Mejoradas las comprobaciones y la logica. Creadas las cookies. Cambiado la pagina de Notion por un link. Creados los scripts

2025-10-12 23:52:47 +00:00 · 2021-05-21 23:03:56 -03:00
parent 9e76b31c6f
commit 2945a50e92
10 changed files with 119 additions and 651 deletions
--- a/logic/login.php
+++ b/logic/login.php
@@ -6,6 +6,7 @@ require './sql/querys.php';

 $user = $_POST['user'];
 $password = $_POST['password'];
+$passwordE = hash('sha256', $password);

 if (isset($_POST['submit'])) {

@@ -15,12 +16,14 @@ if (isset($_POST['submit'])) {

            if(strlen($password) <= 20){

-                $c = verifyDB($user, $password);
+                $c = verifyDB($user, $passwordE);
+
+                if ($c[0][1] === $user && $c[0][2] === $passwordE) {
+                    setcookie('session', 'true', time() + 3600, '/');

-                if ($c[0][1] === $user && $c[0][2] === $password) {
                    echo '<script>
                    
-                    window.location.replace(`../success-pages/loginS.html`)
+                    window.location.replace(`../success-pages/loginS.php`)
                    
                    </script>';

--- a/logic/register.php
+++ b/logic/register.php
@@ -6,7 +6,9 @@ require './sql/querys.php';

 $user = $_POST['user'];
 $password = $_POST['password'];
+$passwordE = hash('sha256', $password);
 $confirm_password = $_POST['confirm-password'];
+$confirm_passwordE = hash('sha256', $confirm_password);

 if (isset($_POST['submit'])) {

@@ -17,12 +19,20 @@ if (isset($_POST['submit'])) {
            if (strlen($user) <= 20) {

                if (strlen($password) <= 20) {
-                    
-                    addToDB(sanitize('user', $user), $password);

-                    echo '<script>
-                        window.location.replace(`../success-pages/registerS.html`)
-                    </script>';
+                    if (!verifyUser($user)) {
+                    
+                        addToDB(sanitize('user', $user), $passwordE);
+
+                        echo '<script>
+                            window.location.replace(`../success-pages/registerS.html`)
+                        </script>';
+
+                    } else {
+                        echo error('The username already exists');
+                        echo backToPreviusPage(3, '../register.html');
+                    }
+

                } else {
                    echo error('The password has more characters than allowed!');
--- a/logic/sql/querys.php
+++ b/logic/sql/querys.php
@@ -9,6 +9,15 @@ function addToDB($user, $password) {
    $add -> execute();
 }

+function verifyUser($user) {
+    require './sql/connection.php';
+
+    $verify = $connect -> prepare('select user from users where user = ?');
+    $verify -> bindParam(1, $user, PDO::PARAM_STR);
+    $verify -> execute();
+    return $verify -> fetch();
+}
+
 function verifyDB($user, $password) {
    require './sql/connection.php';