Galleries/PHPGallery
1
0
Fork 0
mirror of https://github.com/Fluffy-Bean/image-gallery.git synced 2025-05-19 01:44:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merged login signup and account page into one

Browse source
This commit is contained in:
Michał Gdula 2022-09-06 18:15:59 +00:00
parent 8c98b90766
commit b227baf239
11 changed files with 257 additions and 259 deletions
Download patch file Download diff file Expand all files Collapse all files

127
account/account.php
View file

@ -11,45 +11,114 @@
include "../ui/nav.php";
?>
<div class="account-root">
<h2>Account settings</h2>
<?php
if (isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true) {
echo "<br>";
if ($_SESSION["id"] == 1) {
echo "<h3>Invite Codes</h3>";
$token_request = mysqli_query($conn, "SELECT * FROM tokens WHERE used = 0");
while ($token = mysqli_fetch_array($token_request)) {
?>
<!-- Button that's displayed with the invite code -->
<button onclick='copyCode()' class='btn btn-neutral'><?php echo $token['code']; ?></button>
<!-- Copy code on click -->
<script>
function copyCode() {
navigator.clipboard.writeText("<?php echo $token['code']; ?>");
sniffleAdd("Info", "Invite code has been copied!", "var(--green)", "<?php echo $root_dir; ?>assets/icons/clipboard-text.svg");
}
</script>
<?php
<div class="account-root">
<h2>Account settings</h2>
<br>
<?php
if ($_SESSION["id"] == 1) {
echo "<h3>Invite Codes</h3>";
$token_request = mysqli_query($conn, "SELECT * FROM tokens WHERE used = 0");
while ($token = mysqli_fetch_array($token_request)) {
?>
<!-- Button that's displayed with the invite code -->
<button onclick='copyCode()' class='btn btn-neutral'><?php echo $token['code']; ?></button>
<script>
function copyCode() {
navigator.clipboard.writeText("<?php echo $token['code']; ?>");
sniffleAdd("Info", "Invite code has been copied!", "var(--green)", "<?php echo $root_dir; ?>assets/icons/clipboard-text.svg");
}
</script>
<?php
}
}
}
?>
<br>
<h3 class='space-top'>Danger ahead</h3>
<p>Resetting your password regularly is a good way of keeping your account safe</p>
<a class='btn btn-bad' href='https://superdupersecteteuploadtest.fluffybean.gay/account/password-reset.php'><img class='svg' src='../assets/icons/password.svg'>Reset Password</a>
<br>
<p>Don't leave! I'm with the science team!</p>
<a class='btn btn-bad' href='https://superdupersecteteuploadtest.fluffybean.gay/account/logout.php'><img class='svg' src='../assets/icons/sign-out.svg'>Logout</a>
?>
<br>
<h3 class='space-top'>Danger ahead</h3>
<p>Resetting your password regularly is a good way of keeping your account safe</p>
<a class='btn btn-bad' href='https://superdupersecteteuploadtest.fluffybean.gay/account/password-reset.php'><img class='svg' src='../assets/icons/password.svg'>Reset Password</a>
<br>
<p>Don't leave! I'm with the science team!</p>
<a class='btn btn-bad' href='https://superdupersecteteuploadtest.fluffybean.gay/account/logout.php'><img class='svg' src='../assets/icons/sign-out.svg'>Logout</a>
</div>
<?php
} else {
?>
<p>You must be logged in to change your account settings!</p>
<a class='btn btn-good' href='https://superdupersecteteuploadtest.fluffybean.gay/account/login.php'>Login!</a>
<div class="login-root">
<h2>Login</h2>
<p>Passwords are important to keep safe. Don't tell anyone your password, not even Fluffy!</p>
<br>
<form id="loginForm" method="POST" enctype="multipart/form-data">
<input id="loginUsername" class="btn btn-neutral" type="text" name="username" placeholder="Username">
<input id="loginPassword" class="btn btn-neutral" type="password" name="password" placeholder="Password">
<br>
<button id="loginSubmit" class="btn btn-good" type="submit" name="login"><img class="svg" src="../assets/icons/sign-in.svg">Login</button>
</form>
<button class='btn btn-neutral' onclick="signupShow()"><img class="svg" src="../assets/icons/sign-in.svg">Need an account?</button>
</div>
<script>
$("#loginForm").submit(function(event) {
event.preventDefault();
var username = $("#loginUsername").val();
var password = $("#loginPassword").val();
var submit = $("#loginSubmit").val();
$("#sniffle").load("../app/account/account.php", {
username: username,
password: password,
submit_login: submit
});
});
</script>
<div class="signup-root">
<h2>Make account</h2>
<p>And amazing things happened here...</p>
<br>
<form id="signupForm" method="POST" action="signup.php" enctype="multipart/form-data">
<input id="signupUsername" class="btn btn-neutral" type="text" name="username" placeholder="Username">
<br>
<input id="signupPassword" class="btn btn-neutral" type="password" name="password" placeholder="Password">
<input id="signupPasswordConfirm" class="btn btn-neutral" type="password" name="confirm_password" placeholder="Re-enter Password">
<br>
<input id="signupToken" class="btn btn-neutral" type="text" name="token" placeholder="Invite Code">
<br>
<button id="signupSubmit" class="btn btn-good" type="submit" name="signup"><img class="svg" src="../assets/icons/sign-in.svg">Sign Up</button>
</form>
<button class='btn btn-neutral' onclick="loginShow()"><img class="svg" src="../assets/icons/sign-in.svg">I already got an account!</button>
</div>
<script>
$("#signupForm").submit(function(event) {
event.preventDefault();
var username = $("#signupUsername").val();
var password = $("#signupPassword").val();
var confirm_password = $("#signupPasswordConfirm").val();
var token = $("#signupToken").val();
var submit = $("#signupSubmit").val();
$("#sniffle").load("../app/account/account.php", {
username: username,
password: password,
confirm_password: confirm_password,
token: token,
submit_signup: submit
});
});
</script>
<script>
function loginShow() {
document.querySelector(".login-root").style.display = "block";
document.querySelector(".signup-root").style.display = "none";
};
function signupShow() {
document.querySelector(".signup-root").style.display = "block";
document.querySelector(".login-root").style.display = "none";
};
</script>
<?php
}
?>
</div>
<?php include "../ui/footer.php"; ?>
</body>

