-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.php
74 lines (66 loc) · 1.8 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
<?php
session_start();
error_log("Login Failure: User name and password are required");
$salt = 'XyZzy12*_';
$stored_hash = hash('md5', 'XyZzy12*_php123');//'a8609e8d62c043243c4e201cbb342862'; // Pw is meow123
$failure = false; // If we have no POST data
$NeedAt = false;
// Check to see if we have some POST data, if we do process it
if ( isset($_POST['email']) && isset($_POST['pass']) )
{
if ( strlen($_POST['email']) < 1 || strlen($_POST['pass']) < 1 )
{
error_log("login failed");
$_SESSION['error'] = "User name and password are required";
header("Location: login.php");
return;
}
else if(strpos($_POST['email'], '@') === false)
{
$_SESSION['error'] = "Email must have an at-sign (@)";
header("Location: login.php");
return;
//error_log("login.php Login Failure", 3, "/var/www/html/phpErrors.log");
}
else
{
$check = hash('md5', $salt.$_POST['pass']);
if ( $check == $stored_hash )
{
$_SESSION['name'] = $_POST['email'];
header("Location: index.php");
return;
}
else
{
//error_log("login.php Login Failure", 3, "/var/www/html/phpErrors.log");
$_SESSION['error'] = "Incorrect password";
header("Location: login.php");
return;
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Kody Rogers Login Page</title>
</head>
<body>
<h1>Please Log In</h1>
<?php
if ( isset($_SESSION['error']) ) {
echo('<p style="color: red;">'.htmlentities($_SESSION['error'])."</p>\n");
unset($_SESSION['error']);
}
?>
<form method="POST">
<label for="nam">User Name</label>
<input type="text" name="email" id="nam"><br/>
<label for="id_1723">Password</label>
<input type="password" name="pass" id="id_1723"><br/>
<input type="submit" value="Log In">
<input type="submit" name="cancel" value="Cancel">
</form>
</body>
</html>