Surprise! We've been running on hardware provided by BuyVM for a few months and wanted to show them a little appreciation.
Running a paste site comes with unique challenges, ones that aren't always obvious and hard to control. As such, BuyVM offered us a home where we could worry less about the hosting side of things and focus on maintaining a clean and useful service! Go check them out and show them some love!
Submitted on August 14, 2019 at 01:35 AM

Download - Report

entra.php (PHP)

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143 
<?php
session_start();

if(isset($_POST["username"])){

    require_once("database.php");
    $pdo=database();

    $data=array("result"=>false,
        "username"=>"");

    $stmt = $pdo->prepare('SELECT * FROM user_account WHERE username=:username');
    $stmt->execute(['username' => $_POST["username"]]);
    if($stmt->rowCount()==1){

        $row=$stmt->fetch();
        if(password_verify($_POST["password"],$row["password"])){
            $data["result"]=true;
            $data["username"]=$_POST["username"];

            //set session
            $_SESSION=$row;

            if($_POST["remember"]==true){

                //remove old sessions from database
                $uuid=$pdo->query("delete from user_session where expiration_date<NOW()");

                //add session into the database and set cookie
                $uuid=$pdo->query("select uuid() as uuid")->fetch()["uuid"];
                $pdo->query("insert into user_session(user_id,session_id,expiration_date) 
                                    value({$row["id"]},'$uuid',addtime(now(),'30 0:0:0'))");
                setcookie("my-cookie-name",$uuid,time()+2592000);
                $_COOKIE["my-cookie-name"]=$uuid;
            }

        }

    }


    echo json_encode($data);
    die();
}

?>



<!DOCTYPE html>
<html lang="it">
<head>
    <?php include("head.php"); head("Entra"); ?>


    <script>
        $(function() {



            $('form#login').submit(function(e) {
                e.preventDefault();

                //TODO: disable submit while php is running.

                $.ajax({
                    type: "POST",
                    data: $(this).serialize(),
                    dataType: "text",
                    success: function(response)
                    {
                        var jsonData = JSON.parse(response);

                        if(jsonData["result"]==true){
                            $('form#login').remove();
                            $('#success-message')
                                .html(jsonData["username"]+", sei entrato. Aspetta un momento che ti mando nella home.");
                            setTimeout(function(){
                                window.location.href = 'index.php';
                            }, 1500);
                        }
                        else{
                            $('#error-message')
                                .html("Nome utente o password sbagliati.");
                        }

                    }
                });

            });



        });
    </script>



</head>
<body>
<?php include("header.php"); ?>

<div class="container">
    <div class="row">
        <div class="col-sm-12">

            <h1  class="pb-4 mt-4 mb-4 offset-sm-3 col-sm-6" style="text-align: center;">Entra</h1>

            <form id="login" class="offset-sm-3 col-sm-6">

                <div class="form-group">
                    <label for="username" class="control-label">Nome utente</label>
                    <input class="form-control" name="username" type="text" id="username">
                </div>

                <div class="form-group">
                    <label for="password" class="control-label">Password</label>
                    <input class="form-control" name="password" type="password" id="password">
                </div>

                <div class="form-check mb-4">
                    <input class="form-check-input" name="remember" type="checkbox" id="remember">
                    <label class="form-check-label" for="remember" class="control-label">Ricordami</label>
                </div>

                <div class="form-group">
                    <button class="btn btn-primary btn-block mb-4" type="submit">Entra</button>
                    <p id="error-message" class="mt-4 text-danger"></p>
                </div>

            </form>

            <p id="success-message" class="text-success"></p>


        </div>
    </div>
</div>



</body>
</html>

esci.php (PHP)

12345678910111213141516171819202122232425262728293031 
<?php
session_start();
require_once "database.php";

if(isset($_COOKIE["my-cookie-name"])){
    //delete session from database
    $pdo=database();
    $stmt = $pdo->prepare("delete from user_session where session_id=:cookie");
    $stmt->execute(['cookie' => $_COOKIE["my-cookie-name"]]);
    unset($_COOKIE["my-cookie-name"]);

}
else echo "not set";
session_unset();


?>


<!DOCTYPE html>
<html lang="it">
<head>
    <?php include("head.php"); head();?>

</head>
<body>

<?php include("header.php"); ?>

</body>
</html>