From efed1f081fd3f733d52f7ad86e3a49f5088264fd Mon Sep 17 00:00:00 2001
From: William Miceli <git@williammiceli.me>
Date: Tue, 3 Dec 2019 04:41:11 -0500
Subject: [PATCH] Functional

---
 var/www/login.php | 61 +++++++++++++++++++++++++++++++++++++----------
 1 file changed, 49 insertions(+), 12 deletions(-)

diff --git a/var/www/login.php b/var/www/login.php
index 95a892b..712d811 100644
--- a/var/www/login.php
+++ b/var/www/login.php
@@ -2,33 +2,70 @@
     session_start();
     require 'db_connection.php';
 
-    if (isset($_POST['Submit'])){
-        $_SESSION['loginData'] = $_POST;
-        header("Location: /loginCheck.php");
+    try{
+        if($_POST['login_username'] != '' && $_POST['login_password'] != ''){
+            unset($_SESSION['loggedInUser']);
+            $db_statement = $db_connection->prepare("SELECT COUNT(*) FROM login WHERE username = '".$_POST["login_username"]."' and pword = '".$_POST["login_password"]."'");
+            $db_statement->execute();
+            $db_statement->setFetchMode(PDO::FETCH_ASSOC);
+            $db_returned = $db_statement->fetchAll();
+            $matchingUsers = $db_returned[0]['COUNT(*)'];
+            if($matchingUsers > 0){
+                // User has been authenticated; set user as logged in
+                $_SESSION['loggedInUser'] = $_POST['login_username'];
+                unset($_SESSION['loginError']);
+                // Move onto landing page
+    //                        header('Location: /landingPage.html');
+            }else{
+                // No matching users found, send user error
+                $_SESSION['loginError'] = 'Invalid Username or Password';
+                // Return to login page
+    //                        header("Location: /login.php");
+            }
+        }else{
+            // Return to login page, as credentials were not captured
+            $_SESSION["loginError"] = "Username and Password are required, please try again";
+    //                    header("Location: /login.php");
+        }
+    }catch(PDOException $e){
+        echo "PDOException: ".$e->getMessage();
+    }catch(Exception $e){
+        echo "Exception: ".$e->getMessage();
     }
 ?>
 
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-    <head> 
-        <title>FriendBook Login</title> 
-        <meta http-equiv="content-type" 
-            content="text/html; charset=utf-8"/> 
-    </head> 
+    <head>
+        <title>FriendBook Login</title>
+        <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
+    </head>
     <body>
         <style>
             body {
                 background-color: #3B5998;
+                color: white;
             }
         </style>
-        <div class="message"><?php if($_SESSION["loginError"]!="") { echo $_SESSION["loginError"]; } ?></div>
+        <div class="message">
+            <p><?php if($_SESSION['loginError']!=""){ echo $_SESSION['loginError']; } ?></p>
+        </div>
         <h2><font color="white">Please Login</h2>
         <form action="" method="post">
             User&colon;
-            <input type="text" name="username" placeholder="Username"><br>
+            <input type="text" name="login_username" placeholder="Username"><br />
             Password&colon;
-            <input type="password" name="password" placeholder="Password"><br>
+            <input type="password" name="login_password" placeholder="Password"><br />
             <input type="submit">
         </form>
+        <?php
+            echo '<h3>$GLOBALS</h3>';
+            echo '<pre>';
+            print_r($GLOBALS);
+            echo '</pre>';
+        ?>
     </body>
-</html> 
+</html>
+<?php
+    $db_connection = null;
+?>