Better structure

Author: lorezvn

database/database.sql

@@ -9,8 +9,8 @@ CREATE TABLE IF NOT EXISTS users (
 );
 
 INSERT INTO users (username, password) VALUES
-    ('test', 'secret'),
     ('user', 'password'),
+    ('test', 'secret-password'),
     ('admin', 'admin');
 
 

src/home.php

@@ -1,38 +1,23 @@
-<?php
-    session_start();
+<?php include 'includes/header.php'; ?>
 
-    // Controlla se l'utente è autenticato
+<?php
+    // Verifica se l'utente ha effettuato l'accesso correttamente
     if (!isset($_SESSION['success'])) {
         header("Location: index.php");
         exit();
     }
 ?>
 
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>SQLi Homework</title>
-
-    <!-- Bootstrap CSS -->
-    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
-
-    <!-- Custom CSS -->
-    <link rel="stylesheet" href="assets/styles.css">
-</head>
-<body>
-    <div class="login-container">
-        <div class="login-box">
-            <h1 class="text-center">Welcome</h1>
-            <div class="text-center mt-4 mb-2">
-                <p>You have successfully logged in</p>
-            </div>
-            <div class="d-grid mt-4">
-                <a href="logout.php" class="btn btn-danger btn-block">Logout</a>
-            </div>
+<div class="login-container">
+    <div class="login-box">
+        <h1 class="text-center">Welcome</h1>
+        <div class="text-center mt-4 mb-2">
+            <p>You have successfully logged in</p>
+        </div>
+        <div class="d-grid mt-4">
+            <a href="logout.php" class="btn btn-danger btn-block">Logout</a>
         </div>
     </div>
+</div>
 
-</body>
-</html>
+<?php include 'includes/footer.php'; ?>

src/includes/footer.php

@@ -0,0 +1,2 @@
+</body>
+</html>

src/includes/header.php

@@ -0,0 +1,15 @@
+<?php
+    session_start();
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>SQLi Homework</title>
+
+    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
+
+    <link rel="stylesheet" href="assets/styles.css">
+</head>
+<body>

src/index.php

@@ -1,46 +1,29 @@
-<?php
-    session_start();
-?>
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>SQLi Homework</title>
+<?php include 'includes/header.php'; ?>
+<div class="login-container">
+    <div class="login-box">
+        <h2 class="text-center">Login</h2>
 
-    <!-- Bootstrap CSS -->
-    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
-
-    <!-- Custom CSS -->
-    <link rel="stylesheet" href="assets/styles.css">
-</head>
-<body>
-    <div class="login-container">
-        <div class="login-box">
-            <h2 class="text-center">Login</h2>
-
-            <form method="POST" action="login.php" class="mt-4">
-                <?php if (isset($_SESSION['error'])): ?>
-                    <div class="alert alert-danger" role="alert">
-                        <?php 
-                            echo $_SESSION['error'];
-                            unset($_SESSION['error']); 
-                        ?>
-                    </div>
-                <?php endif ?>
-                <div class="form-group mb-3">
-                    <label for="username">Username</label>
-                    <input type="text" class="form-control" name="username" placeholder="Enter username" autocomplete="off">
-                </div>
-                <div class="form-group mb-4">
-                    <label for="password">Password</label>
-                    <input type="password" class="form-control" name="password" placeholder="Enter password" autocomplete="off">
-                </div>
-                <div class="d-grid mt-4">
-                    <button type="submit" class="btn btn-primary btn-block">Continue</button>
+        <form method="POST" action="login.php" class="mt-4">
+            <?php if (isset($_SESSION['error'])): ?>
+                <div class="alert alert-danger" role="alert">
+                    <?php 
+                        echo $_SESSION['error'];
+                        unset($_SESSION['error']); 
+                    ?>
                 </div>
-            </form>
-        </div>
+            <?php endif ?>
+            <div class="form-group mb-3">
+                <label for="username">Username</label>
+                <input type="text" class="form-control" name="username" placeholder="Enter username" autocomplete="off">
+            </div>
+            <div class="form-group mb-4">
+                <label for="password">Password</label>
+                <input type="password" class="form-control" name="password" placeholder="Enter password" autocomplete="off">
+            </div>
+            <div class="d-grid mt-4">
+                <button type="submit" class="btn btn-primary btn-block">Continue</button>
+            </div>
+        </form>
     </div>
-</body>
-</html>
+</div>
+<?php include 'includes/footer.php'; ?>

src/login.php

@@ -26,7 +26,6 @@
         // multi_query per supportare query multiple (piggybacked queries)
         if ($conn->multi_query($sql)) {
             do {
-                // Store first result set
                 if ($result = $conn->store_result()) {
                     if ($result->num_rows > 0) {
                         $_SESSION['success'] = "Login successful!";
@@ -38,13 +37,12 @@
                     }
                     $result->free();
                 }
-                // Prepare for the next result set
             } while ($conn->next_result());
         } else {
+            $_SESSION['error'] = "An error occurred. Please try again.";
             header("Location: index.php");
         }
 
-
         $conn->close();
         exit();