Fixes in login
This commit is contained in:
parent
6b20d046d1
commit
9f21c3a87e
14 changed files with 331 additions and 2814 deletions
|
|
@ -223,6 +223,14 @@ class Url {
|
|||
|
||||
class Controller {
|
||||
|
||||
public function json($arr_return) {
|
||||
|
||||
$final_return=json_encode($arr_return);
|
||||
|
||||
header('Content-Type: application/json; charset=utf-8');
|
||||
|
||||
return $final_return;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -395,13 +395,13 @@ class Utils {
|
|||
|
||||
//Get randomly elements from the randomly generated array.
|
||||
|
||||
$c=count($disorder_abc);
|
||||
$c=count($disorder_abc)-1;
|
||||
|
||||
$password_final='';
|
||||
|
||||
for($x=0;$x<$length_pass;$x++) {
|
||||
|
||||
$num_element_pass=random_int(0, $c-1);
|
||||
$num_element_pass=random_int(0, $c);
|
||||
|
||||
$password_final.=$disorder_abc[$num_element_pass];
|
||||
|
||||
|
|
|
|||
|
|
@ -34,149 +34,149 @@ class AppController extends TplController{
|
|||
|
||||
$this->db->connect();
|
||||
|
||||
$c_user=$this->db->select_count('', []);
|
||||
$c_user=$this->db->select_count('useradmin', '', []);
|
||||
|
||||
if(!$c_user) {
|
||||
|
||||
header('Location: '.Url::make_url('admin', 'app', ['signup']));
|
||||
|
||||
}
|
||||
else {
|
||||
|
||||
if($_SERVER['REQUEST_METHOD']=='POST') {
|
||||
|
||||
$username=trim($_POST['username']);
|
||||
$password=trim($_POST['password']);
|
||||
|
||||
$error=1;
|
||||
|
||||
$error_form=['username_error' => ''];
|
||||
|
||||
if($username=='') {
|
||||
|
||||
$error_form['username_error']=_('Username empty');
|
||||
|
||||
}
|
||||
|
||||
$arr_user=$this->db->select_a_row('useradmin', [], 'WHERE username=?', [$username]);
|
||||
|
||||
if($arr_user) {
|
||||
|
||||
if(password_verify($password, $arr_user['password'])) {
|
||||
|
||||
$error=0;
|
||||
|
||||
$_SESSION['admin_login']=1;
|
||||
|
||||
}
|
||||
else {
|
||||
|
||||
$error_form['username_error']=_('Wrong user or password');
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
else {
|
||||
|
||||
$error_form['username_error']=_('Wrong user or password');
|
||||
|
||||
}
|
||||
|
||||
echo $this->json(['error' => $error, 'error_form' => $error_form, 'message' => '']);
|
||||
|
||||
}
|
||||
else {
|
||||
|
||||
echo $this->tpl->load_template('login', ['title' => 'Login']);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
break;
|
||||
|
||||
case 'signup':
|
||||
|
||||
echo $this->tpl->load_template('signup', ['title' => 'Signup']);
|
||||
$this->db->connect();
|
||||
|
||||
break;
|
||||
$c_user=$this->db->select_count('useradmin', '', []);
|
||||
|
||||
case 'login_check':
|
||||
if(!$c_user) {
|
||||
|
||||
/*$conn=MySQL::get_pdo_connection();
|
||||
if($_SERVER['REQUEST_METHOD']=='POST') {
|
||||
|
||||
$data=['error' => 1];
|
||||
$error=0;
|
||||
|
||||
$username=$_POST['username'];
|
||||
$error_form=[];
|
||||
|
||||
$password=$_POST['password'];
|
||||
$arr_data=['username', 'email', 'password', 'repeat_password'];
|
||||
|
||||
$sth=$conn->prepare('SELECT id, password from useradmin where username=?');
|
||||
foreach($arr_data as $v) {
|
||||
|
||||
$sth->execute([$username]);
|
||||
settype($_POST[$v], 'string');
|
||||
|
||||
$rows=$sth->fetchAll();
|
||||
}
|
||||
|
||||
if(count($rows)>0) {
|
||||
$username=trim($_POST['username']);
|
||||
|
||||
$password_hash=$rows[0]['password'];
|
||||
if(!preg_match('/^[A-Za-z0-9_-]+$/', $username) || $username=='') {
