Webbserverprogrammering 1

Show sourcecode

The following files exists in this folder. Click to view.

webbsrvprg/slutprojekt/

admin.php
bilder/
checkUpdates.php
confirmPassword.php
confirmSignIn.php
createadmin.php
endScreen.php
getBoard.php
getChat.php
getHand.php
getTurnPlayer.php
lobbies.php
logIn.php
play.php
playCard.php
signIn.php
start.php
startsida.php
style.css
tables.php
update.php
updatePassword.php
waitInfo.php
waitingRoom.php

logIn.php

66 lines UTF-8 Windows (CRLF)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <title>Jass</title>
</head>
<body>
  <?php
    /** @var PDO $dbconn */
    include ('../dbconnection.php');

    if (isset($_GET["username"]) && isset($_GET["password"])) {
      $name htmlspecialchars($_GET["username"]);
      $pwd htmlspecialchars($_GET["password"]);

      try {
        // Kolla om kontoinformationen som skrevs in finns
        $sql "SELECT * FROM JassPlayers WHERE username=?";
        $stmt $dbconn->prepare($sql);

        $data = array($name);
        $stmt->execute($data);

        if ($res $stmt->fetch(PDO::FETCH_ASSOC)) {
          if (password_verify($pwd$res["password"])) {
            // Om kontot finns, spara dess information i ett dygn i cookies
            $time time() + 60 60 24;

            setcookie("playerid"$res["playerid"], $time);
            setcookie("username"$res["username"], $time);
            setcookie("password"$res["password"], $time);
            setcookie("mail"$res["mail"], $time);
            setcookie("type"$res["type"], $time);
            
            // Dirigera till adminsidan om användaren är en admin, dirigera till startsidan annars
            if ($res["type"] == "admin") {
              header("location: admin.php");
            } else {
              header("location: startsida.php");
            }
          } else {
            echo "Username or password is incorrect.";
          }
        } else {
          echo "Username or password is incorrect.";
        }
      }
      catch (PDOException $e) {
        echo $sql "<br>" $e->getMessage();
      }
    }
  ?>

  <!-- Inloggningsformulär -->
  <form action="" method="get">
    <input type="text" name="username" placeholder="Username"> <br>
    <input type="password" name="password" placeholder="Password"> <br>

    <input type="submit" value="Log in">
  </form>

  <p>No acoount?<a href="signIn.php">Create one</a></p>
  <p>Forgot your password?<a href="updatePassword.php">Change it</a></p>
</body>
</html>