-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsetup.php
113 lines (75 loc) · 3.43 KB
/
setup.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
<?php
include('db/db.php');
include('data.php');
session_start();
$config = get_ini($CONFIG_FILE_PATH);
$MIN_PASSWD_LEN = $config[' DATA ']['min_passwd_length'];
$MAX_PASSWD_LEN = $config[' DATA ']['max_passwd_length'];
// SETUP FOR LOGIN FILE (INDEX.PHP)
if ((isset($_GET['login'])) && ($_GET['login'] == 1)) {
// GET POST DATA
$USERNAME = $_POST['username'] ?? null;
$PASSWORD = $_POST['passwd'] ?? null;
$USERNAME = trim($USERNAME);
$PASSWORD = trim($PASSWORD);
$USERNAME = str_replace(' ', '', $USERNAME);
$PASSWORD = str_replace(' ', '', $PASSWORD);
// GET THE PASSWORD FOR A GIVEN USERNAME
$result = check_if_user_exists($USERNAME);
if ($result != false) {
$correct = password_verify($PASSWORD, $result[0]['passwd']);
if ($correct == true) {
$_SESSION['logged'] = true;
$_SESSION['ID'] = $result[0]['id'];
$_SESSION['username'] = $USERNAME;
header('Location: game.php');
} else {
if (isset($_COOKIE['error_msg'])) unset($_COOKIE['error_msg']);
setcookie('error_msg', 1, 0, '/');
header("Location: index.php?error_msg=Your username or password isn't valid");
}
} else {
if (isset($_COOKIE['error_msg'])) unset($_COOKIE['error_msg']);
setcookie('error_msg', 1, 0, '/');
header("Location: index.php?error_msg=Your username or password isn't valid");
}
// SETUP FOR REGISTER FILE (REGISTER.PHP)
} else if ((isset($_GET['register'])) && ($_GET['register'] == 1)) {
// GET POST DATA
$USERNAME = $_POST['username'] ?? null;
$PASSWORD = $_POST['passwd'] ?? null;
$PASSWORD_AGAIN = $_POST['passwd_again'] ?? null;
$USERNAME = str_replace(' ', '', $USERNAME);
$PASSWORD = str_replace(' ', '', $PASSWORD);
$PASSWORD_AGAIN = str_replace(' ', '', $PASSWORD_AGAIN);
$USERNAME = trim($USERNAME);
$PASSWORD = trim($PASSWORD);
$PASSWORD_AGAIN = trim($PASSWORD_AGAIN);
var_dump(strlen($PASSWORD), $MAX_PASSWD_LEN);
if ((strlen($PASSWORD) > $MAX_PASSWD_LEN) || (strlen($PASSWORD) < $MIN_PASSWD_LEN)) {
if (isset($_COOKIE['register_error_msg'])) unset($_COOKIE['register_error_msg']);
setcookie('register_error_msg', 1, 0, '/');
header("Location: register.php?register_error_msg=Your password length has to be between 8 to 15 chars!");
return;
}
if ($PASSWORD == $PASSWORD_AGAIN) {
// HASH THE PASSWORD
$PASSWORD = password_hash($PASSWORD, PASSWORD_DEFAULT);
$result = add_user_data($USERNAME, $PASSWORD);
// IF USER ALREADY EXISTS IN DATABASE
if (gettype($result) != 'array') {
if (isset($_COOKIE['register_error_msg'])) unset($_COOKIE['register_error_msg']);
setcookie('register_error_msg', 1, 0, '/');
header("Location: register.php?register_error_msg=".$result);
}
// WHEN ALL IS CORRECT
$_SESSION['logged'] = true;
$_SESSION['ID'] = get_last_id();
$_SESSION['username'] = $USERNAME;
header('Location: game.php');
} else {
if (isset($_COOKIE['register_error_msg'])) unset($_COOKIE['register_error_msg']);
setcookie('register_error_msg', 1, 0, '/');
header("Location: register.php?register_error_msg=Your passwords aren't the same! ");
}
}