|
||||
|
||||
if(password_verify($password, $password_hash)) {
|
||||
$error=1;
|
||||
$error_form['username_error']=_("Error: empty value");
|
||||
|
||||
$data['error']=0;
|
||||
}
|
||||
|
||||
$_SESSION['phango_login']=1;
|
||||
$email=filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
|
||||
|
||||
if(!$email) {
|
||||
|
||||
$error=1;
|
||||
$error_form['email_error']=_("Error: email is not valid");
|
||||
|
||||
|
||||
}
|
||||
|
||||
$password=trim($_POST['password']);
|
||||
$repeat_password=trim($_POST['repeat_password']);
|
||||
|
||||
if($password=='') {
|
||||
|
||||
$error=1;
|
||||
$error_form['password_error']=_("Error: password empty");
|
||||
|
||||
}
|
||||
else {
|
||||
|
||||
if($password!=$repeat_password) {
|
||||
|
||||
$error=1;
|
||||
$error_form['password_error']=_("Error: password not equal");
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if(!$error) {
|
||||
|
||||
if(!$this->db->insert('useradmin', ['username' => $username, 'password' => password_hash($password, PASSWORD_DEFAULT), 'email' => $email])) {
|
||||
|
||||
$error=1;
|
||||
|
||||
$error_form['username_error']=_("Error: cannot create the user, please contact with the administrator");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
echo $this->json(['error' => $error, 'error_form' => $error_form, 'message' => '']);
|
||||
|
||||
}
|
||||
else {
|
||||
|
||||
}
|
||||
|
||||
header('Content-Type: application/json; charset=utf-8');
|
||||
|
||||
return json_encode($data);
|
||||
|
||||
break;
|
||||
|
||||
case 'register':
|
||||
|
||||
$conn=MySQL::get_pdo_connection();
|
||||
|
||||
$sth=$conn->query('SELECT count(*) as num_items from useradmin');
|
||||
|
||||
$count=$sth->fetch()[0];
|
||||
|
||||
if($count==0) {
|
||||
|
||||
echo View::load_view(['login' => 0], 'login');
|
||||
|
||||
}
|
||||
|
||||
break;
|
||||
|
||||
case 'signup_check':
|
||||
|
||||
$data=['error' => 0];
|
||||
|
||||
$arr_data=['username', 'email', 'password', 'repeat_password'];
|
||||
|
||||
foreach($arr_data as $v) {
|
||||
|
||||
settype($_POST[$v], 'string');
|
||||
|
||||
}
|
||||
|
||||
//$username=$_POST['username'];
|
||||
//^[A-Za-z0-9_-]+$
|
||||
|
||||
$username=trim($_POST['username']);
|
||||
|
||||
if(!preg_match('/^[A-Za-z0-9_-]+$/', $username)) {
|
||||
|
||||
$data['error']=1;
|
||||
$data['username']=_("Error: empty value");
|
||||
|
||||
}
|
||||
|
||||
$email=filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
|
||||
|
||||
if(!$email) {
|
||||
|
||||
$data['error']=1;
|
||||
$data['email']=_("Error: email is not valid");
|
||||
|
||||
|
||||
}
|
||||
|
||||
$password=trim($_POST['password']);
|
||||
$repeat_password=trim($_POST['repeat_password']);
|
||||
|
||||
if($password=='') {
|
||||
|
||||
$data['error']=1;
|
||||
$data['password']=_("Error: password empty");
|
||||
|
||||
}
|
||||
else {
|
||||
|
||||
if($password!=$repeat_password) {
|
||||
|
||||
$data['error']=1;
|
||||
$data['password']=_("Error: password not equal");
|
||||
echo $this->tpl->load_template('signup', ['title' => 'Signup']);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if($data['error']==0) {
|
||||
|
||||
$password=password_hash($password, PASSWORD_DEFAULT);
|
||||
|
||||
$conn=MySQL::get_pdo_connection();
|
||||
|
||||
if(!$conn->prepare('INSERT into useradmin (`username`, `password`, `email`) VALUES (?, ?, ?)')->execute([$username, $password, $email])) {
