AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 02:44:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

BREAKING CHANGES - Many DB Updates - NOT POSSIBLE TO EASILY UPGRADE TO THIS - Completely reworked User Company Access Permssions, started working on Client Role so Clients can access their data and a bunch of other small fixes

Browse Source
This commit is contained in:
johnnyq
2021-12-22 13:08:24 -05:00
parent 78f1e75eda
commit ba584a57e0
18 changed files with 227 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
login.php
View File

@@ -24,18 +24,17 @@ session_start();
if(isset($_POST['login'])){
$username = strip_tags(mysqli_real_escape_string($mysqli,$_POST['username']));
$email = strip_tags(mysqli_real_escape_string($mysqli,$_POST['email']));
$password = $_POST['password'];
$current_code = strip_tags(mysqli_real_escape_string($mysqli,$_POST['current_code']));
if(!empty($current_code)){
$current_code = strip_tags(mysqli_real_escape_string($mysqli,$_POST['current_code']));
}
$sql = mysqli_query($mysqli,"SELECT * FROM users WHERE user_email = '$username'");
$sql = mysqli_query($mysqli,"SELECT * FROM users WHERE user_email = '$email'");
$row = mysqli_fetch_array($sql);
if(password_verify($password, $row['user_password'])){
$token = $row['user_token'];
$_SESSION['user_id'] = $row['user_id'];
$_SESSION['user_name'] = $row['user_name'];
@@ -77,7 +76,7 @@ if(isset($_POST['login'])){
}
}else{
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Failed', log_description = '$username failed to log in', log_ip = '$ip', log_user_agent = '$os - $browser - $device', log_created_at = NOW()");
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Failed', log_description = 'Failed login attempt using $email', log_ip = '$ip', log_user_agent = '$os - $browser - $device', log_created_at = NOW()");
$response = "
<div class='alert alert-danger'>
@@ -118,7 +117,7 @@ if(isset($_POST['login'])){
<p class="login-box-msg"><?php if(isset($response)) { echo $response; } ?></p>
<form method="post">
<div class="input-group mb-3">
<input type="text" class="form-control" placeholder="Email" name="username" value="<?php if(!empty($token_field)){ echo $username; }?>" required <?php if(empty($token_field)){ echo "autofocus"; } ?> >
<input type="text" class="form-control" placeholder="Email" name="email" value="<?php if(!empty($token_field)){ echo $email; }?>" required <?php if(empty($token_field)){ echo "autofocus"; } ?> >
<div class="input-group-append">
<div class="input-group-text">
<span class="fas fa-envelope"></span>
@@ -164,4 +163,4 @@ if(isset($_POST['login'])){
</script>
</body>
</html>
</html>