CS479/579 - Web Programming II

Displaying ./code/images/login.php

<?php
include "config.php";
include "auth.php";
$error = null;

$auth = new Auth();

if (isset($_POST['email'])) {
  $email = $_POST['email'];
  $password = $_POST['password'];

  $stmt = $myconn->prepare("select uid,password from `img_user` where email=?");
  if ($stmt == false) die("prepare" . $myconn->error);
  $stmt->bind_param("s", $email);
  $stmt->bind_result($uid, $passwd);
  $stmt->execute();
  if (! $stmt->fetch()) {
    $error = "Email/password not found.";
  } else {
    $stmt->close();
    $pos = strrpos($passwd, "$");
    if ($pos == false) header("location: login.php");
    $salt = substr($passwd, 0, $pos);
    $hash = crypt($password, $salt);
    if ($hash == $passwd) {
      $auth->newsession($uid);
      header("location: index.php");
    } else {
      $error = "Username/password not found.";
    }
  }
}

?>
<!DOCTYPE html>
<html>
<head>
 <title> Login page </title>
 <meta charset='utf-8'>
</head>
<body>
 <h1> Login here </h1>
<?php
 if ($error != null) echo "<h3> $error </h3>\n";
?>  
 <form method=post autocomplete="off">
  <table>
   <tr> <th> Email: <td> <input type='text' name='email' autocomplete=off>
   <tr> <th> Password: <td> <input type='password' name='password'>
   <tr> <th> Stay logged in: <td> <input type='checkbox' value='on'>
   <tr> <td colspan=2> <input type='submit' value='Submit'>
  </table>
 </form>
</body>
</html>