|
||||
|
||||
$data['error']=1;
|
||||
$data['username']=_("Error: cannot insert the new user in database, check your database connection");
|
||||
|
||||
}
|
||||
|
||||
//$sth->execute([$username, $password, $email]);
|
||||
|
||||
}
|
||||
|
||||
header('Content-Type: application/json; charset=utf-8');
|
||||
|
||||
return json_encode($data);*/
|
||||
|
||||
break;
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
use PhangoApp\WPDO;
|
||||
use PhaTemplates\Templates;
|
||||
|
||||
class TplController {
|
||||
class TplController extends PhangoApp\PhaRouter\Controller {
|
||||
|
||||
public $tpl;
|
||||
public $db;
|
||||
|
|
@ -12,9 +12,9 @@ class TplController {
|
|||
|
||||
session_start();
|
||||
|
||||
$table=new WPDO\WTable('useradmin', ['username', 'password', 'email']);
|
||||
$table=new WPDO\WTable('useradmin', ['username', 'password', 'email', 'num_attempts']);
|
||||
|
||||
$this->db=new WPDO\WPDO($table);
|
||||
$this->db=new WPDO\WPDO(['useradmin' => $table]);
|
||||
|
||||
$this->tpl=new Templates(['theme/admin/templates', 'modules/admin/templates']);
|
||||
|
||||
|
|
|
|||
Binary file not shown.
Binary file not shown.
File diff suppressed because it is too large
Load diff
|
Before Width: | Height: | Size: 434 KiB |
Binary file not shown.
Binary file not shown.
Binary file not shown.
69
modules/admin/templates/login.php
Normal file
69
modules/admin/templates/login.php
Normal file
|
|
@ -0,0 +1,69 @@
|
|||
<?=$this->layout('login_tpl', ['title' => $title])?>
|
||||
<?=$this->start('content')?>
|
||||
<form method="post" name="login_submit" id="login_submit">
|
||||
<p><label for="username"></label><input type="text" name="username" id="username_form" placeholder="<?=_('Username')?>"/></p>
|
||||
<p class="error" id="username_error"></p>
|
||||
<p><input type="password" name="password" id="password_form" placeholder="<?=_('Password')?>"/></p>
|
||||
<p class="error" id="password_error"></p>
|
||||
<?=PhangoApp\PhaUtils\Utils::set_csrf_key($name_token='csrf_token', $length_token=80)?>
|
||||
<p>
|
||||
<input type="submit" id="button_submit" class="button" value="<?=_('Login')?>" />
|
||||
</p>
|
||||
</form>
|
||||
<?=$this->end('content')?>
|
||||
<?=$this->start('footer_js')?>
|
||||
<script language="Javascript">
|
||||
$(document).ready( function () {
|
||||
|
||||
$("#login_submit").submit( function () {
|
||||
|
||||
$('.error').html('');
|
||||
|
||||
$('#loader-wrapper').show();
|
||||
|
||||
$.ajax({
|
||||
url: "<?=$this->make_url('admin', 'app', ['login'])?>",
|
||||
method: "POST",
|
||||
dataType: "json",
|
||||
data: {'username': $('#username_form').val(), 'password': $('#password_form').val(), 'csrf_token': $('#csrf_token').val()},
|
||||
success: function (data) {
|
||||
|
||||
if(data.error==0)
|
||||
{
|
||||
console.log('Success');
|
||||
|
||||
$('#loader-wrapper').hide();
|
||||
|
||||
location.href="<?=$this->make_url('admin')?>";
|
||||
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
$('#loader-wrapper').hide();
|
||||
|
||||
$('#csrf_token').attr('value', data.csrf_token);
|
||||
|
||||
$('#username_error').html(data.error_form.username_error);
|
||||
}
|
||||
|
||||
},
|
||||
error: function (data) {
|
||||
|
||||
$('#loader-wrapper').hide();
|
||||
|
||||
alert('Error');
|
||||
|
||||
console.log(data);
|
||||
|
||||
}
|
||||
});
|
||||
|
||||
return false;
|
||||
|
||||
});
|
||||
|
||||
|
||||
});
|