54
account/login.php
View file

@ -1,54 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<?php include "../ui/header.php"; ?>
</head>
<body>
<?php
include "../ui/required.php";
include "../ui/nav.php";
// Check if the user is already logged in, if yes then redirect him to welcome page
if (isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true) {
?>
<script>
sniffleAdd('Whatcha doing here?', 'You are already logged in! No need to try again', 'var(--black)', '<?php echo $root_dir; ?>assets/icons/warning.svg');
</script>
<?php
}
?>
<div class="login-root">
<h2>Login</h2>
<p>Passwords are important to keep safe. Don't tell anyone your password, not even Fluffy!</p>
<br>
<form id="loginForm" method="POST" enctype="multipart/form-data">
<input id="loginUsername" class="btn btn-neutral" type="text" name="username" placeholder="Username">
<input id="loginPassword" class="btn btn-neutral" type="password" name="password" placeholder="Password">
<br>
<button id="loginSubmit" class="btn btn-good" type="submit" name="login"><img class="svg" src="../assets/icons/sign-in.svg">Login</button>
</form>
<a class='btn btn-neutral' href='https://superdupersecteteuploadtest.fluffybean.gay/account/signup.php'><img class="svg" src="../assets/icons/sign-in.svg">Need an account? Sign up!</a>
</div>
<script>
$("#loginForm").submit(function(event) {
event.preventDefault();
var username = $("#loginUsername").val();
var password = $("#loginPassword").val();
var submit = $("#loginSubmit").val();
$("#sniffle").load("../app/account/login.php", {
username: username,
password: password,
submit: submit
});
});
</script>
<?php include "../ui/footer.php"; ?>
</body>
</html>

