fix 11
This commit is contained in:
Flatlogic Bot
parent
28184556fb
commit
2497a13797
@ -1,7 +1,13 @@
|
||||
<?php
|
||||
error_log("--- auth-check.php: Start ---");
|
||||
error_log("auth-check.php: Session status: " . session_status());
|
||||
error_log("auth-check.php: Session ID: " . session_id());
|
||||
error_log("auth-check.php: Checking for user_id in \$_SESSION: " . print_r($_SESSION, true));
|
||||
|
||||
if (!isset($_SESSION['user_id'])) {
|
||||
error_log("auth-check.php: user_id NOT SET. Redirecting to login.php");
|
||||
header("Location: login.php");
|
||||
exit;
|
||||
}
|
||||
?>
|
||||
error_log("auth-check.php: user_id IS SET. User is authenticated.");
|
||||
?>
|
||||
@ -1,5 +1,9 @@
|
||||
<?php
|
||||
session_start();
|
||||
error_log("--- index.php: Start ---");
|
||||
error_log("index.php: Session status: " . session_status());
|
||||
error_log("index.php: Session ID: " . session_id());
|
||||
error_log("index.php: Initial \$_SESSION: " . print_r($_SESSION, true));
|
||||
require_once 'db/config.php';
|
||||
require_once 'auth-check.php';
|
||||
require_once 'auth-helpers.php';
|
||||
@ -271,4 +275,4 @@ function getStatusClass($status) {
|
||||
feather.replace();
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
</html>
|
||||
|
||||
13
login.php
13
login.php
@ -1,21 +1,28 @@
|
||||
<?php
|
||||
session_start();
|
||||
error_log("--- login.php: Start ---");
|
||||
error_log("login.php: Session status: " . session_status());
|
||||
error_log("login.php: Session ID: " . session_id());
|
||||
error_log("login.php: Initial \$_SESSION: " . print_r($_SESSION, true));
|
||||
require_once 'db/config.php';
|
||||
|
||||
$error_message = '';
|
||||
|
||||
// If user is already logged in, redirect to dashboard
|
||||
if (isset($_SESSION['user_id'])) {
|
||||
error_log("login.php: User already logged in. Redirecting to index.php");
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
error_log("login.php: POST request received.");
|
||||
$email = $_POST['email'] ?? '';
|
||||
$password = $_POST['password'] ?? '';
|
||||
|
||||
if (empty($email) || empty($password)) {
|
||||
$error_message = 'Please enter both email and password.';
|
||||
error_log("login.php: " . $error_message);
|
||||
} else {
|
||||
try {
|
||||
$pdo = db();
|
||||
@ -24,16 +31,20 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
if ($user && password_verify($password, $user['password'])) {
|
||||
error_log("login.php: Login successful for user ID: " . $user['id']);
|
||||
$_SESSION['user_id'] = $user['id'];
|
||||
$_SESSION['user_name'] = $user['name'];
|
||||
$_SESSION['user_role'] = $user['role'];
|
||||
error_log("login.php: \$_SESSION after login: " . print_r($_SESSION, true));
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
} else {
|
||||
$error_message = 'Invalid email or password.';
|
||||
error_log("login.php: " . $error_message);
|
||||
}
|
||||
} catch (PDOException $e) {
|
||||
$error_message = 'Database error: ' . $e->getMessage();
|
||||
error_log("login.php: " . $error_message);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -84,4 +95,4 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
|
||||
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
|
||||
</body>
|
||||
</html>
|
||||
</html>
|
||||
@ -86,7 +86,7 @@ $users = get_users($allowed_fields);
|
||||
<?php elseif (empty($users)): ?>
|
||||
<div class="text-center p-5">
|
||||
<h4>No users found.</h4>
|
||||
<?php if (can($_SESSION['user_role'], 'user', 'create'])): ?>
|
||||
<?php if (can($_SESSION['user_role'], 'user', 'create')): ?>
|
||||
<p>Get started by adding your first user.</p>
|
||||
<a href="add-user.php" class="btn btn-primary">Add User</a>
|
||||
<?php endif; ?>
|
||||
@ -112,7 +112,7 @@ $users = get_users($allowed_fields);
|
||||
<?php if (can($_SESSION['user_role'], 'user', 'update')): ?>
|
||||
<a href="edit-user.php?id=<?php echo $user['id']; ?>" class="btn btn-sm btn-outline-primary">Edit</a>
|
||||
<?php endif; ?>
|
||||
<?php if (can($_SESSION['user_role'], 'user', 'delete'])): ?>
|
||||
<?php if (can($_SESSION['user_role'], 'user', 'delete')): ?>
|
||||
<a href="delete-user.php?id=<?php echo $user['id']; ?>" class="btn btn-sm btn-outline-danger" onclick="return confirm('Are you sure you want to delete this user?');">Delete</a>
|
||||
<?php endif; ?>
|
||||
</td>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user