From 41aa01579ce4da3e408b1f05cf10117858811367 Mon Sep 17 00:00:00 2001
From: CloudStarTreck <37251906+Teecloudy@users.noreply.github.com>
Date: Mon, 16 Mar 2020 20:26:17 +0800
Subject: [PATCH] Logging Users

Password verification was being bypassed therefor on line 160 i modified the password verification to match the database
---
 Script.php | 19 +++++++++++++------
 index.php  |  5 +++++
 2 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/Script.php b/Script.php
index 8ed23a4..7f2f720 100644
--- a/Script.php
+++ b/Script.php
@@ -10,7 +10,7 @@
 session_start();
   date_default_timezone_set('Asia/Shanghai');
 // CONNeCTION
-$con=mysqli_connect("localhost","root","","lrr");
+$con=mysqli_connect("localhost","Ashly","Teecloudy","lrr");
 // Check connection
 if (mysqli_connect_errno())
   {
@@ -113,7 +113,7 @@ if (!empty($_POST["frm_signup_1"])) {
      header("Location: signup.php");
      return;
     }
-   // check if email is taken
+   // check if email is taked
      $result = mysqli_query($con,
         "SELECT * FROM Users_Table WHERE email='$email'");
    if(mysqli_num_rows($result)!=0)
@@ -122,7 +122,7 @@ if (!empty($_POST["frm_signup_1"])) {
         header("Location: signup.php"); 
         return;       
     }
-    //applying password_hash() (first_commit)
+    //applying password_hash()
     $password_hash = password_hash($password, PASSWORD_DEFAULT);
     $sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`, `Student_ID`, `Passport_Number`) VALUES "
             . "('$email','$password_hash','$fullname','Student','$student_id','$passport')";
@@ -144,7 +144,7 @@ if (!empty($_POST["frm_login"])) {
   $user=mysqli_real_escape_string($con,$_POST["user"]);
   $password=mysqli_real_escape_string($con,$_POST["password"]);
   // $hashed_password=hash('sha512', $password); Not necessary in the login
- $result = mysqli_query($con, "SELECT * FROM users_table WHERE (Email='$user' or Student_ID='$user')");
+ $result = mysqli_query($con, "SELECT * FROM users_table WHERE (Email='$user')");
 if(mysqli_num_rows($result)==0)
  {
      $_SESSION["info_login"]="Inavlid login Information.";
@@ -156,8 +156,8 @@ header("Location: index.php");
  else 
  { 
      while($row = mysqli_fetch_assoc($result)) {
-       //  verify the hashed password and unhashed password  
-    if(password_verify($password, $row["Password"]) or ($password = $row["Password"])){
+       //  verify the hashed password and unhashed password
+       if(password_verify($password, $row["Password"]) or $password == $row["Password"]){
       $_SESSION['user_id']=$row['User_ID'];
      $_SESSION['user_email']=$row['Email'];
      $_SESSION['user_student_id']=$row['Student_ID'];
@@ -183,6 +183,13 @@ header("Location: index.php");
      {
        header("Location: Admin.php");
      }
+    //  report wrong pass if not correct
+    }else{
+      $_SESSION["wrong_pass"]="Wrong Password.";
+  
+      echo $_SESSION["wrong_pass"];
+      
+      header("Location: index.php");  
     }
      
     
diff --git a/index.php b/index.php
index 42a482e..b36474a 100644
--- a/index.php
+++ b/index.php
@@ -49,6 +49,11 @@ if(isset($_SESSION['info_login'])) {
   echo  '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['info_login'].'</div>';
   $_SESSION['info_login']=null;
 }
+// wrong pass
+if(isset($_SESSION['wrong_pass'])) {
+  echo  '<hr><div class="alert alert-danger" role="alert">'.$_SESSION['wrong_pass'].'</div>';
+  $_SESSION['wrong_pass']=null;
+}
 
 ?>
 </form>