first commit
This commit is contained in:
bryce
70
i/auth.php
Normal file
70
i/auth.php
Normal file
@@ -0,0 +1,70 @@
|
||||
<?php
|
||||
require_once 'db.php';
|
||||
|
||||
function authenticateUser ($username, $password) {
|
||||
$pdo = getDbConnection();
|
||||
$stmt = $pdo->prepare("SELECT id, password, is_admin FROM users WHERE username = ?");
|
||||
$stmt->execute([$username]);
|
||||
$user = $stmt->fetch();
|
||||
|
||||
if ($user && password_verify($password, $user['password'])) {
|
||||
session_start();
|
||||
$_SESSION['user_id'] = $user['id'];
|
||||
$_SESSION['username'] = $user['username'];
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
function checkAuth() {
|
||||
session_start();
|
||||
if (!isset($_SESSION['user_id'])) {
|
||||
header('Location: login.php');
|
||||
exit();
|
||||
}
|
||||
}
|
||||
|
||||
function checkAdminAuth() {
|
||||
session_start();
|
||||
|
||||
if (!isset($_SESSION['user_id'])) {
|
||||
$_SESSION['message'] = 'You Must be logged in to access this page.';
|
||||
header('Location: login.php');
|
||||
exit();
|
||||
}
|
||||
|
||||
$pdo = getDbConnection();
|
||||
$stmt = $pdo->prepare("SELECT is_admin FROM users WHERE id = ?");
|
||||
$stmt->execute([$_SESSION['user_id']]);
|
||||
$user = $stmt->fetch();
|
||||
|
||||
if (!$user || $user['is_admin'] !=1) {
|
||||
$_SESSION['message'] = 'You do NOT have the required permission to access that page.';
|
||||
header('Location: dashboard.php');
|
||||
exit();
|
||||
}
|
||||
}
|
||||
|
||||
function isAdmin() {
|
||||
session_start();
|
||||
|
||||
if (!isset($_SESSION['user_id'])) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$pdo = getDbConnection();
|
||||
$stmt = $pdo->prepare("SELECT is_admin FROM users WHERE id = ?");
|
||||
$stmt->execute([$_SESSION['user_id']]);
|
||||
$user = $stmt->fetch();
|
||||
|
||||
return ($user && $user['is_admin'] == 1);
|
||||
}
|
||||
|
||||
function logout() {
|
||||
session_start();
|
||||
session_unset();
|
||||
session_destroy();
|
||||
header('Location: login.php');
|
||||
exit();
|
||||
}
|
||||
?>
|
||||
4
i/config.php
Normal file
4
i/config.php
Normal file
@@ -0,0 +1,4 @@
|
||||
<?php
|
||||
define('DB_PATH', __DIR__ . '../../../dbs/lists/lists.sqlite');
|
||||
?>
|
||||
|
||||
10
i/db.php
Normal file
10
i/db.php
Normal file
@@ -0,0 +1,10 @@
|
||||
<?php
|
||||
require_once 'config.php';
|
||||
|
||||
function getDbConnection() {
|
||||
try {
|
||||
$pdo = new PDO('sqlite: ' . DB_PATH);
|
||||
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||
$pdo->setAttribute()
|
||||
}
|
||||
}
|
||||
0
i/footer.php
Normal file
0
i/footer.php
Normal file
66
i/header.php
Normal file
66
i/header.php
Normal file
@@ -0,0 +1,66 @@
|
||||
<?php
|
||||
|
||||
if (session_status() == PHP_SESSION_NONE) {
|
||||
session_start();
|
||||
}
|
||||
|
||||
require_once __DIR__ . '/auth.php';
|
||||
|
||||
?>
|
||||
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="wdth=device-width, initial-scale=1.0">
|
||||
<title>Lists - Brycefromnz.live</title>
|
||||
<link rel="stylesheet" href="../css/style.css">
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css">
|
||||
</head>
|
||||
<body>
|
||||
<header class="main-header">
|
||||
<div class="container header-container">
|
||||
<div class="header-left">
|
||||
<div class="search-section">
|
||||
<form action="/search_results.php" method="get" class="search_form">
|
||||
<input type="search" name="query" placeholder="Search lists & terms. . ." class="search-input">
|
||||
<button type="submit" class="search-button">Go</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="header-right">
|
||||
<button class="menu-toggle" aria-label="Toggle navigation">
|
||||
<i class="fas fa-bars"></i>
|
||||
</button>
|
||||
|
||||
<nav class="main-nav">
|
||||
<ul>
|
||||
<?php if (isset($_SESSION['user_id'])): ?>
|
||||
<li><a href="../dashboard.php" class="button button-nav">Dashboard</a></li>
|
||||
<li><a href="../create_list.php" class="button button-nav">Create New List</a></li>
|
||||
<?php if (is_admin()): ?>
|
||||
<li><a href="../admin_settings.php" class="btutton button-nav">Settings</a></li>
|
||||
<?php endif; ?>
|
||||
<li><a href="../logout.php" class="button button-nav button-logout">Logout</a></li>
|
||||
<?php else: ?>
|
||||
<li><a href="../login.php" class="button button-nav">Login</a></li>
|
||||
<?php endif; ?>
|
||||
</ul>
|
||||
</nav>
|
||||
|
||||
<div class="login-status">
|
||||
<?php if (isset($_SESSION['user_id'])): ?>
|
||||
<span class="status-icon logged-in" title="Logged In">
|
||||
<i class="fas fa-check-circle"></i>
|
||||
</span>
|
||||
<?php else: ?>
|
||||
<span class="status-icon logged-out" title="Logged Out">
|
||||
<i class="fas fa-times-circle"></i>
|
||||
</span>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</header>
|
||||
<main>
|
||||
Reference in New Issue
Block a user