debugdebugich

2025-07-27 07:30:31 +00:00 · 2025-06-16 02:19:06 +03:00 · 2025-06-16 02:19:06 +03:00 · aa260d48da
commit aa260d48da
parent 7582cd76a3
1 changed files with 6 additions and 4 deletions
--- a/main/login.php
+++ b/main/login.php
@ -31,6 +31,7 @@ $success = '';
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
    $password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
+    
    error_log("Login attempt for user: " . $username);

    if ($username && $password) {
@ -38,6 +39,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $stmt = $db->prepare('SELECT id, password, is_blocked, login_attempts, last_attempt FROM users WHERE username = ?');
            $stmt->execute([$username]);
            $user = $stmt->fetch(PDO::FETCH_ASSOC);
+            
            error_log("User query result: " . print_r($user, true));

            if ($user) {
@ -48,27 +50,27 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
                    $error = 'Too many login attempts';
                    error_log("Too many attempts for user: " . $username);
                } else if (password_verify($password, $user['password'])) {
-                    error_log("Successful login for user: " . $username);
                    $stmt = $db->prepare('UPDATE users SET login_attempts = 0, last_attempt = NOW() WHERE id = ?');
                    $stmt->execute([$user['id']]);
                    $_SESSION['user_id'] = $user['id'];
                    $_SESSION['username'] = $username;
+                    error_log("Successful login for user: " . $username);
                    header('Location: index.php');
                    exit;
                } else {
-                    error_log("Invalid password for user: " . $username);
                    $stmt = $db->prepare('UPDATE users SET login_attempts = login_attempts + 1, last_attempt = NOW() WHERE id = ?');
                    $stmt->execute([$user['id']]);
                    $error = 'Invalid password';
+                    error_log("Invalid password for user: " . $username);
                }
            } else {
-                error_log("User not found: " . $username);
                $error = 'User not found';
+                error_log("User not found: " . $username);
            }
        } catch (PDOException $e) {
            error_log("Login error: " . $e->getMessage());
            error_log("SQL State: " . $e->getCode());
-            error_log("Error Info: " . print_r($db->errorInfo(), true));
+            error_log("Error Info: " . print_r($e->errorInfo, true));
            $error = 'Server error';
        }
    }