From 6727eea30222b4f4ff1a87d9b57aa74c6e018f5b Mon Sep 17 00:00:00 2001
From: Lain Iwakura <lain@iwakurahome.ru>
Date: Mon, 16 Jun 2025 02:20:10 +0300
Subject: [PATCH] debugdebugdebug

---
 main/login.php | 38 ++++++++++++++++++++++++--------------
 1 file changed, 24 insertions(+), 14 deletions(-)

diff --git a/main/login.php b/main/login.php
index 1092e67..f74ec5a 100644
--- a/main/login.php
+++ b/main/login.php
@@ -9,9 +9,10 @@ header('Content-Security-Policy: default-src \'self\'; style-src \'self\' \'unsa
 header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
 session_start();
 
+$debug = [];
 try {
     $config = require 'config.php';
-    error_log("Config loaded: " . print_r($config, true));
+    $debug[] = "Config loaded";
     
     $db = new PDO(
         "mysql:host={$config['db']['host']};dbname={$config['db']['name']}", 
@@ -19,10 +20,10 @@ try {
         $config['db']['pass']
     );
     $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-    error_log("Database connected successfully");
+    $debug[] = "Database connected";
 } catch (PDOException $e) {
-    error_log("Database connection error: " . $e->getMessage());
-    die("Database connection error");
+    $debug[] = "Database error: " . $e->getMessage();
+    die("Database connection error: " . $e->getMessage());
 }
 
 $error = '';
@@ -32,7 +33,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
     $password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
     
-    error_log("Login attempt for user: " . $username);
+    $debug[] = "Login attempt for: " . $username;
 
     if ($username && $password) {
         try {
@@ -40,38 +41,37 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
             $stmt->execute([$username]);
             $user = $stmt->fetch(PDO::FETCH_ASSOC);
             
-            error_log("User query result: " . print_r($user, true));
+            $debug[] = "User found: " . ($user ? 'yes' : 'no');
 
             if ($user) {
                 if ($user['is_blocked']) {
                     $error = 'Account is blocked';
-                    error_log("Blocked account attempt: " . $username);
+                    $debug[] = "Account blocked";
                 } else if ($user['login_attempts'] >= 5 && strtotime($user['last_attempt']) > strtotime('-15 minutes')) {
                     $error = 'Too many login attempts';
-                    error_log("Too many attempts for user: " . $username);
+                    $debug[] = "Too many attempts";
                 } else if (password_verify($password, $user['password'])) {
                     $stmt = $db->prepare('UPDATE users SET login_attempts = 0, last_attempt = NOW() WHERE id = ?');
                     $stmt->execute([$user['id']]);
                     $_SESSION['user_id'] = $user['id'];
                     $_SESSION['username'] = $username;
-                    error_log("Successful login for user: " . $username);
+                    $debug[] = "Login successful";
                     header('Location: index.php');
                     exit;
                 } else {
                     $stmt = $db->prepare('UPDATE users SET login_attempts = login_attempts + 1, last_attempt = NOW() WHERE id = ?');
                     $stmt->execute([$user['id']]);
                     $error = 'Invalid password';
-                    error_log("Invalid password for user: " . $username);
+                    $debug[] = "Invalid password";
                 }
             } else {
                 $error = 'User not found';
-                error_log("User not found: " . $username);
+                $debug[] = "User not found";
             }
         } catch (PDOException $e) {
-            error_log("Login error: " . $e->getMessage());
-            error_log("SQL State: " . $e->getCode());
-            error_log("Error Info: " . print_r($e->errorInfo, true));
             $error = 'Server error';
+            $debug[] = "SQL Error: " . $e->getMessage();
+            $debug[] = "SQL State: " . $e->getCode();
         }
     }
 }
@@ -88,6 +88,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
         button { width: 100%; padding: 10px; background: #2196F3; color: white; border: none; cursor: pointer; }
         .error { color: red; }
         .success { color: green; }
+        .debug { background: #f5f5f5; padding: 10px; margin: 10px 0; font-family: monospace; }
     </style>
 </head>
 <body>
@@ -109,6 +110,15 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
         <button type="submit">Login</button>
     </form>
     <p><a href="register.php">Register</a> | <a href="index.php">Back to chat</a></p>
+    
+    <?php if (!empty($debug)): ?>
+        <div class="debug">
+            <strong>Debug info:</strong><br>
+            <?php foreach ($debug as $line): ?>
+                <?= htmlspecialchars($line) ?><br>
+            <?php endforeach; ?>
+        </div>
+    <?php endif; ?>
 </body>
 </html>
 <?php ob_end_flush(); ?> 
\ No newline at end of file