aboutsummaryrefslogtreecommitdiff
path: root/user/login.php
blob: 7a25d389da192f26d66e8768df8d10bcceafca83 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

<?php
require '../config.php';
require_once(TEMPLATES_PATH . "/header.php");
session_start();

$conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']);
$query = $conn->prepare("SELECT id, username, password, can_edit_bugs, can_edit_reports 
    FROM users WHERE username=:username");
$query->bindParam(':username', $_POST['username']);
$query->execute();
$result = $query->fetch();

if(password_verify($_POST['password'], $result['password'])) {
    echo 'password verified';
    $_SESSION['user_name'] = $result['username'];
    $_SESSION['user_id'] = $result['id'];
    $_SESSION['user_can_edit_bugs'] = $result['can_edit_bugs'];
    $_SESSION['user_can_edit_reports'] = $result['can_edit_reports'];
} else {
    echo 'wrong password';
}

header("Refresh: 2; URL=$_SERVER[HTTP_REFERER]");

require_once(TEMPLATES_PATH . "/footer.php");
?>
generated by cgit v1.2.1 (git 2.18.0) at 2024-04-26 02:21:07 +0000