52
account/signup.php
View file

@ -1,52 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<?php include "../ui/header.php"; ?>
</head>
<body>
<?php
include "../ui/required.php";
include "../ui/nav.php";
?>
<div class="signup-root">
<h2>Make account</h2>
<p>And amazing things happened here...</p>
<br>
<form id="signupForm" method="POST" action="signup.php" enctype="multipart/form-data">
<input id="signupUsername" class="btn btn-neutral" type="text" name="username" placeholder="Username">
<br>
<input id="signupPassword" class="btn btn-neutral" type="password" name="password" placeholder="Password">
<input id="signupPasswordConfirm" class="btn btn-neutral" type="password" name="confirm_password" placeholder="Re-enter Password">
<br>
<input id="signupToken" class="btn btn-neutral" type="text" name="token" placeholder="Invite Code">
<br>
<button id="signupSubmit" class="btn btn-good" type="submit" name="signup"><img class="svg" src="../assets/icons/sign-in.svg">Sign Up</button>
</form>
</div>
<script>
$("#signupForm").submit(function(event) {
event.preventDefault();
var username = $("#signupUsername").val();
var password = $("#signupPassword").val();
var confirm_password = $("#signupPasswordConfirm").val();
var token = $("#signupToken").val();
var submit = $("#signupSubmit").val();
$("#sniffle").load("../app/account/signup.php", {
username: username,
password: password,
confirm_password: confirm_password,
token: token,
submit: submit
});
});
</script>
<?php include "../ui/footer.php"; ?>
</body>
</html>

132
app/account/signup.php → app/account/account.php
View file

@ -1,17 +1,128 @@
<?php
// Include server connection
include "../server/conn.php";
/*
|-------------------------------------------------------------
| Login
|-------------------------------------------------------------
| This is annoying because I want to keep the website secure
| but I have no clue how to keep things secure with HTML, PHP
| or JS. So I hope seperating the scripts and putting all this
| into a PHP file is a good secutiry mesure
|-------------------------------------------------------------
*/
if (isset($_POST['submit_login'])) {
/*
|-------------------------------------------------------------
| Set error status to 0
|-------------------------------------------------------------
| if there are more than 0 error, then they cannot submit a
| request
|-------------------------------------------------------------
*/
$error = 0;
// Checking if Username is empty
if (empty(trim($_POST["username"]))) {
?>
<script>
sniffleAdd('Who dis?', 'You must enter a username to login!', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
$username = trim($_POST["username"]);
}
// Check if Password is empty
if (empty(trim($_POST["password"]))) {
?>
<script>
sniffleAdd('Whats the magic word?', 'Pls enter the super duper secrete word(s) to login!', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
$password = trim($_POST["password"]);
}
if ($error <= 0) {
// Prepare so SQL doesnt get spooked
$sql = "SELECT id, username, password FROM users WHERE username = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
// Bind dis shit
mysqli_stmt_bind_param($stmt, "s", $param_username);
// Set parameters
$param_username = $username;
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
// Store result
mysqli_stmt_store_result($stmt);
// Check if username exists, if yes then verify password
if (mysqli_stmt_num_rows($stmt) == 1) {
// Bind result variables
mysqli_stmt_bind_result($stmt, $id, $username, $hashed_password);
if (mysqli_stmt_fetch($stmt)) {
if (password_verify($password, $hashed_password)) {
// Password is correct, so start a new session
session_start();
// Store data in session variables
$_SESSION["loggedin"] = true;
$_SESSION["id"] = $id;
$_SESSION["username"] = $username;
// let the user know
?>
<script>
//sniffleAdd('O hi <?php echo $_SESSION["username"]; ?>', 'You are now logged in! You will be redirected in a few seconds', 'var(--green)', '../assets/icons/hand-waving.svg');
//setTimeout(function(){window.location.href = "../index.php?login=success";}, 2000);
window.location.href = "../index.php?login=success";
</script>
<?php
} else {
?>
<script>
sniffleAdd('Sus', 'Username or Password WRONG, please try again :3', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
}
}
} else {
?>
<script>
sniffleAdd('Sus', 'Username or Password WRONG, please try again :3', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('woops...', 'Sowwy, something went wrong on our end :c', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
}
// Close statement
mysqli_stmt_close($stmt);
}
}
}
/*
|-------------------------------------------------------------
| Signup
|-------------------------------------------------------------
| The dreaded signup. Funfact, the one thing I hate more than
| late-stage capitalism and this world is JavaScript. Please
| save me...
| The dreaded signup. Please save me...
|-------------------------------------------------------------
*/
// Include server connection
include "../server/conn.php";
if (isset($_POST['submit'])) {
if (isset($_POST['submit_signup'])) {
/*
|-------------------------------------------------------------
| Set error status to 0
@ -209,8 +320,9 @@ if (isset($_POST['submit'])) {
// Yupeee! Account was made
?>
<script>
sniffleAdd('Success!', 'You account made for <?php echo $username; ?>!!!!! You will be redirected in a moment to login', 'var(--green)', '../assets/icons/hand-waving.svg');
setTimeout(function(){window.location.href = "../account/login.php";}, 2000);
sniffleAdd('Success!', 'You account made for <?php echo $username; ?>!!!!! You must now login', 'var(--green)', '../assets/icons/hand-waving.svg');
//setTimeout(function(){window.location.href = "../account/login.php";}, 2000);
loginShow();
</script>
<?php
} else {
@ -222,4 +334,4 @@ if (isset($_POST['submit'])) {
}
}
}
}
}

