eddie/willes_AI
1
0
Fork 0
Code Issues 11 Pull Requests Actions Packages Projects Releases Wiki Activity

skapade registrering, logga in och logga ut. ändrade lite i auth.php

Browse Source
This commit is contained in:
Dr3amFury
2025-07-17 20:23:16 +02:00
parent 9b8e7de960
commit 03159e12b5
6 changed files with 128 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
database_schema.sql
View File

@@ -4,5 +4,6 @@ CREATE TABLE users (
username VARCHAR(50) NOT NULL UNIQUE, username VARCHAR(50) NOT NULL UNIQUE,
email VARCHAR(100) NOT NULL UNIQUE, email VARCHAR(100) NOT NULL UNIQUE,
password VARCHAR(255) NOT NULL, password VARCHAR(255) NOT NULL,
uniqueid VARCHAR(255) NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
); );

18
inc/php/auth.php
View File

@@ -1,7 +1,23 @@
<?php <?php
session_start(); session_start();
require_once($_SERVER['DOCUMENT_ROOT'] . '/db.php');
if (!isset($_SESSION['user_id'])) { function isAuthenticated() {
if (!isset($_SESSION['user_id']) || !isset($_SESSION['uniqueid'])) {
return false;
}
$conn = getConnection();
$stmt = $conn->prepare("SELECT id FROM users WHERE id = :id AND uniqueid = :uniqueid");
$stmt->execute([
'id' => $_SESSION['user_id'],
'uniqueid' => $_SESSION['uniqueid'],
]);
return $stmt->fetch() !== false;
}
if (!isAuthenticated()) {
header("Location: /landing.php"); header("Location: /landing.php");
exit(); exit();
} }

43
inc/php/login.php Normal file
View File

@@ -0,0 +1,43 @@
<?php
session_start();
require_once($_SERVER['DOCUMENT_ROOT'] . '/db.php');
$errors = [];
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$user = trim($_POST['user'] ?? '');
$password = $_POST['password'] ?? '';
if (empty($user) || empty($password)) {
$errors[] = "All fields are required.";
}
if (empty($errors)) {
$conn = getConnection();
$stmt = $conn->prepare("SELECT id, password, uniqueid FROM users WHERE email = :user OR username = :user");
$stmt->execute(['user' => $user]);
$result = $stmt->fetch();
if ($result && password_verify($password, $result['password'])) {
$_SESSION['user_id'] = $result['id'];
$_SESSION['uniqueid'] = $result['uniqueid'];
header("Location: /home.php");
exit();
} else {
$errors[] = "Invalid credentials.";
}
}
}
?>
<!-- Basic form UI -->
<h2>Login</h2>
<form method="POST">
<input name="user" placeholder="Username or Email" required><br>
<input name="password" type="password" placeholder="Password" required><br>
<button type="submit">Login</button>
</form>
<?php if (!empty($errors)): ?>
<ul><?php foreach ($errors as $e) echo "<li>$e</li>"; ?></ul>
<?php endif; ?>

67
inc/php/register.php Normal file
View File

@@ -0,0 +1,67 @@
<?php
session_start();
require_once($_SERVER['DOCUMENT_ROOT'] . '/db.php');
$errors = [];
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username'] ?? '');
$email = trim($_POST['email'] ?? '');
$password = $_POST['password'] ?? '';
// Validate inputs
if (empty($username) || empty($email) || empty($password)) {
$errors[] = "All fields are required.";
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors[] = "Invalid email format.";
}
if (strlen($password) < 6) {
$errors[] = "Password must be at least 6 characters.";
}
if (empty($errors)) {
$conn = getConnection();
// Check if email or username already exists
$stmt = $conn->prepare("SELECT id FROM users WHERE email = :email OR username = :username");
$stmt->execute(['email' => $email, 'username' => $username]);
if ($stmt->fetch()) {
$errors[] = "Email or username already in use.";
} else {
$hash = password_hash($password, PASSWORD_BCRYPT, ['cost' => 12]);
$uniqueId = bin2hex(random_bytes(16)); // session ID
$insert = $conn->prepare("INSERT INTO users (username, email, password, uniqueid) VALUES (:username, :email, :password, :uniqueid)");
$insert->execute([
'username' => $username,
'email' => $email,
'password' => $hash,
'uniqueid' => $uniqueId,
]);
$_SESSION['user_id'] = $conn->lastInsertId();
$_SESSION['uniqueid'] = $uniqueId;
header("Location: /home.php");
exit();
}
}
}
?>
<!-- Basic form UI -->
<h2>Register</h2>
<form method="POST">
<input name="username" placeholder="Username" required><br>
<input name="email" type="email" placeholder="Email" required><br>
<input name="password" type="password" placeholder="Password" required><br>
<button type="submit">Register</button>
</form>
<?php if (!empty($errors)): ?>
<ul><?php foreach ($errors as $e) echo "<li>$e</li>"; ?></ul>
<?php endif; ?>

29
login.php
View File

@@ -1,29 +0,0 @@
<?php
session_start();
require_once 'db.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$email = trim($_POST['email']);
$password = $_POST['password'];
$conn = getConnection();
$stmt = $conn->prepare("SELECT id, username, password FROM Users WHERE email = ?");
$stmt->execute([$email]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
header('Location: home.php');
exit;
} else {
echo "Invalid credentials.";
}
}
?>
<form method="POST">
<input type="email" name="email" placeholder="Email" required>
<input type="password" name="password" placeholder="Password" required>
<button type="submit">Login</button>
</form>

36
register.php
View File

@@ -1,36 +0,0 @@
<?php
require_once 'db.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username']);
$email = trim($_POST['email']);
$password = $_POST['password'];
if (!$username || !$email || !$password) {
die('All fields are required.');
}
$conn = getConnection();
// Check if user exists
$stmt = $conn->prepare("SELECT id FROM Users WHERE email = ?");
$stmt->execute([$email]);
if ($stmt->fetch()) {
die('Email already registered.');
}
$hashed = password_hash($password, PASSWORD_DEFAULT);
$stmt = $conn->prepare("INSERT INTO Users (username, email, password) VALUES (?, ?, ?)");
$stmt->execute([$username, $email, $hashed]);
header('Location: login.php');
exit;
}
?>
<form method="POST">
<input type="text" name="username" placeholder="Username" required>
<input type="email" name="email" placeholder="Email" required>
<input type="password" name="password" placeholder="Password" required>
<button type="submit">Register</button>
</form>