1
0
Fork 0

Validate user input in login form

master
Anonymous Contributor 2023-08-23 18:16:34 +02:00
parent 3249d249be
commit 588beb3c05
1 changed files with 14 additions and 7 deletions

View File

@ -1,14 +1,21 @@
<?php <?php
include_once 'classen/FormValidator.php';
$HTML = new HTML(); $HTML = new HTML();
$HTML->setHTMLTitle("Login"); $HTML->setHTMLTitle("Login");
$HTML->importHTML("style/login/login.html"); $HTML->importHTML("style/login/login.html");
if(isset($_POST['login'])) if(isset($_POST['login']))
{ {
if(!isset($_POST['username']) || !isset($_POST['password'])) $validator = new FormValidator(array(
{ 'username' => array('required' => true, 'regex' => '([^\\\/<>\s]+ [^\\\/<>\s]+){3,255}'),
$HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", "Bitte gebe Benutzername und Passwort an."); 'password' => array('required' => true, 'regex' => '.{1,1000}')
}else{ ));
if(!$validator->isValid($_POST)) {
$HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", "Bitte gebe Benutzername und Passwort an.");
}
else {
$statementUser = $RUNTIME['PDO']->prepare("SELECT * FROM UserAccounts WHERE FirstName = ? AND LastName = ? LIMIT 1"); $statementUser = $RUNTIME['PDO']->prepare("SELECT * FROM UserAccounts WHERE FirstName = ? AND LastName = ? LIMIT 1");
$statementUser->execute(explode(" ", trim($_POST['username']))); $statementUser->execute(explode(" ", trim($_POST['username'])));
@ -45,10 +52,10 @@
} }
$HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", $RUNTIME['MESSAGE']['LOGINERROR']); $HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", $RUNTIME['MESSAGE']['LOGINERROR']);
$HTML->ReplaceLayoutInhalt("%%LASTUSERNAME%%", $_POST['username']); $HTML->ReplaceLayoutInhalt("%%LASTUSERNAME%%", $_POST['username']);
} }
} }
if(file_exists("./pages/".@$_REQUEST['page'].".php")) if(file_exists("./pages/".@$_REQUEST['page'].".php"))
$HTML->ReplaceLayoutInhalt("%%PAGENAME%%", @$_REQUEST['page']); $HTML->ReplaceLayoutInhalt("%%PAGENAME%%", @$_REQUEST['page']);