Login/registration fixes

main
Yasen Pramatarov 2024-07-01 12:45:07 +03:00
parent 7f5ca64e56
commit 306cf55cc9
13 changed files with 176 additions and 76 deletions

View File

View File

@ -0,0 +1,9 @@
<?php
$config = [
'domain' => 'localhost',
'folder' => '/jilo-web/',
'database' => '/home/yasen/work/code/git/lindeas-code/jilo-web/jilo-web.db',
];
?>

View File

@ -1,30 +1,18 @@
<?php <?php
unset($error); /**
* Jilo web logs observer
if (isset($_GET['page'])) { *
$page = $_GET['page']; * Description: A web interface to Jilo (JItsi Logs Observer), written in PHP
} elseif (isset($_POST['page'])) { * Author: Yasen Pramatarov
$page = $_POST['page']; * License: GPLv2
} else { * Project URL: https://lindeas.com/jilo
$page = 'front'; * Year: 2024
} * Version: 0.1
*/
session_start();
if ( !isset($_SESSION['user_id']) && ($page !== 'login' && $page !== 'register') ) {
header('Location: index.php?page=login');
exit();
}
if ( isset($_SESSION['username']) ) {
$user = htmlspecialchars($_SESSION['username']);
}
if (isset($error)) {
echo "<div class=\"error\">Error: $error</div>";
}
// list of available pages
// edit accordingly, add 'pages/PAGE.php'
$allowed_urls = [ $allowed_urls = [
'front', 'front',
'login', 'login',
@ -34,14 +22,77 @@ $allowed_urls = [
'config', 'config',
]; ];
include 'templates/header.php'; // cnfig file
$config_file = '/home/yasen/work/code/git/lindeas-code/jilo-web/jilo-web.conf.php';
if (in_array($page, $allowed_urls)) { if (file_exists($config_file)) {
include "pages/{$page}.php"; require_once $config_file;
} else { } else {
include 'pages/front.php'; die('Config file not found');
} }
session_start();
if (isset($_GET['page'])) {
$page = $_GET['page'];
} elseif (isset($_POST['page'])) {
$page = $_POST['page'];
} else {
$page = 'front';
}
// logged in username
if ( isset($_SESSION['username']) ) {
$user = htmlspecialchars($_SESSION['username']);
}
// redirect to login
if ( !isset($_SESSION['user_id']) && ($page !== 'login' && $page !== 'register') ) {
header('Location: index.php?page=login');
exit();
}
// we use 'notice' for all non-critical messages and 'error' for errors
if (isset($_SESSION['notice'])) {
$notice = $_SESSION['notice'];
}
if (isset($_SESSION['error'])) {
$error = $_SESSION['error'];
}
// page building
if (in_array($page, $allowed_urls)) {
// logout is a special case, as we can't use session vars for notices
if ($page == 'logout') {
// clean up session
session_unset();
session_destroy();
$notice = "You were logged out.<br />You can log in again.";
include 'templates/header.php';
include 'templates/menu.php';
include 'templates/message.php';
include 'pages/login.php';
// all other normal pages
} else {
include 'templates/header.php';
include 'templates/menu.php';
include 'templates/message.php';
include "pages/{$page}.php";
}
// the page is not in allowed urls, loading front page
} else {
include 'templates/header.php';
include 'templates/menu.php';
include 'templates/message.php';
include 'pages/front.php';
}
include 'templates/footer.php'; include 'templates/footer.php';
// clear errors and notices before next page just in case
unset($_SESSION['error']);
unset($_SESSION['notice']);
?> ?>

View File

@ -2,10 +2,12 @@
require_once 'classes/database.php'; require_once 'classes/database.php';
require 'classes/user.php'; require 'classes/user.php';
// clear the global error var before login
unset($error); unset($error);
try { try {
$db = new Database('./jilo-web.db'); $db = new Database($config['database']);
$user = new User($db); $user = new User($db);
if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) { if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
@ -34,16 +36,19 @@ try {
'samesite' => 'Strict', 'samesite' => 'Strict',
'httponly' => true, 'httponly' => true,
'secure' => isset($_SERVER['HTTPS']), 'secure' => isset($_SERVER['HTTPS']),
'domain' => $domain, 'domain' => $config['domain'],
'path' => '/jilo-web/' 'path' => $config['folder']
]); ]);
// redirect to index // redirect to index
$_SESSION['notice'] = "Login successful";
header('Location: index.php'); header('Location: index.php');
exit(); exit();
// login failed // login failed
} else { } else {
$error = "Login failed."; $_SESSION['error'] = "Login failed.";
header('Location: index.php');
exit();
} }
} }
} catch (Exception $e) { } catch (Exception $e) {