113
app/account/login.php
View file

@ -1,113 +0,0 @@
<?php
/*
|-------------------------------------------------------------
| Login
|-------------------------------------------------------------
| This is annoying because I want to keep the website secure
| but I have no clue how to keep things secure with HTML, PHP
| or JS. So I hope seperating the scripts and putting all this
| into a PHP file is a good secutiry mesure
|-------------------------------------------------------------
*/
// Include server connection
include "../server/conn.php";
if (isset($_POST['submit'])) {
/*
|-------------------------------------------------------------
| Set error status to 0
|-------------------------------------------------------------
| if there are more than 0 error, then they cannot submit a
| request
|-------------------------------------------------------------
*/
$error = 0;
// Checking if Username is empty
if (empty(trim($_POST["username"]))) {
?>
<script>
sniffleAdd('Who dis?', 'You must enter a username to login!', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
$username = trim($_POST["username"]);
}
// Check if Password is empty
if (empty(trim($_POST["password"]))) {
?>
<script>
sniffleAdd('Whats the magic word?', 'Pls enter the super duper secrete word(s) to login!', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
$password = trim($_POST["password"]);
}
if ($error <= 0) {
// Prepare so SQL doesnt get spooked
$sql = "SELECT id, username, password FROM users WHERE username = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
// Bind dis shit
mysqli_stmt_bind_param($stmt, "s", $param_username);
// Set parameters
$param_username = $username;
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
// Store result
mysqli_stmt_store_result($stmt);
// Check if username exists, if yes then verify password
if (mysqli_stmt_num_rows($stmt) == 1) {
// Bind result variables
mysqli_stmt_bind_result($stmt, $id, $username, $hashed_password);
if (mysqli_stmt_fetch($stmt)) {
if (password_verify($password, $hashed_password)) {
// Password is correct, so start a new session
session_start();
// Store data in session variables
$_SESSION["loggedin"] = true;
$_SESSION["id"] = $id;
$_SESSION["username"] = $username;
// let the user know
?>
<script>
sniffleAdd('O hi <?php echo $_SESSION["username"]; ?>', 'You are now logged in! You will be redirected in a few seconds', 'var(--green)', '../assets/icons/hand-waving.svg');
setTimeout(function(){window.location.href = "../index.php?login=success";}, 2000);
</script>
<?php
} else {
?>
<script>
sniffleAdd('Sus', 'Username or Password WRONG, please try again :3', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
}
}
} else {
?>
<script>
sniffleAdd('Sus', 'Username or Password WRONG, please try again :3', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('woops...', 'Sowwy, something went wrong on our end :c', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
}
// Close statement
mysqli_stmt_close($stmt);
}
}
}