||||
</script>
|
||||
<?=$this->end('footer_js')?>
|
||||
|
|
@ -69,16 +69,72 @@
|
|||
background-color: #0056b3; /* Un azul más oscuro */
|
||||
}
|
||||
|
||||
.error {
|
||||
|
||||
color: #ee0000;
|
||||
|
||||
}
|
||||
|
||||
/*Loader layer*/
|
||||
|
||||
#loader-wrapper {
|
||||
|
||||
position: fixed;
|
||||
top: 0;
|
||||
left: 0;
|
||||
width: 100%;
|
||||
height: 100%;
|
||||
|
||||
background-color: transparent;
|
||||
|
||||
z-index: 99999;
|
||||
|
||||
display: flex;
|
||||
justify-content: center;
|
||||
align-items: center;
|
||||
|
||||
opacity: 1;
|
||||
transition: opacity 0.5s ease-out;
|
||||
/*display: none;*/
|
||||
}
|
||||
|
||||
|
||||
.loader-hidden {
|
||||
opacity: 0;
|
||||
pointer-events: none;
|
||||
}
|
||||
|
||||
|
||||
.spinner {
|
||||
border: 8px solid #f3f3f3;
|
||||
border-top: 8px solid #007bff;
|
||||
border-radius: 50%;
|
||||
width: 50px;
|
||||
height: 50px;
|
||||
animation: spin 1s linear infinite;
|
||||
}
|
||||
|
||||
|
||||
@keyframes spin {
|
||||
0% { transform: rotate(0deg); }
|
||||
100% { transform: rotate(360deg); }
|
||||
}
|
||||
|
||||
</style>
|
||||
<?=$this->section('header_js')?>
|
||||
</head>
|
||||
<body>
|
||||
<div id="loader-wrapper" style="display:none;">
|
||||
<div class="spinner"></div>
|
||||
</div>
|
||||
<div id="container">
|
||||
<h1>Login</h1>
|
||||
<h1><?=$title?></h1>
|
||||
<p align="center">
|
||||
<svg class="icon" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 640 640" stroke="currentColor" stroke-width="2" style="fill: currentColor;"><!--!Font Awesome Free v7.1.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free Copyright 2025 Fonticons, Inc.--><path d="M470.5 463.6C451.4 416.9 405.5 384 352 384L288 384C234.5 384 188.6 416.9 169.5 463.6C133.9 426.3 112 375.7 112 320C112 205.1 205.1 112 320 112C434.9 112 528 205.1 528 320C528 375.7 506.1 426.2 470.5 463.6zM430.4 496.3C398.4 516.4 360.6 528 320 528C279.4 528 241.6 516.4 209.5 496.3C216.8 459.6 249.2 432 288 432L352 432C390.8 432 423.2 459.6 430.5 496.3zM320 576C461.4 576 576 461.4 576 320C576 178.6 461.4 64 320 64C178.6 64 64 178.6 64 320C64 461.4 178.6 576 320 576zM320 304C297.9 304 280 286.1 280 264C280 241.9 297.9 224 320 224C342.1 224 360 241.9 360 264C360 286.1 342.1 304 320 304zM232 264C232 312.6 271.4 352 320 352C368.6 352 408 312.6 408 264C408 215.4 368.6 176 320 176C271.4 176 232 215.4 232 264z"/></svg>
|
||||
</p>
|
||||
<?=$this->section('content')?>
|
||||
</div>
|
||||
<script src="<?=$this->make_media_url('modules/admin/media/js/jquery.min.js')?>"></script>
|
||||
<?=$this->section('footer_js')?>
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
|||
|
|
@ -1,14 +1,67 @@
|
|||
<?=$this->layout('login_tpl', ['title' => 'Signup'])?>
|
||||
<?=$this->start('content')?>
|
||||
<form method="post" name="register_submit" id="register_submit">
|
||||
<p><label for="username"></label><input type="text" name="username" id="username_form" placeholder="<?=_('Username')?>"/></p>
|
||||
<p class="error" id="username_error"></p>
|
||||
<p><input type="text" name="password" id="password_form" placeholder="<?=_('Password')?>"/></p>
|
||||
<p><input type="password" name="password" id="password_form" placeholder="<?=_('Password')?>"/></p>
|
||||
<p class="error" id="password_error"></p>
|
||||
<p><input type="text" name="repeat_password" id="repeat_password_form" placeholder="<?=_('Repeat Password')?>"/></p>
|
||||
