lain/text0Nly
1
0
Fork 0
mirror of https://git.sr.ht/~iwakuralain/text0Nly synced 2025-07-27 07:30:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

debugdebugdebug

Browse Source
This commit is contained in:
Lain Iwakura 2025-06-16 02:20:10 +03:00
parent aa260d48da
commit 6727eea302
No known key found for this signature in database
GPG Key ID: C7C18257F2ADC6F8
1 changed files with 24 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
main/login.php
View File

@ -9,9 +9,10 @@ header('Content-Security-Policy: default-src \'self\'; style-src \'self\' \'unsa
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
session_start();
$debug = [];
try {
$config = require 'config.php';
error_log("Config loaded: " . print_r($config, true));
$debug[] = "Config loaded";
$db = new PDO(
"mysql:host={$config['db']['host']};dbname={$config['db']['name']}",
@ -19,10 +20,10 @@ try {
$config['db']['pass']
);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
error_log("Database connected successfully");
$debug[] = "Database connected";
} catch (PDOException $e) {
error_log("Database connection error: " . $e->getMessage());
die("Database connection error");
$debug[] = "Database error: " . $e->getMessage();
die("Database connection error: " . $e->getMessage());
}
$error = '';
@ -32,7 +33,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
$password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
error_log("Login attempt for user: " . $username);
$debug[] = "Login attempt for: " . $username;
if ($username && $password) {
try {
@ -40,38 +41,37 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$stmt->execute([$username]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
error_log("User query result: " . print_r($user, true));
$debug[] = "User found: " . ($user ? 'yes' : 'no');
if ($user) {
if ($user['is_blocked']) {
$error = 'Account is blocked';
error_log("Blocked account attempt: " . $username);
$debug[] = "Account blocked";
} else if ($user['login_attempts'] >= 5 && strtotime($user['last_attempt']) > strtotime('-15 minutes')) {
$error = 'Too many login attempts';
error_log("Too many attempts for user: " . $username);
$debug[] = "Too many attempts";
} else if (password_verify($password, $user['password'])) {
$stmt = $db->prepare('UPDATE users SET login_attempts = 0, last_attempt = NOW() WHERE id = ?');
$stmt->execute([$user['id']]);
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $username;
error_log("Successful login for user: " . $username);
$debug[] = "Login successful";
header('Location: index.php');
exit;
} else {
$stmt = $db->prepare('UPDATE users SET login_attempts = login_attempts + 1, last_attempt = NOW() WHERE id = ?');
$stmt->execute([$user['id']]);
$error = 'Invalid password';
error_log("Invalid password for user: " . $username);
$debug[] = "Invalid password";
}
} else {
$error = 'User not found';
error_log("User not found: " . $username);
$debug[] = "User not found";
}
} catch (PDOException $e) {
error_log("Login error: " . $e->getMessage());
error_log("SQL State: " . $e->getCode());
error_log("Error Info: " . print_r($e->errorInfo, true));
$error = 'Server error';
$debug[] = "SQL Error: " . $e->getMessage();
$debug[] = "SQL State: " . $e->getCode();
}
}
}
@ -88,6 +88,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
button { width: 100%; padding: 10px; background: #2196F3; color: white; border: none; cursor: pointer; }
.error { color: red; }
.success { color: green; }
.debug { background: #f5f5f5; padding: 10px; margin: 10px 0; font-family: monospace; }
</style>
</head>
<body>
@ -109,6 +110,15 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
<button type="submit">Login</button>
</form>
<p><a href="register.php">Register</a> | <a href="index.php">Back to chat</a></p>
<?php if (!empty($debug)): ?>
<div class="debug">
<strong>Debug info:</strong><br>
<?php foreach ($debug as $line): ?>
<?= htmlspecialchars($line) ?><br>
<?php endforeach; ?>
</div>
<?php endif; ?>
</body>
</html>
<?php ob_end_flush(); ?>