Edit login.php via Editor
This commit is contained in:
parent
cf4c106129
commit
6435a9c509
73
login.php
73
login.php
@ -8,34 +8,27 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|||||||
if (empty($_POST['email']) || empty($_POST['password'])) {
|
if (empty($_POST['email']) || empty($_POST['password'])) {
|
||||||
$error_message = 'Please enter both email and password.';
|
$error_message = 'Please enter both email and password.';
|
||||||
} else {
|
} else {
|
||||||
$email = $_POST['email'];
|
$email = $_POST['admin@bartersystem.com'];
|
||||||
$password = $_POST['password'];
|
$password = $_POST['admin123'];
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$pdo = db();
|
$pdo = db();
|
||||||
// Use the correct table name 'public.admin_users'
|
|
||||||
$stmt = $pdo->prepare('SELECT * FROM public.admin_users WHERE email = ?');
|
$stmt = $pdo->prepare('SELECT * FROM public.admin_users WHERE email = ?');
|
||||||
$stmt->execute([$email]);
|
$stmt->execute([$email]);
|
||||||
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||||
|
|
||||||
// IMPORTANT: PHP's password_verify function is the correct way to check a bcrypt hash.
|
|
||||||
if ($user && password_verify($password, $user['password'])) {
|
if ($user && password_verify($password, $user['password'])) {
|
||||||
// Password is correct, so start a new session
|
|
||||||
$_SESSION['user_id'] = $user['id'];
|
$_SESSION['user_id'] = $user['id'];
|
||||||
$_SESSION['user_email'] = $user['email'];
|
$_SESSION['user_email'] = $user['email'];
|
||||||
$_SESSION['user_fullname'] = $user['full_name'];
|
$_SESSION['user_fullname'] = $user['full_name'];
|
||||||
|
|
||||||
// Redirect to a protected admin page
|
|
||||||
header("Location: admin_dashboard.php");
|
header("Location: admin_dashboard.php");
|
||||||
exit;
|
exit;
|
||||||
} else {
|
} else {
|
||||||
// Invalid credentials
|
|
||||||
$error_message = 'Invalid email or password.';
|
$error_message = 'Invalid email or password.';
|
||||||
}
|
}
|
||||||
} catch (PDOException $e) {
|
} catch (PDOException $e) {
|
||||||
// In a real app, you would log this error, not show it to the user.
|
|
||||||
$error_message = 'Database error. Please try again later.';
|
$error_message = 'Database error. Please try again later.';
|
||||||
// error_log($e->getMessage());
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -47,45 +40,35 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|||||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||||
<title>Admin Login</title>
|
<title>Admin Login</title>
|
||||||
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
|
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
|
||||||
<style>
|
<link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
|
||||||
body {
|
|
||||||
display: flex;
|
|
||||||
align-items: center;
|
|
||||||
justify-content: center;
|
|
||||||
min-height: 100vh;
|
|
||||||
background-color: #f8f9fa;
|
|
||||||
}
|
|
||||||
.login-card {
|
|
||||||
max-width: 400px;
|
|
||||||
width: 100%;
|
|
||||||
}
|
|
||||||
</style>
|
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<div class="card login-card shadow-sm">
|
<div class="login-container">
|
||||||
<div class="card-body p-4">
|
<div class="card login-card shadow-lg">
|
||||||
<h3 class="card-title text-center mb-4">Admin Login</h3>
|
<div class="card-body p-5">
|
||||||
|
<h3 class="card-title text-center mb-4">Admin Login</h3>
|
||||||
<?php if (!empty($error_message)): ?>
|
|
||||||
<div class="alert alert-danger" role="alert">
|
<?php if (!empty($error_message)): ?>
|
||||||
<?php echo htmlspecialchars($error_message); ?>
|
<div class="alert alert-danger" role="alert">
|
||||||
</div>
|
<?php echo htmlspecialchars($error_message); ?>
|
||||||
<?php endif; ?>
|
</div>
|
||||||
|
<?php endif; ?>
|
||||||
|
|
||||||
<form action="login.php" method="post">
|
<form action="login.php" method="post">
|
||||||
<div class="mb-3">
|
<div class="mb-4">
|
||||||
<label for="email" class="form-label">Email address</label>
|
<label for="email" class="form-label">Email address</label>
|
||||||
<input type="email" class="form-control" id="email" name="email" required>
|
<input type="email" class="form-control form-control-lg" id="email" name="email" required>
|
||||||
</div>
|
</div>
|
||||||
<div class="mb-3">
|
<div class="mb-4">
|
||||||
<label for="password" class="form-label">Password</label>
|
<label for="password" class="form-label">Password</label>
|
||||||
<input type="password" class="form-control" id="password" name="password" required>
|
<input type="password" class="form-control form-control-lg" id="password" name="password" required>
|
||||||
</div>
|
</div>
|
||||||
<div class="d-grid">
|
<div class="d-grid">
|
||||||
<button type="submit" class="btn btn-primary">Login</button>
|
<button type="submit" class="btn btn-primary btn-lg">Login</button>
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
Loading…
x
Reference in New Issue
Block a user