<p><input type="password" name="repeat_password" id="repeat_password_form" placeholder="<?=_('Repeat Password')?>"/></p>
|
||||
<p class="error" id="repeat_password_error"></p>
|
||||
<p><input type="text" name="email" id="email_form" placeholder="<?=_('Email')?>"/></p>
|
||||
<?=PhangoApp\PhaUtils\Utils::set_csrf_key($name_token='csrf_token', $length_token=80)?>
|
||||
<p class="error" id="email_error"></p>
|
||||
<p>
|
||||
<input type="submit" class="button" value="<?=_('Create user')?>" />
|
||||
<input type="submit" id="button_submit" class="button" value="<?=_('Create user')?>" />
|
||||
</p>
|
||||
</form>
|
||||
<?=$this->end('content')?>
|
||||
<?=$this->start('footer_js')?>
|
||||
<script language="Javascript">
|
||||
$(document).ready( function () {
|
||||
|
||||
$("#register_submit").submit( function () {
|
||||
|
||||
$('.error').html('');
|
||||
|
||||
$('#loader-wrapper').show();
|
||||
|
||||
$.ajax({
|
||||
url: "<?=$this->make_url('admin', 'app', ['signup'])?>",
|
||||
method: "POST",
|
||||
dataType: "json",
|
||||
data: {'username': $('#username_form').val(), 'email': $('#email_form').val(), 'password': $('#password_form').val(), 'repeat_password': $('#repeat_password_form').val(), 'csrf_token': $('#csrf_token').val()},
|
||||
success: function (data) {
|
||||
|
||||
if(data.error==0)
|
||||
{
|
||||
console.log('Success');
|
||||
$('#loader-wrapper').hide();
|
||||
|
||||
location.href="<?=$this->make_url('admin', 'app', ['login'])?>";
|
||||
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
$('#loader-wrapper').hide();
|
||||
|
||||
$('#csrf_token').attr('value', data.csrf_token);
|
||||
|
||||
$('#username_error').html(data.error_form.username_error);
|
||||
$('#email_error').html(data.error_form.email_error);
|
||||
$('#password_error').html(data.error_form.password_error);
|
||||
|
||||
$('#repeat_password_error').html(data.error_form.password_repeat_error);
|
||||
}
|
||||
|
||||
},
|
||||
});
|
||||
|
||||
return false;
|
||||
|
||||
});
|
||||
|
||||
|
||||
});
|
||||
</script>
|
||||
<?=$this->end('footer_js')?>
|
||||
|
|
|
|||
|
|
@ -28,9 +28,7 @@ class Templates {
|
|||
|
||||
$template='';
|
||||
|
||||
$this->yes_layout=0;
|
||||
|
||||
//$yes_template=false;
|
||||
$this->yes_layout=false;
|
||||
|
||||
$z=0;
|
||||
|
||||
|
|
@ -48,8 +46,6 @@ class Templates {
|
|||
|
||||
if($this->yes_layout) {
|
||||
|
||||
//$sections_layout=implode("\n", $this->section_content);
|
||||
|
||||
$final_template=$this->load_template($this->layout, $args);
|
||||
|
||||
echo $final_template;
|
||||
|
|
@ -110,12 +106,6 @@ class Templates {
|
|||
echo $this->section_content[$section_name];
|
||||
|
||||
}
|
||||
else {
|
||||
|
||||
echo $section_name.' dont have any content';
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
|
@ -131,7 +121,7 @@ class Templates {
|
|||
}
|
||||
|
||||
/**
|
||||
* Method for finisha section in a template with a layout
|
||||
* Method for finish section in a template with a layout
|
||||
*
|
||||
*/
|
||||
|
||||
|
|
@ -150,4 +140,16 @@ class Templates {
|
|||
|
||||
}
|
||||
|
||||
public function make_url($module, $script='', $args=[]) {
|
||||
|
||||
return \PhangoApp\PhaRouter\Url::make_url($module, $script, $args);
|
||||
|
||||
}
|
||||
|
||||
public function make_media_url($file) {
|
||||
|
||||
return \PhangoApp\PhaRouter\Url::make_media_url($file);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue