Lagde innloggingsise

admin.php

@@ -27,6 +27,14 @@
     </style>
 </head>
 <body>
+  <nav>
+  <menu>
+    <li class="selected"><a href="#">Dashbord</a></li>
+    <li class="disabled"><a href="/registrering.php">Registrer passering på matpost/mål</a></li>
+    <li class="disabled"><a href="/db_editor.html">Endre løperbase</a></li>
+  </menu>
+</nav>
+  <button class="danger" onclick="log_out()">Logg ut</button>
   <h2>Simple Form</h2>
   <form action="/runner.php" method="POST">
     <label for="password">Passord:</label><br>
@@ -42,5 +50,21 @@
   </form>
 
 </div>
+<script>
+  function log_out(){
+    localStorage.removeItem("navn");
+    localStorage.removeItem("passord");
+    window.location.href = "/login.html";
+  }
+
+  let xmlHttpReq = new XMLHttpRequest();
+  xmlHttpReq.open("POST", "/is_authorized.php", false);
+  xmlHttpReq.setRequestHeader("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8")
+  xmlHttpReq.send("username=" + localStorage.getItem("navn")+"&"+"password=" + localStorage.getItem("passord"));
+  if (xmlHttpReq.status != 200){
+      window.location.href = "/login.html";
+  }
+
+</script>
 </body>
 </html>

db_editor.html

@@ -0,0 +1,69 @@
+<!DOCTYPE html>
+<html lang="no">
+<head>
+    <meta charset="UTF-8" />
+    <title>EKT</title>
+    <meta name="viewport" content="width=device-width,initial-scale=1" />
+    <meta name="description" content="Elektronisk Kadaver Tidtakningssystem" />
+    <link rel="stylesheet" href="matcha.css">
+    <style>
+      body {
+        padding: 0;
+      }
+      .settings {
+        padding: 0 1.5rem;
+      }
+      fieldset {
+          display: flex;
+          flex-wrap: wrap;
+          justify-content: space-evenly;
+      }
+      .bg-success {
+        background: var(--bg-success) !important;
+      }
+      .bg-active {
+        background: var(--bg-active) !important;
+      }
+    </style>
+</head>
+<body>
+  <nav>
+  <menu>
+    <li class="disabled"><a href="/admin.php">Dashbord</a></li>
+    <li class="disabled"><a href="/registrering.php">Registrer passering på matpost/mål</a></li>
+    <li class="selected"><a href="/db_editor.html">Endre løperbase</a></li>
+  </menu>
+</nav>
+  <h2>Simple Form</h2>
+  <form action="/runner.php" method="POST">
+    <label for="password">Passord:</label><br>
+    <input type="text" id="password" name="password" required><br><br>
+
+    <label for="id">Startnummer:</label><br>
+    <input type="text" id="id" name="id" required><br><br>
+
+    <label for="navn">Navn:</label><br>
+    <input type="text" id="name" name="input2"><br><br>
+
+    <button type="submit">Submit</button>
+  </form>
+
+</div>
+<script>
+  function log_out(){
+    localStorage.removeItem("navn");
+    localStorage.removeItem("passord");
+    window.location.href = "/login.html";
+  }
+
+  let xmlHttpReq = new XMLHttpRequest();
+  xmlHttpReq.open("POST", "/is_authorized.php", false);
+  xmlHttpReq.setRequestHeader("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8")
+  xmlHttpReq.send("username=" + localStorage.getItem("navn")+"&"+"password=" + localStorage.getItem("passord"));
+  if (xmlHttpReq.status != 200){
+      window.location.href = "/login.html";
+  }
+
+</script>
+</body>
+</html>

is_authorized.php

@@ -0,0 +1,16 @@
+<?php
+$hash = file_get_contents("hash.txt");
+$method = $_SERVER['REQUEST_METHOD'];
+if ($method == "POST") {
+    $password = $_POST['password'];
+    if (!password_verify($password, $hash)) {
+        http_response_code(response_code: 401);
+    }
+    else {
+        http_response_code(response_code: 200);
+    }
+}
+else {
+        http_response_code(response_code: 405);
+    }
+

login.html

@@ -0,0 +1,53 @@
+<!doctype html>
+<html lang="en">
+<head>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1">
+  <title>Login (GET)</title>
+  <!-- Matcha.css -->
+  <link rel="stylesheet" href="matcha.css">
+  <main>
+    <h2>Login</h2>
+    <form method="POST" action="/is_authorized.php" id="login">
+      <label for="username">Navn</label>
+      <input id="navn" name="username" type="text" required>
+
+      <label for="password">Passord</label>
+      <input id="password" name="password" type="password" required>
+      <div class="flash danger" style="display: none;" id="feil">Feil passord</div>
+
+      <button type="submit">Log inn</button>
+      
+    </form>
+  </main>
+</body>
+</html>
+
+
+<script>
+let xmlHttpReq = new XMLHttpRequest();
+xmlHttpReq.open("POST", "/is_authorized.php", false);
+xmlHttpReq.setRequestHeader("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8")
+xmlHttpReq.send("username=" + localStorage.getItem("navn")+"&"+"password=" + localStorage.getItem("passord"));
+if (xmlHttpReq.status == 200){
+    window.location.replace("/admin.php");
+}
+
+document.forms["login"].addEventListener("submit", async (event) => {
+  event.preventDefault();
+  const resp = await fetch(event.target.action, {
+    method: "POST",
+    body: new URLSearchParams(new FormData(event.target)),
+  });
+  const status = await resp.status;
+  if (status == 200){
+    localStorage.setItem("navn", document.getElementById('navn').value);
+    localStorage.setItem("passord", document.getElementById('password').value);
+    window.location.replace("/admin.php");
+  }
+  else{
+    document.getElementById('feil').style.display = "block"
+  }
+});
+localStorage.setItem("name", "Chris");
+</script>