Login fixes

2024-06-30 10:49:51 +03:00 · 2024-06-30 10:49:51 +03:00 · 7f5ca64e56
parent 051b461c40
commit 7f5ca64e56
4 changed files with 69 additions and 7 deletions
--- a/public_html/index.php
+++ b/public_html/index.php
@ -22,7 +22,7 @@ if ( isset($_SESSION['username']) ) {
 }

 if (isset($error)) {
-    echo "<p style='color: red;'>Error: $error</p>";
+    echo "<div class=\"error\">Error: $error</div>";
 }

 $allowed_urls = [
--- a/public_html/pages/login.php
+++ b/public_html/pages/login.php
@ -12,11 +12,38 @@ try {
        $username = $_POST['username'];
        $password = $_POST['password'];

+        // login successful
        if ( $user->login($username, $password) ) {
+            // if remember_me is checked, max out the session
+            if (isset($_POST['remember_me'])) {
+                // 30*24*60*60 = 30 days
+                $cookie_lifetime = '30 * 24 * 60 * 60';
+                $gc_maxlifetime = '30 * 24 * 60 * 60';
+            } else {
+                // 0 - session end on browser close
+                // 1440 - 24 minutes (default)
+                $cookie_lifetime = '0';
+                $gc_maxlifetime = '1440';
+            }
+
+            // set session lifetime
+            ini_set('session.cookie_lifetime', $cookie_lifetime);
+            ini_set('session.gc_maxlifetime', $gc_maxlifetime);
+            session_set_cookie_params([
+                'lifetime' => $lifetime,
+                'samesite' => 'Strict',
+                'httponly' => true,
+                'secure' => isset($_SERVER['HTTPS']),
+                'domain' => $domain,
+                'path' => '/jilo-web/'
+            ]);
+            // redirect to index
            header('Location: index.php');
            exit();
+
+        // login failed
        } else {
-            echo "Login failed.";
+            $error = "Login failed.";
        }
    }
 } catch (Exception $e) {
--- a/public_html/static/all.css
+++ b/public_html/static/all.css
@ -36,3 +36,21 @@
 .menu-left li a:hover, .menu-right li a:hover {
    background-color: #111;
 }
+
+.error {
+    color: red;
+    margin: 15px 0px 15px 0px;
+    padding: 5px;
+    background-color: #eee;
+    border: 1px solid #333;
+    font-weight: bold;
+}
+
+.notice {
+    color: green;
+    margin: 15px 0px 15px 0px;
+    padding: 5px;
+    background-color: #eee;
+    border: 1px solid #333;
+    font-weight: bold;
+}
--- a/public_html/templates/form-login.php
+++ b/public_html/templates/form-login.php
@ -1,6 +1,23 @@

-<form method="POST" action="?page=login">
+<h2>Login</h2>
+
+<?php if (isset($error)) { ?>
+<div class="error">
+    <?php echo $error; ?>
+</div>
+<?php } ?>
+
+<div class="login-form">
+    <form method="POST" action="?page=login">
        <input type="text" name="username" placeholder="Username" required />
+        <br />
        <input type="password" name="password" placeholder="Password" required />
-    <button type="submit">Login</button>
-</form>
+        <br />
+        <label for="remember_me">
+            <input type="checkbox" id="remember_me" name="remember_me" />
+            remember me
+        </label>
+        <br />
+        <input type="submit" value="Login" />
+    </form>
+</div>