added user login

1 month ago · 758da163f2
6 changed files with 98 additions and 4 deletions
--- a/actions/login.php
+++ b/actions/login.php
@ -0,0 +1,27 @@
+<?php
+
+require '../include/db.php';
+
+session_start();
+
+$login = strtolower($_POST['login']);
+$password = hash("sha256", $_POST['password']);
+
+$q = $pdo->prepare(
+    'SELECT * FROM users WHERE login = :login AND password = :password');
+$q->execute([
+    'login' => $login,
+    'password' => $password,
+]);
+
+$users = $q->fetchAll();
+
+if (count($users) == 1)
+{
+    $_SESSION["login"] = $_POST["login"];
+    header("Location: /index.php");
+}
+else {
+    $_SESSION["login"] = "";
+    header("Location: /index.php?error=201");
+}
--- a/include/db.php
+++ b/include/db.php
@ -1,5 +1,10 @@
 <?php

+// get current directory of this file
+$dir = __DIR__;
+// get parent directory of this file
+$dir = dirname($dir);
+
 // connect to database sqlite database using PDO
-$pdo = new PDO('sqlite:../data/db.sqlite');
+$pdo = new PDO("sqlite:$dir/data/db.sqlite");

--- a/include/header.php
+++ b/include/header.php
@ -4,5 +4,18 @@
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title><?php echo "$title"; ?></title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.6/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-4Q6Gf2aSP4eDXB8Miphtr37CMZZQ5oXLH2yaXMJ2w8e2ZtHTl7GptT4jmndRuHDT" crossorigin="anonymous">
 </head>
 <body>
+
+<?php
+
+$is_user_logged = false;
+if (isset($_SESSION["login"])) {
+    if (strlen($_SESSION["login"]) > 0) {
+        echo "Jste přihlášen jako: " . $_SESSION["login"];
+        $is_user_logged = true;
+    } else {
+        echo "Nejste přihlášen";
+    }
+}
--- a/include/login.php
+++ b/include/login.php
@ -0,0 +1,13 @@
+<?php
+
+if (isset($_GET["error"]) && $_GET["error"] == 201) {
+    echo "<p>Neplatné jméno nebo heslo</p>";
+}
+
+?>
+
+<form name="login" action="/actions/login.php" method="post">
+    <input type="text" name="login" placeholder="Login">
+    <input type="password" name="password" placeholder="Heslo">
+    <button type="submit">Přihlásit</button>
+</form>
--- a/include/users.php
+++ b/include/users.php
@ -0,0 +1,33 @@
+<h1>User Management</h1>
+
+<?php
+require_once 'db.php';
+
+$q = $pdo->prepare('SELECT * FROM users ORDER BY login');
+$q->execute();
+$users = $q->fetchAll();
+
+echo "<table class='table table-hover table-bordered'>";
+echo "<thead>";
+echo "<tr>";
+echo "<th>Login</th>";
+echo "<th>Nickname</th>";
+echo "<th>Active</th>";
+echo "<th>Timestamp</th>";
+echo "<th>IP Address</th>";
+echo "<th>Actions</th>";
+echo "</tr>";
+echo "</thead>";
+echo "<tbody>";
+foreach ($users as $user) {
+    echo "<tr>";
+    echo "<td>" . htmlspecialchars($user['login']) . "</td>";
+    echo "<td>" . htmlspecialchars($user['nickname']) . "</td>";
+    echo "<td>" . ($user['active'] ? 'Yes' : 'No') . "</td>";
+    echo "<td>" . date('Y-m-d H:i:s', $user['timestamp']) . "</td>";
+    echo "<td>" . htmlspecialchars($user['ip_addr']) . "</td>";
+    echo "<td><a href='edit_user.php?id=" . $user['id'] . "'>Edit</a> | <a href='delete_user.php?id=" . $user['id'] . "'>Delete</a></td>";
+    echo "</tr>";
+}
+echo "</tbody>";
+echo "</table>";
--- a/index.php
+++ b/index.php
@ -1,11 +1,14 @@
 <?php

-$title = "Šablona";
+session_start();
+
+$title = "Chataři";

 include "include/header.php";

-// echo "php project template";
-include "include/registration.php";
+//include "include/registration.php";
+//include "include/login.php";
+include "include/users.php";

 include "include/footer.php";