Without cookies but working
diff --git a/dead.php b/dead.php
index 979eb27..2c3e3de 100644
--- a/dead.php
+++ b/dead.php
@@ -2,6 +2,31 @@
// Forget cookies
setcookie('user', '', -1, "/");
setcookie('password', '', -1, "/");
-
- echo "R.I.P.";
?>
+
+<html>
+ <head>
+ <meta charset="UTF-8">
+ <title>Pàgina de benvinguda</title>
+
+ <meta name="viewport" content="width=device-width, initial-scale=1">
+
+ <link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" />
+ <link rel="stylesheet" href="./css/basic.css" />
+
+ <script src="https://code.jquery.com/jquery-3.4.1.min.js"></script>
+ <script src="https://rawgit.com/notifyjs/notifyjs/master/dist/notify.js"></script>
+
+ <script src="./js/utils.js"></script>
+ </head>
+ <body>
+ <div id="outter-container">
+ <div id="inner-container">
+ <h1>Estàs mort!</h1>
+ <p>Torna a la pàgina principal.</p>
+ <a href="./index.php">Go back</a>
+ </div>
+ </div>
+ </body>
+</html>
+
diff --git a/index.php b/index.php
index 2e2a106..d04d957 100644
--- a/index.php
+++ b/index.php
@@ -21,7 +21,7 @@
<div id="inner-container">
<h1>Selecciona el teu nom</h1>
<p>Per entrar al joc de la Pastanaga Assessina</p>
- <form action="./php/login.php" method="POST">
+ <form action="./main.php" method="POST">
<input type="hidden" name="user" id="user">
<!-- MD Search Box -->
diff --git a/js/animations.js b/js/animations.js
index 5ceebf9..296cdd2 100644
--- a/js/animations.js
+++ b/js/animations.js
@@ -1,8 +1,6 @@
function change_victim(user) {
- $(".victima").fadeOut(400, function() {
- $(".victima").load('./ajax/victiminfo.php?userid=' + user.id + " #victim_info");
- $(".victima").fadeIn(400);
- });
+ let loadURL = './ajax/victiminfo.php?userid=' + user.id + ' #victim_info';
+ $(".victima").fadeOut('slow').load(loadURL).fadeIn('slow');
}
function read_message(msg, type) {
diff --git a/main.php b/main.php
index 1157677..955e6e9 100644
--- a/main.php
+++ b/main.php
@@ -2,14 +2,19 @@
require './credentials.php';
require './php/utils.php';
- $_COOKIE['user'] = $_GET['user'];
- $_COOKIE['password'] = $_GET['password'];
+ $user = (int)$_POST['user'];
+ $password = $_POST['password'] == '' ? '' : md5($_POST['password']);
- if (!isset($_COOKIE['user'])) {
+ // Check if password is correct
+ $query_password = "SELECT password FROM users WHERE id=".$user;
+ $real_password = query($query_password)->fetch_row()[0];
+ if ($real_password != $password) die("<script>window.location.href = './index.php?wrongpassword=1'</script>");
+
+ if (!isset($_POST['user'])) {
die("<script>window.location.href = './index.php'</script>");
- } else if (isset($_COOKIE['password'])) {
- $query_password = "SELECT password FROM users WHERE id=" . (int)$_COOKIE['user'];
- if (query($query_password)->fetch_row()[0] != $_COOKIE['password']) {
+ } else if (isset($_POST['password'])) {
+ $query_password = "SELECT password FROM users WHERE id=$user";
+ if (query($query_password)->fetch_row()[0] != $password) {
// Unset variables
setcookie('user', '', -1, "/");
setcookie('password', '', -1, "/");
@@ -37,7 +42,7 @@
<script src="./js/animations.js"></script>
<?php
- $user = get_users($_COOKIE['user']);
+ $user = get_users($user);
$victim = get_users($user->quimata);
if ($user->mort) die("<script>window.location.href = './dead.php'</script>");
?>
@@ -62,9 +67,9 @@
<h2>Hola <name id="user_name"><?=$user->nom()?></name>,</h2>
<div class="formulari_contrasenya">
- <p>Sembla que no tens clau d'accés, la gent podrà entrar a la teva compta...</p>
+ <p>Sembla que no tens clau d'accés, la gent podrà entrar al teu compte...</p>
<form action="./php/change_password.php" method="POST">
- <input type="hidden" value="<?=(int)$_COOKIE['user']?>" name="userid">
+ <input type="hidden" value="<?=(int)$_POST['user']?>" name="userid">
<input type="password" placeholder="Nova clau d'accés..." name="password" /><br />
<input type="password" placeholder="Repeteix la clau d'accés" name="confirmation"/><br />
<input type="submit" value="Posar clau d'accés">
diff --git a/php/login.php b/php/login.php
index fb8f923..abaac74 100644
--- a/php/login.php
+++ b/php/login.php
@@ -33,8 +33,6 @@
if ($real_password != "") setcookie('password', md5($password), time() + (86400 * 10), "/");
else setcookie('password', '', -1, "/");
- echo "<script>window.location.href = '../main.php?user=$user&password=$password'; </script>";
-
// Success, proceed to main page
- // die("<script>window.location.href = '../main.php?user='.$user.'&password='.$password</script>");
+ die("<script>window.location.href = '../main.php';</script>");
?>