Login fixes

main
Yasen Pramatarov 2024-06-30 10:49:51 +03:00
parent 051b461c40
commit 7f5ca64e56
4 changed files with 69 additions and 7 deletions

View File

@ -22,7 +22,7 @@ if ( isset($_SESSION['username']) ) {
} }
if (isset($error)) { if (isset($error)) {
echo "<p style='color: red;'>Error: $error</p>"; echo "<div class=\"error\">Error: $error</div>";
} }
$allowed_urls = [ $allowed_urls = [

View File

@ -12,11 +12,38 @@ try {
$username = $_POST['username']; $username = $_POST['username'];
$password = $_POST['password']; $password = $_POST['password'];
// login successful
if ( $user->login($username, $password) ) { if ( $user->login($username, $password) ) {
// if remember_me is checked, max out the session
if (isset($_POST['remember_me'])) {
// 30*24*60*60 = 30 days
$cookie_lifetime = '30 * 24 * 60 * 60';
$gc_maxlifetime = '30 * 24 * 60 * 60';
} else {
// 0 - session end on browser close
// 1440 - 24 minutes (default)
$cookie_lifetime = '0';
$gc_maxlifetime = '1440';
}
// set session lifetime
ini_set('session.cookie_lifetime', $cookie_lifetime);
ini_set('session.gc_maxlifetime', $gc_maxlifetime);
session_set_cookie_params([
'lifetime' => $lifetime,
'samesite' => 'Strict',
'httponly' => true,
'secure' => isset($_SERVER['HTTPS']),
'domain' => $domain,
'path' => '/jilo-web/'
]);
// redirect to index
header('Location: index.php'); header('Location: index.php');
exit(); exit();
// login failed
} else { } else {
echo "Login failed."; $error = "Login failed.";
} }
} }
} catch (Exception $e) { } catch (Exception $e) {

View File

@ -36,3 +36,21 @@
.menu-left li a:hover, .menu-right li a:hover { .menu-left li a:hover, .menu-right li a:hover {
background-color: #111; background-color: #111;
} }
.error {
color: red;
margin: 15px 0px 15px 0px;
padding: 5px;
background-color: #eee;
border: 1px solid #333;
font-weight: bold;
}
.notice {
color: green;
margin: 15px 0px 15px 0px;
padding: 5px;
background-color: #eee;
border: 1px solid #333;
font-weight: bold;
}

View File

@ -1,6 +1,23 @@
<form method="POST" action="?page=login"> <h2>Login</h2>
<input type="text" name="username" placeholder="Username" required />
<input type="password" name="password" placeholder="Password" required /> <?php if (isset($error)) { ?>
<button type="submit">Login</button> <div class="error">
</form> <?php echo $error; ?>
</div>
<?php } ?>
<div class="login-form">
<form method="POST" action="?page=login">
<input type="text" name="username" placeholder="Username" required />
<br />
<input type="password" name="password" placeholder="Password" required />
<br />
<label for="remember_me">
<input type="checkbox" id="remember_me" name="remember_me" />
remember me
</label>
<br />
<input type="submit" value="Login" />
</form>
</div>