-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.php
More file actions
145 lines (119 loc) · 4.07 KB
/
index.php
File metadata and controls
145 lines (119 loc) · 4.07 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
<?php
session_start();
require_once("api/db.php");
// If there is a user already logged in
if(isset($_SESSION["user_id"])) {
header("Location: ./logs"); // Go to logs page (by default)
exit();
}
// Check for POST method
if ($_SERVER["REQUEST_METHOD"] === "POST") {
$username = trim($_POST["login_username"] ?? "");
$password = trim($_POST["login_password"] ?? "");
if ($username === "" || $password === "") {
$error = "Username and Password are required.";
} else {
$login_attempt_result = transactionalMySQLQuery(
"SELECT id, password FROM system_users WHERE username = ?",
[$username]
);
// Check if user exists
if (count($login_attempt_result) === 0) {
$error = "Invalid username or password.";
} else {
$user = $login_attempt_result[0];
// Verify password
if (!password_verify($password, $user["password"])) {
$error = "Invalid username or password.";
} else {
// Login successful
session_regenerate_id(true);
$_SESSION["user_id"] = $user["id"];
header("Location: ./logs");
exit();
}
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv='cache-control' content='no-cache'>
<meta http-equiv='expires' content='0'>
<meta http-equiv='pragma' content='no-cache'>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="icon" type="image/png+jpg" href="images/icons/book-borrow-monitoring-system.png">
<script src="assets/tailwind-3.4.17.js"></script>
<script type="module" src="assets/main.js"></script>
<?php if(isset($error) && $error) { ?>
<script>
alert("<?= $error ?>");
</script>
<?php } ?>
<title>Borrow Book Monitoring System</title>
</head>
<body>
<div class="min-h-screen bg-neutral-900 text-neutral-100 flex items-center justify-center">
<div class="w-full max-w-sm bg-neutral-800 rounded-2xl shadow-lg p-8">
<h2 class="text-3xl font-semibold text-center mb-6">
Welcome Back
</h2>
<form
method="POST"
action="<?= htmlspecialchars($_SERVER["PHP_SELF"]); ?>"
class="space-y-5"
id="login_form"
>
<div class="space-y-1">
<label
for="login_username"
class="text-sm font-medium text-neutral-300"
>
Username
</label>
<input
id="login_username"
name="login_username"
type="text"
placeholder="Enter your username"
class="w-full rounded-lg bg-neutral-800 border border-neutral-700 px-4 py-2
text-neutral-100 placeholder-neutral-400
focus:outline-none focus:ring-2 focus:ring-green-500 focus:border-green-500
transition"
required
/>
</div>
<div class="space-y-1">
<label
for="login_password"
class="text-sm font-medium text-neutral-300"
>
Password
</label>
<input
id="login_password"
name="login_password"
type="password"
placeholder="Enter your password"
class="w-full rounded-lg bg-neutral-800 border border-neutral-700 px-4 py-2
text-neutral-100 placeholder-neutral-400
focus:outline-none focus:ring-2 focus:ring-green-500 focus:border-green-500
transition"
required
/>
</div>
<button
type="submit"
class="w-full rounded-lg bg-green-600 py-2.5 font-semibold
hover:bg-green-500 active:scale-[0.98]
transition duration-200"
>
Login
</button>
</form>
</div>
</div>
<div class="footer"></div>
</body>
</html>