-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathaut_log.php
executable file
·94 lines (86 loc) · 2.97 KB
/
aut_log.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
<?php
require_once("private/initialize.php");
$username = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
$errors=[];
if(is_blank($username)) {
$errors[] = "Username cannot be blank.";
}
if(is_blank($password)) {
$errors[] = "Password cannot be blank.";
}
if(is_ajax_request()) {
if(!empty($errors)) {
$result_array = array('Errors' => $errors);
echo json_encode($result_array);
exit;
}
// Validations
// if there were no errors, try to login
if(empty($errors)){
// Using one variable ensures that msg is the same
$login_failure_msg = "Unknown Username Or Password.";
//return an associative array with the user Data
$admin = find_user_by_username($username);
if($admin) {
//check if the password from form match with the encrypted password
if(password_verify($password, $admin['hashed_password'])) {
// password matches
//create Sessions to Login
log_in_admin($admin);
//send to the login page
echo "true";
exit;
}
else{
$errors[] = $login_failure_msg;
$result_array = array('Errors' => $errors);
echo json_encode($result_array);
}
} else {
// no username found
$errors[] = $login_failure_msg;
$result_array = array('Errors' => $errors);
echo json_encode($result_array);
}
}
else {
// no username found
$errors[] = $login_failure_msg;
$result_array = array('Errors' => $errors);
echo json_encode($result_array);
}
}
else{
if(!empty($errors)) {
$_SESSION['authErrors'] = $errors;
redirect_to('private/index.php');
return;
}
// if there were no errors, try to login
if(empty($errors)) {
// Using one variable ensures that msg is the same
$login_failure_msg = "Unknown Username or Password";
//return an associative array with the user Data
$admin = find_user_by_username($username);
if($admin) {
//check if the password from form match with the encrypted password
if(password_verify($password, $admin['hashed_password'])) {
// password matches
//create Sessions to Login
log_in_admin($admin);
//send to the login page
redirect_to('private/index.php');
}else{
$errors[] = $login_failure_msg;
}
} else{
// no username found
$errors[] = $login_failure_msg;
}
$result_array =$errors;
$_SESSION['authErrors'] = $result_array;
redirect_to('z/index.php');
}
}
?>