PHP Classes

File: info.php

Recommend this page to a friend!
  Classes of Faris AL-Otabi   Protected PHPInfo   info.php   Download  
File: info.php
Role: Auxiliary script
Content type: text/plain
Description: Auxiliary script
Class: Protected PHPInfo
Show PHPInfo function output on a protected page
Author: By
Last change:
Date: 6 months ago
Size: 2,068 bytes
 

Contents

Class file image Download
<?php

session_start
();

if (!isset(
$_SESSION['username'])) {
    if (
$_SERVER['REQUEST_METHOD'] === 'POST') {
       
$users = file_get_contents('users.json');
       
$users = json_decode($users, true);

       
// Sanitize the input

       
$_POST['username'] = htmlspecialchars($_POST['username']);
       
$_POST['password'] = htmlspecialchars($_POST['password']);

        foreach (
$users['users'] as $user) {
            if (
$user['username'] == $_POST['username'] && password_verify($_POST['password'], $user['password'])) {
               
$_SESSION['username'] = $_POST['username'];
            }
        }

        if (!isset(
$_SESSION['username'])) {
           
$error = 'Invalid username or password';
        }
    }
}

?>

<?php if (isset($_SESSION['username'])) : ?>
<?php phpinfo(); ?>
<?php
else : ?>

    <!DOCTYPE html>
    <html lang="en">

    <head>
        <meta charset="UTF-8">
        <meta name="viewport" content="width=device-width, initial-scale=1.0">
        <title>Access Denied</title>
        <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@picocss/pico@2/css/pico.min.css" />
        <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@picocss/pico@2/css/pico.colors.min.css" />
    </head>

    <body>
        <main class="container">
            <header>
                <h1>Access Denied</h1>
            </header>

            <p>You must be logged in to view this page.</p>

            <?php if (isset($error)) : ?>
<article class="pico-background-red-600">
                    <?php echo $error; ?>
</article>
            <?php endif; ?>

            <form action="info.php" method="post">
                <label for="username">Username:</label>
                <input type="text" name="username" id="username">
                <label for="password">Password:</label>
                <input type="password" name="password" id="password">
                <button type="submit">Login</button>
            </form>
        </main>
    </body>

    </html>

<?php endif; ?>