-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.php
More file actions
35 lines (33 loc) · 1.12 KB
/
index.php
File metadata and controls
35 lines (33 loc) · 1.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
<?php
session_start();
//include files
require 'includes/helpers.inc.php';
$con = connecttodb("localhost", "pos_shop", "root", "");
//get credentials
$name = isset($_POST["name"]) ? sanitize($_POST["name"]) : null;
$password = isset($_POST["password"]) ? sanitize($_POST["password"]) : null;
$password_hash = isset($_SESSION["password_hash"]) ? $_SESSION["password_hash"] : null;
/*
* check if user already logged in, if so, redirect with no authentication.
* if not, authenticate and redirect.
* if the user isn't logged in and authentication has failed as well,
* prompt for user credentials.
*/
if(isset($password_hash)) {
//redirect user to the appropriate site
redirect_loggedin_user($con, $password_hash);
exit();
}elseif(((isset($_POST["name"])) && (isset($_POST["password"]))) &&
authorise($con, $name, $password)) {
//initiate a session and
//redirect user to the appropriate page
$_SESSION["password_hash"] = md5($name.$password);
$_SESSION['username'] = sanitize($name);
$_SESSION['user_id'] = 0;
redirect_user($con, $name, $password);
exit();
}else{
include 'login.html';
exit();
}
?>