123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143
<?php
session_start();
if(isset($_POST["username"])){
require_once("database.php");
$pdo=database();
$data=array("result"=>false,
"username"=>"");
$stmt = $pdo->prepare('SELECT * FROM user_account WHERE username=:username');
$stmt->execute(['username' => $_POST["username"]]);
if($stmt->rowCount()==1){
$row=$stmt->fetch();
if(password_verify($_POST["password"],$row["password"])){
$data["result"]=true;
$data["username"]=$_POST["username"];
//set session
$_SESSION=$row;
if($_POST["remember"]==true){
//remove old sessions from database
$uuid=$pdo->query("delete from user_session where expiration_date<NOW()");
//add session into the database and set cookie
$uuid=$pdo->query("select uuid() as uuid")->fetch()["uuid"];
$pdo->query("insert into user_session(user_id,session_id,expiration_date)
value({$row["id"]},'$uuid',addtime(now(),'30 0:0:0'))");
setcookie("my-cookie-name",$uuid,time()+2592000);
$_COOKIE["my-cookie-name"]=$uuid;
}
}
}
echo json_encode($data);
die();
}
?>
<!DOCTYPE html>
<html lang="it">
<head>
<?php include("head.php"); head("Entra"); ?>
<script>
$(function() {
$('form#login').submit(function(e) {
e.preventDefault();
//TODO: disable submit while php is running.
$.ajax({
type: "POST",
data: $(this).serialize(),
dataType: "text",
success: function(response)
{
var jsonData = JSON.parse(response);
if(jsonData["result"]==true){
$('form#login').remove();
$('#success-message')
.html(jsonData["username"]+", sei entrato. Aspetta un momento che ti mando nella home.");
setTimeout(function(){
window.location.href = 'index.php';
}, 1500);
}
else{
$('#error-message')
.html("Nome utente o password sbagliati.");
}
}
});
});
});
</script>
</head>
<body>
<?php include("header.php"); ?>
<div class="container">
<div class="row">
<div class="col-sm-12">
<h1 class="pb-4 mt-4 mb-4 offset-sm-3 col-sm-6" style="text-align: center;">Entra</h1>
<form id="login" class="offset-sm-3 col-sm-6">
<div class="form-group">
<label for="username" class="control-label">Nome utente</label>
<input class="form-control" name="username" type="text" id="username">
</div>
<div class="form-group">
<label for="password" class="control-label">Password</label>
<input class="form-control" name="password" type="password" id="password">
</div>
<div class="form-check mb-4">
<input class="form-check-input" name="remember" type="checkbox" id="remember">
<label class="form-check-label" for="remember" class="control-label">Ricordami</label>
</div>
<div class="form-group">
<button class="btn btn-primary btn-block mb-4" type="submit">Entra</button>
<p id="error-message" class="mt-4 text-danger"></p>
</div>
</form>
<p id="success-message" class="text-success"></p>
</div>
</div>
</div>
</body>
</html>