Finish login

api/login/getcookies.php

@@ -0,0 +1,46 @@
+<?php
+require "../../main.php";
+
+$mcServ = new mcServ();
+$db = $mcServ->getDB();
+
+if ($_SERVER["REQUEST_METHOD"] == "POST") {
+    if (!isset($_POST["username"]) || !isset($_POST["passwd"])) {
+        die("Username or Password are missing");
+    }
+
+    $user = $_POST["username"];
+    $passwd = hash("sha256", $_POST["passwd"]);
+
+    $sql = "SELECT username, passwd FROM users WHERE username = :username AND passwd = :passwd";
+    $stmt = $db->prepare($sql);
+    $stmt->execute([
+        ':username' => $user,
+        ':passwd' => $passwd
+    ]);
+
+    $result = $stmt->fetch(PDO::FETCH_ASSOC);
+
+    if ($result) {
+        $config = $mcServ->getConf();
+
+        $session["session_id"] = $mcServ->generateSessionID();
+        $device_id = rand(1, 999);
+
+        $json[$device_id] = json_encode($session);
+
+        file_put_contents($config["PATH"] . "/tmp/user_sessions/" . $admin_user . ".json", json_encode($json));
+
+        setcookie("session_id", $session["session_id"], time() + 3600, "/");
+        setcookie("device_id", $device_id, time() + 3600, "/");
+        setcookie("username", $user, time() + 3600, "/");
+
+        header("Location: /admin");
+        exit;
+
+    }else{
+        header("Location: /login.php?passwdIsFalse=true");
+        exit;
+    }
+}
+?>

api/setup/setup.php

@@ -1,10 +1,6 @@
 <?php
 require "../../main.php";
 
-ini_set("display_errors", 1);
-ini_set("display_startup_errors", 1);
-error_reporting(E_ALL);
-
 $admin_user = $_POST["admin_user"];
 $admin_mail = $_POST["admin_mail"];
 $admin_passwd_1 = $_POST["admin_passwd_1"];