13
app/server/secrete.php
View file

@ -0,0 +1,13 @@
<script>
console.log("⣿⣿⣿⣿⣿⡿⠿⠻⠿⠿⢿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⠿⠿⠻⠻⠟⠻⢿⣿⣿⣿⣿");
console.log("⣿⣿⡟⠁⢀⣠⣤⣤⣤⣤⣄⣀⣀⣀⣹⣿⣿⣷⣄⣀⣀⣀⣀⣤⣤⣤⣤⣀⠐⢽⣿⣿⣿");
console.log("⣿⣿⣿⣶⣿⡿⣛⡒⠒⠒⢒⠒⣲⠙⣿⣿⣿⣿⠟⣵⡒⢒⠒⠒⡀⣘⡻⣿⣿⣾⣿⣿⣿");
console.log("⣿⣿⣿⣿⣏⣞⡛⠃⠀⠀⠸⠷⢿⣧⣿⣿⣿⣿⣧⣿⣷⣛⣀⣀⣁⣛⣛⣮⣿⣿⣿⣿⣿");
console.log("⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿");
console.log("⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿");
console.log("⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⢏⣾⣿⣿⣿⣿");
console.log("⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡿⢻⣿⠏⣼⣿⣿⣿⣿⣿");
console.log("⣿⣿⣿⣿⣿⣿⣿⣿⡿⢿⣿⣿⣿⣿⣿⣿⡿⠿⠿⠿⠟⢛⣉⣴⣿⡏⣸⣿⣿⣿⣿⣿⣿");
console.log("⣿⣿⣿⣿⣿⣿⣿⣿⣧⣠⣤⣤⣤⣤⣤⣤⣶⣶⣶⣶⣿⣿⣿⣿⣿⠃⣿⣿⣿⣿⣿⣿⣿");
console.log("⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣾⣿⣿⣿⣿⣿⣿⣿");
</script>

8
css/main.css
View file

@ -87,6 +87,10 @@ nav .btn {
width: auto;
}
.nav-mobile {
display: none;
}
@media (max-width: 800px) {
.nav-name {
display: none;
@ -129,6 +133,9 @@ nav .btn {
#back-to-top {
bottom: 5rem !important;
}
.nav-mobile {
display: block;
}
}
/*
|-------------------------------------------------------------
@ -534,6 +541,7 @@ nav .btn {
border-radius: 0rem;
border: 0.2rem solid #8C977D;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
display: none;
}
.signup-root > * {
margin-top: 0;

2
css/scss/_body.scss
View file

@ -272,6 +272,8 @@
.signup-root {
@include defaultDecoration($green);
@include defaultFont();
// By default its hidden, in place is login
display: none;
}
/*

7
css/scss/_navigation.scss
View file

@ -57,6 +57,10 @@ nav {
width: auto;
}
.nav-mobile {
display: none;
}
@media (max-width: 800px) {
.nav-name {
display: none;
@ -110,4 +114,7 @@ nav {
#back-to-top {
bottom: 5rem !important;
}
.nav-mobile {
display: block;
}
}

2
ui/nav.php
View file

@ -13,7 +13,7 @@
echo "<hr>";
echo "<a class='btn' href='".$root_dir."/account/account.php'><img class='svg' src='".$root_dir."assets/icons/user-circle.svg'><span class='nav-hide'>".substr($_SESSION["username"], 0, 15)."</span></a>";
} else {
echo "<a class='btn' href='".$root_dir."/account/login.php'><img class='svg' src='".$root_dir."assets/icons/sign-in.svg'><span class='nav-hide'>Login</span></a>";
echo "<a class='btn' href='".$root_dir."/account/account.php'><img class='svg' src='".$root_dir."assets/icons/sign-in.svg'><span class='nav-hide'>Login</span></a>";
}
?>
</div>

6
ui/required.php
View file

@ -101,3 +101,9 @@ include $root_dir."app/server/secrete.php";
}
}
</script>
<!--
Required so main objects are centered when NAV
is in mobile view
-->
<div class="nav-mobile"></div>