
||||
|
||||
// Methods
|
||||
|
||||
/*
|
||||
* METHOD
|
||||
* Log into existing user account
|
||||
*/
|
||||
function User_Login_Method (array $req): ReturnT {
|
||||
global $db, $LOGGED_IN, $THIS_USER;
|
||||
|
||||
$login = $req["login"];
|
||||
$password = $req["password"];
|
||||
|
||||
// Input sanity checks
|
||||
|
||||
// If already logged in
|
||||
if ($LOGGED_IN)
|
||||
return new ReturnT(err_code: E_AUT_ALRLOGIN, err_desc: "you are already logged in");
|
||||
|
||||
// If no password or login supplied
|
||||
if (!isset($login) || !isset($password))
|
||||
return new ReturnT(err_code: E_AUT_WRONGCREDS, err_desc: "you must supply both login and password");
|
||||
|
||||
// Checking if password is correct
|
||||
$s = $db->prepare("SELECT * FROM users WHERE login = ?");
|
||||
$s->bind_param("s", $login);
|
||||
$s->execute();
|
||||
$d = $s->get_result()->fetch_assoc();
|
||||
|
||||
// Wrong login
|
||||
if (!(bool)$d)
|
||||
return new ReturnT(err_code: E_AUT_WRONGCREDS, err_desc: "wrong login or password");
|
||||
|
||||
$suppl_pwd_hash = hash("sha256", $password . $d["salt"], true);
|
||||
$real_pwd_hash = $d["password_hash"];
|
||||
|
||||
// Wrong password
|
||||
if ($suppl_pwd_hash !== $real_pwd_hash)
|
||||
return new ReturnT(err_code: E_AUT_WRONGCREDS, err_desc: "wrong login or password");
|
||||
|
||||
// Actions
|
||||
|
||||
$_SESSION["userid"] = $d["id"];
|
||||
$THIS_USER = $d["id"];
|
||||
|
||||
return new ReturnT(data: true);
|
||||
}
|
||||
|
||||
|
||||
|
||||
if (Utils_ThisFileIsRequested(__FILE__)) {
|
||||
require_once("../_json.php");
|
||||
|
||||
// HACK: for debugging purposes. Will be removed later
|
||||
if ($Config["debug"])
|
||||
$_POST = $_REQUEST;
|
||||
|
||||
// Log into account
|
||||
$result = User_Login_Method($_POST);
|
||||
|
||||
// Checking result
|
||||
if ($result->IsError())
|
||||
$result->ThrowJSONError();
|
||||
else
|
||||
JSON_ReturnData(["success" => $result->GetData()]);
|
||||
}
|
||||
|
||||
?>
|
||||
Reference in New Issue
Block a user