46 lines
1.2 KiB
PHP
46 lines
1.2 KiB
PHP
<?php
|
|
require "../api.php";
|
|
|
|
$api = new mcServApi();
|
|
$db = $api->getDB();
|
|
|
|
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|
if (!isset($_POST["username"]) || !isset($_POST["passwd"])) {
|
|
die("Username or Password are missing");
|
|
}
|
|
|
|
$user = $_POST["username"];
|
|
$passwd = hash("sha256", $_POST["passwd"]);
|
|
|
|
$sql = "SELECT username, passwd FROM users WHERE username = :username AND passwd = :passwd";
|
|
$stmt = $db->prepare($sql);
|
|
$stmt->execute([
|
|
':username' => $user,
|
|
':passwd' => $passwd
|
|
]);
|
|
|
|
$result = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
if ($result) {
|
|
$config = $api->getConf();
|
|
|
|
$session["session_id"] = $api->generateSessionID();
|
|
$device_id = rand(1, 999);
|
|
|
|
$json[$device_id] = $session;
|
|
|
|
file_put_contents($config["PATH"] . "/tmp/user_sessions/" . $user . ".json", json_encode($json));
|
|
|
|
setcookie("session_id", $session["session_id"], time() + 3600, "/");
|
|
setcookie("device_id", $device_id, time() + 3600, "/");
|
|
setcookie("username", $user, time() + 3600, "/");
|
|
|
|
header("Location: /panel");
|
|
exit;
|
|
|
|
}else{
|
|
header("Location: /login.php?passwdIsFalse=true");
|
|
exit;
|
|
}
|
|
}
|
|
?>
|