2AcXQBwj

1<?php
2 require "./includes/db.php";
3  require "./includes/captcha.php";
4 $data = $_POST;
5
6 if( isset($data['do_login']) )
7 {
8if (isset($_POST['g-recaptcha-response'])) {
9$url_to_google_api = "https://www.google.com/recaptcha/api/siteverify";
10
11$secret_key = '6Leb9GgUAAAAAJMlFXuEgiJwFNblWZIJTVUVA7XO';
12
13$query = $url_to_google_api . '?secret=' . $secret_key . '&response=' . $_POST['g-recaptcha-response'] . '&remoteip=' . $_SERVER['REMOTE_ADDR'];
14
15$data = json_decode(file_get_contents($query));
16
17if ($data->success) {
18 echo 'okey';
19}
20
21else {
22echo('Вы не прошли валидацию reCaptcha');
23}
24
25}
26 	$errors = array();
27
28
29 	$user = R::findOne('users', 'login = ?', array($data['login']));
30 	if( $user )
31 	{
32 		// логин существует
33 		if( password_verify($data['password'], $user->password) )
34 		{
35 			// логиним пользователя
36 			$_SESSION['logged_user'] = $user;
37 			
38 		} else {
39 			$errors[] = 'Неверно введен пароль!';
40 		}
41
42 	} else {
43 		$errors[] = 'Пользователь с таким логином не найден!';
44 	}
45
46 	if( ! empty($errors) )
47 	{
48 		echo '<div>'.array_shift($errors).'</div>';
49 	}
50
51
52
53 }
54
55 
56
57 ?>
58
59<!DOCTYPE html>
60<html lang="en">
61<head>
62<meta charset="UTF-8">
63<title>Document</title>
64<script src='https://www.google.com/recaptcha/api.js'></script>
65<form action="/login.php" method="POST">
66	
67	<p>
68		<strong>Ваш логин:</strong><br>
69		<input type="text" name="login" value="<?php echo @$data['login']; ?>">
70	</p>
71
72	<p>
73		<strong>Ваш пароль:</strong><br>
74		<input type="password" name="password">
75	</p>
76
77
78<div class="g-recaptcha" data-sitekey="6Leb9GgUAAAAAH9WYbFBTbRn6aJP7y4p5hJsAAc3"></div>
79	<p>
80		<button type="submit" name="do_login">Войти</button>
81	</p>
82
83</form>
84</body>
85</html>