admin/34464-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
34464-vm/login.php
Flatlogic Bot 188419fc12 + login Google
2025-09-28 23:02:21 +00:00

107 lines
4.1 KiB
PHP
Raw Blame History

<?php
session_start();
require_once 'db/config.php';
// Redirect if already logged in
if (isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
$error_message = '';
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$username = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
if (empty($username) || empty($password)) {
$error_message = 'Username e password sono obbligatori.';
} else {
// Admin login check
if ($username === ADMIN_USER && password_verify($password, ADMIN_PASS_HASH)) {
$_SESSION['user_id'] = 0; // Special ID for admin
$_SESSION['username'] = ADMIN_USER;
$_SESSION['is_admin'] = true;
header('Location: admin.php');
exit;
}
// Regular user login check
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT * FROM users WHERE username = ?");
$stmt->execute([$username]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['is_admin'] = false; // Ensure this is false for regular users
header('Location: index.php');
exit;
} else {
$error_message = 'Credenziali non valide. Riprova.';
}
} catch (PDOException $e) {
$error_message = "Errore del database: " . $e->getMessage();
}
}
}
?>
<!DOCTYPE html>
<html lang="it">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
<style>
body {
display: flex;
align-items: center;
justify-content: center;
height: 100vh;
background-color: #f8f9fa;
}
.login-container {
max-width: 400px;
padding: 2rem;
border: 1px solid #dee2e6;
border-radius: 0.5rem;
background-color: #fff;
}
</style>
</head>
<body>
<div class="login-container">
<h2 class="text-center mb-4">Login</h2>
<?php if ($error_message): ?>
<div class="alert alert-danger"><?php echo htmlspecialchars($error_message); ?></div>
<?php endif; ?>
<a href="google-auth.php" class="btn btn-danger w-100 mb-3">
<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-google" viewBox="0 0 16 16">
<path d="M15.545 6.558a9.42 9.42 0 0 1 .139 1.626c0 2.434-.87 4.492-2.384 5.885h.002C11.978 15.292 10.158 16 8 16A8 8 0 1 1 8 0a7.689 7.689 0 0 1 5.352 2.082l-2.284 2.284A4.347 4.347 0 0 0 8 3.166c-2.087 0-3.86 1.408-4.492 3.25C2.806 7.48 2.5 8.522 2.5 9.5s.306 2.02.812 2.834c.632 1.842 2.405 3.25 4.492 3.25 1.257 0 2.34-.47 3.162-1.224l.064-.064a3.837 3.837 0 0 0 1.15-2.487H8v-2h7.545z"/>
</svg> Accedi con Google
</a>
<div class="d-flex align-items-center my-3">
<hr class="flex-grow-1">
<span class="px-2 text-muted">oppure</span>
<hr class="flex-grow-1">
</div>
<form method="post" action="login.php">
<div class="mb-3">
<label for="username" class="form-label">Nome Utente</label>
<input type="text" class="form-control" id="username" name="username" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<button type="submit" class="btn btn-primary w-100">Accedi</button>
</form>
<div class="text-center mt-3">
<p>Non hai un account? <a href="register.php">Registrati</a></p>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink