index.php
Code: Select all
<?php
<?php
require_once('config.php');
require_once('Login.class.php');
$login = Login::getInstance();
if ($login->isLoggedIn()) {
if ($_GET['page'] == 'logout') {
$login->logout();
$sm->assign('member', false);
header('Location: login.php');
}
$sm->assign('auth', $_SESSION['auth']);
$sm->assign('sid', session_id());
$sm->assign('member', $login->isLoggedIn());
}
$sm->display('index.tpl');
?>
?>
Code: Select all
{capture assign=content}
<b>Hello world, {$name}</b>
{if $member == true}
<a href="{$SCRIPT_NAME}?page=logout">Log out</a>
<p>Hello you are logged in here</p>
<p>SID: {$sid}</p>
<p>Auth; {$auth}</p>
{/if}
{/capture}
{include file="default.tpl"}
Code: Select all
<?php
require_once 'config.php';
require_once 'Login.class.php';
if (isset($_POST['login'])) {
//make here check if right then log in
//SELECT id, password, username FROM users WHERE username = 'Jurka' AND password = MD5(123456);
$login = Login::getInstance();
$login->setDatabase($db);
if ($login->checkLogin($_POST['username'], $_POST['password'])) {
$sm->assign('message', 'Logged in');
header('Location: index.php');
} else {
$sm->assign('message', 'Loging in failed!');
}
}
$sm->display('login/login.tpl');
?>
Code: Select all
{capture assign=content}
{if isset($message)}
<p>{$message}</p>
{/if}
<form action="{$SCRIPT_NAME}" method="post">
<p>Username: <input type="text" name="username" value="" /></p>
<p>Password: <input type="password" name="password" value="" /></p>
<input type="submit" name="login" value="Log in" />
</form>
{/capture}
{include file="default.tpl"}
Code: Select all
<?php
<?php
class Login {
private $_db;
static private $_instance = null;
private function __construct() {
session_start();
}
static public function getInstance() {
if (self::$_instance == null) {
self::$_instance = new Login();
}
return self::$_instance;
}
public function setDatabase(PDO $database) {
$this->_db = $database;
}
public function checkLogin($username, $password) {
$sql = "SELECT COUNT(*)
FROM `users`
WHERE (`username` = :user
AND `password` = :pass)
GROUP BY `username`";
$stmt = $this->_db->prepare($sql);
$stmt->bindParam(":user", $username);
$stmt->bindParam(":pass", hash('sha256', $password + PASSWORD_SALT));
$stmt->execute();
$count = $stmt->fetch();
if ($count[0] == 1) {
session_regenerate_id(true);
$_SESSION['username'] = $username;
$_SESSION['auth'] = md5('auth');
return true;
} else {
return false;
}
}
public function logout() {
session_destroy();
}
public function isLoggedIn() {
if (isset($_SESSION['username']) && $_SESSION['auth'] === md5('auth')) {
return true;
} else {
return false;
}
}
}
?>
Code: Select all
<?php
define('SMARTY', 'smarty/libs/Smarty.class.php');
define('PASSWORD_SALT', 'ThiS Is salt');
require_once(SMARTY);
$sm = new Smarty();
$sm->compile_dir = 'templates_c/';
$sm->template_dir = 'templates/';
$sm->debugging = false;
$db = new PDO('mysql:host=localhost;dbname=andmed', 'root', '');
?>