View File

@ -1,10 +0,0 @@
<?php
session_start();
session_unset();
session_destroy();
unset($error);
echo "You logged out.";
?>

View File

@ -5,17 +5,23 @@ require 'classes/user.php';
unset($error); unset($error);
try { try {
$db = new Database('./jilo-web.db'); $db = new Database($config['database']);
$user = new User($db); $user = new User($db);
if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) { if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
$username = $_POST['username']; $username = $_POST['username'];
$password = $_POST['password']; $password = $_POST['password'];
// redirect to login
if ( $user->register($username, $password) ) { if ( $user->register($username, $password) ) {
echo "Registration successful."; $_SESSION['notice'] = "Registration successful.<br />You can log in now.";
header('Location: index.php');
exit();
// registration fail, redirect to login
} else { } else {
echo "Registration failed."; $_SESSION['error'] = "Registration failed.";
header('Location: index.php');
exit();
} }
} }
} catch (Exception $e) { } catch (Exception $e) {

View File

@ -44,6 +44,7 @@
background-color: #eee; background-color: #eee;
border: 1px solid #333; border: 1px solid #333;
font-weight: bold; font-weight: bold;
font-size: 0.85em;
} }
.notice { .notice {
@ -53,4 +54,26 @@
background-color: #eee; background-color: #eee;
border: 1px solid #333; border: 1px solid #333;
font-weight: bold; font-weight: bold;
font-size: 0.85em;
}
#main {
width: 100%;
}
#footer {
position: absolute;
left: 0px;
bottom: 0px;
height: 30px;
width: 100%;
background-color: #777;
color: white;
text-align: center;
font-size: 0.85em;
line-height: 30px;
}
#footer a {
color: white;
} }

View File

@ -1,5 +1,7 @@
<div id="footer">Jilo Web</div> <div id="footer">Jilo Web 0.1 &copy;2024 - web interface for <a href="https://lindeas.com/jilo">Jilo</a></div>
</div>
</body> </body>

View File

@ -1,12 +1,6 @@
<h2>Login</h2> <h2>Login</h2>
<?php if (isset($error)) { ?>
<div class="error">
<?php echo $error; ?>
</div>
<?php } ?>
<div class="login-form"> <div class="login-form">
<form method="POST" action="?page=login"> <form method="POST" action="?page=login">
<input type="text" name="username" placeholder="Username" required /> <input type="text" name="username" placeholder="Username" required />

View File

@ -1,6 +1,12 @@
<form method="POST" action="?page=register"> <h2>Register</h2>
<div class="register-form">
<form method="POST" action="?page=register">
<input type="text" name="username" placeholder="Username" required /> <input type="text" name="username" placeholder="Username" required />
<br />
<input type="password" name="password" placeholder="Password" required /> <input type="password" name="password" placeholder="Password" required />
<button type="submit">Register</button> <br />
</form> <input type="submit" value="Register" />
</form>
</div>

View File

@ -8,21 +8,4 @@
<body> <body>
<div class="menu-container"> <div id="main">
<ul class="menu-left">
<li><a href="index.php">home</a></li>
<?php if ( isset($_SESSION['user_id']) ) { ?>
<li><a href="?page=config">config</a></li>
<?php } ?>
</ul>
<ul class="menu-right">
<?php if ( isset($_SESSION['user_id']) ) { ?>
<li><a href="?page=profile"><?= $user ?></a></li>
<li><a href="?page=logout">logout</a></li>
<?php } else { ?>
<li><a href="?page=login">login</a></li>
<li><a href="?page=register">register</a></li>
<?php } ?>
</ul>
</div>

View File

@ -0,0 +1,19 @@
<div class="menu-container">
<ul class="menu-left">
<li><a href="index.php">home</a></li>
<?php if ( isset($_SESSION['user_id']) ) { ?>
<li><a href="?page=config">config</a></li>
<?php } ?>
</ul>
<ul class="menu-right">
<?php if ( isset($_SESSION['user_id']) ) { ?>
<li><a href="?page=profile"><?= $user ?></a></li>
<li><a href="?page=logout">logout</a></li>
<?php } else { ?>
<li><a href="?page=login">login</a></li>
<li><a href="?page=register">register</a></li>
<?php } ?>
</ul>
</div>

View File

@ -0,0 +1,12 @@
<?php if (isset($error)) { ?>
<div class="error">
<?php echo $error; ?>
</div>
<?php } ?>
<?php if (isset($notice)) { ?>
<div class="notice">
<?php echo $notice; ?>
</div>
<?php } ?>