Cyclone-Team/e949
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Регистрация

Browse Source 
Фронт (стили+страница), полировка стр. логина, микроправки и микрооптимизации
This commit is contained in:
Shr3dd3r
2024-01-15 04:58:29 +03:00
parent 4e1c36d670
commit c48f837738
11 changed files with 161 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
api/_auth.php
View File

@@ -34,7 +34,7 @@ $THIS_USER = null; // ID of logged in user
if (session_status() === PHP_SESSION_ACTIVE && isset($_SESSION["userid"])) { // If there are active session
// Check if user still exist
$s = $db->prepare("SELECT * FROM users WHERE id = ?");
$s = $db->prepare("SELECT id FROM users WHERE id = ?");
$s->bind_param("s", $_SESSION["userid"]);
$s->execute();
if (!(bool)$s->get_result()->fetch_assoc()) { // If not, then destroy session
@@ -47,6 +47,7 @@ if (session_status() === PHP_SESSION_ACTIVE && isset($_SESSION["userid"])) { //
die("ERROR: please enable sessions in php config");
}
// HACK
if ($Config["debug"] && isset($_REQUEST["debug"])) { // If there are not any session and debug mode is on
// ATTENTION: FOR DEBUG PURPOSES ONLY!
if ($_REQUEST["debug"] == "drop") {

10
api/user/create.php
View File

@@ -63,7 +63,7 @@ function User_Create_Method (array $req): ReturnT {
// Input sanity checks
// If registration turned off
// If registration is turned off
if (!$Config["registration"]["active"])
return new ReturnT(err_code: E_AUT_REGCLOSED);
@@ -77,8 +77,8 @@ function User_Create_Method (array $req): ReturnT {
$password = $req["password"];
// If password is too weak
if (strlen($password) < 8)
return new ReturnT(err_code: E_AUT_PWD2WEAK);
if (strlen($password) < $Config["registration"]["min_passw_len"])
return new ReturnT(err_code: E_AUT_PWD2WEAK, err_desc: "password must contain at least " . strval($Config["registration"]["min_passw_len"]) . " characters");
// If we need email but it isnt supplied
if ($Config["registration"]["need_email"] && !isset($req["email"])) {
@@ -95,13 +95,13 @@ function User_Create_Method (array $req): ReturnT {
} elseif (isset($req["invite_id"])) {
// TODO: check invite and reject if it invalid
//$invite_id = $req["invite_id"];
return new ReturnT(err_code: E_UNS_NOTIMPL, err_desc: "invitations are not implemented");
return new ReturnT(err_code: E_UNS_NOTIMPL, err_desc: "invitations are not implemented yet");
}
// Check login and password for pattern match
$preg_str = "/[^" . $Config["registration"]["allowed_syms"] . "]/";
if (preg_match($preg_str, $login) || preg_match($preg_str, $password))
return new ReturnT(err_code: E_UIN_BADARGS, err_desc: "only allowed symbols are: " . $Config["registration"]["allowed_syms"]);
return new ReturnT(err_code: E_UIN_BADARGS, err_desc: "only allowed symbols in login and password are: " . $Config["registration"]["allowed_syms"]);
// Check if login already exists
if (User_LoginExist($login))

2
api/user/login.php
View File

@@ -43,7 +43,7 @@ function User_Login_Method (array $req): ReturnT {
return new ReturnT(err_code: E_AUT_WRONGCREDS, err_desc: "you must supply both login and password");
// Checking if password is correct
$s = $db->prepare("SELECT * FROM users WHERE login = ?");
$s = $db->prepare("SELECT id,password_hash,salt FROM users WHERE login = ?");
$s->bind_param("s", $login);
$s->execute();
$d = $s->get_result()->fetch_assoc();