lain/text0Nly
1
0
Fork 0
mirror of https://git.sr.ht/~iwakuralain/text0Nly synced 2025-07-27 15:36:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

debugdebugich

Browse Source
This commit is contained in:
Lain Iwakura 2025-06-16 02:19:06 +03:00
parent 7582cd76a3
commit aa260d48da
No known key found for this signature in database
GPG Key ID: C7C18257F2ADC6F8
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
main/login.php
View File

@ -31,6 +31,7 @@ $success = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING); $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
$password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING); $password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
error_log("Login attempt for user: " . $username); error_log("Login attempt for user: " . $username);
if ($username && $password) { if ($username && $password) {
@ -38,6 +39,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$stmt = $db->prepare('SELECT id, password, is_blocked, login_attempts, last_attempt FROM users WHERE username = ?'); $stmt = $db->prepare('SELECT id, password, is_blocked, login_attempts, last_attempt FROM users WHERE username = ?');
$stmt->execute([$username]); $stmt->execute([$username]);
$user = $stmt->fetch(PDO::FETCH_ASSOC); $user = $stmt->fetch(PDO::FETCH_ASSOC);
error_log("User query result: " . print_r($user, true)); error_log("User query result: " . print_r($user, true));
if ($user) { if ($user) {
@ -48,27 +50,27 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$error = 'Too many login attempts'; $error = 'Too many login attempts';
error_log("Too many attempts for user: " . $username); error_log("Too many attempts for user: " . $username);
} else if (password_verify($password, $user['password'])) { } else if (password_verify($password, $user['password'])) {
error_log("Successful login for user: " . $username);
$stmt = $db->prepare('UPDATE users SET login_attempts = 0, last_attempt = NOW() WHERE id = ?'); $stmt = $db->prepare('UPDATE users SET login_attempts = 0, last_attempt = NOW() WHERE id = ?');
$stmt->execute([$user['id']]); $stmt->execute([$user['id']]);
$_SESSION['user_id'] = $user['id']; $_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $username; $_SESSION['username'] = $username;
error_log("Successful login for user: " . $username);
header('Location: index.php'); header('Location: index.php');
exit; exit;
} else { } else {
error_log("Invalid password for user: " . $username);
$stmt = $db->prepare('UPDATE users SET login_attempts = login_attempts + 1, last_attempt = NOW() WHERE id = ?'); $stmt = $db->prepare('UPDATE users SET login_attempts = login_attempts + 1, last_attempt = NOW() WHERE id = ?');
$stmt->execute([$user['id']]); $stmt->execute([$user['id']]);
$error = 'Invalid password'; $error = 'Invalid password';
error_log("Invalid password for user: " . $username);
} }
} else { } else {
error_log("User not found: " . $username);
$error = 'User not found'; $error = 'User not found';
error_log("User not found: " . $username);
} }
} catch (PDOException $e) { } catch (PDOException $e) {
error_log("Login error: " . $e->getMessage()); error_log("Login error: " . $e->getMessage());
error_log("SQL State: " . $e->getCode()); error_log("SQL State: " . $e->getCode());
error_log("Error Info: " . print_r($db->errorInfo(), true)); error_log("Error Info: " . print_r($e->errorInfo, true));
$error = 'Server error'; $error = 'Server error';
} }
} }