Improved error handling
This commit is contained in:
scoliono
parent
896a3b29b5
commit
0de9a1b1d1
@ -1,10 +1,19 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
session_set_cookie_params(3600);
|
||||||
session_start();
|
session_start();
|
||||||
|
|
||||||
|
if (!isset($_SESSION['login_attempts'])) {
|
||||||
|
$_SESSION['login_attempts'] = 0;
|
||||||
|
}
|
||||||
|
|
||||||
$token = $_POST['token'];
|
$token = $_POST['token'];
|
||||||
|
|
||||||
if (!isset($_SESSION['uid'])) {
|
if (!isset($_SESSION['uid'])) {
|
||||||
|
if ($_SESSION['login_attempts'] >= 5) {
|
||||||
|
http_response_code(403);
|
||||||
|
die("Error: too many login attempts.");
|
||||||
|
}
|
||||||
if (!isset($token)) {
|
if (!isset($token)) {
|
||||||
?>
|
?>
|
||||||
<!DOCTYPE HTML>
|
<!DOCTYPE HTML>
|
||||||
@ -24,6 +33,7 @@ if (!isset($_SESSION['uid'])) {
|
|||||||
<?php
|
<?php
|
||||||
die;
|
die;
|
||||||
} else if ($token !== '1445') {
|
} else if ($token !== '1445') {
|
||||||
|
$_SESSION['login_attempts']++;
|
||||||
http_response_code(403);
|
http_response_code(403);
|
||||||
die("Error: incorrect token");
|
die("Error: incorrect token");
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
@ -8,7 +8,7 @@ unset($_SESSION['uid']);
|
|||||||
<!DOCTYPE HTML>
|
<!DOCTYPE HTML>
|
||||||
<html>
|
<html>
|
||||||
<head>
|
<head>
|
||||||
<meta http-equiv="refresh" content="3; /">
|
<meta http-equiv="refresh" content="1; /">
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<p>Signed out.</p>
|
<p>Signed out.</p>
|
||||||
|
|||||||
@ -21,7 +21,10 @@ if (!$query) {
|
|||||||
die("Error: {$conn->error}");
|
die("Error: {$conn->error}");
|
||||||
}
|
}
|
||||||
$query->bind_param("s", $email);
|
$query->bind_param("s", $email);
|
||||||
$query->execute();
|
if (!$query->execute()) {
|
||||||
|
http_response_code(500);
|
||||||
|
die("Error {$query->errno}: {$query->error}");
|
||||||
|
}
|
||||||
|
|
||||||
if ($query->affected_rows === 0) {
|
if ($query->affected_rows === 0) {
|
||||||
http_response_code(400);
|
http_response_code(400);
|
||||||
|
|||||||
@ -59,7 +59,9 @@ document.addEventListener('DOMContentLoaded', function () {
|
|||||||
}).then(function (res) {
|
}).then(function (res) {
|
||||||
if (!res.ok) {
|
if (!res.ok) {
|
||||||
res.json().then(function (err) {
|
res.json().then(function (err) {
|
||||||
|
if ('field' in err) {
|
||||||
document.querySelector('input[name="'+ err.field + '"]').classList.add('invalid');
|
document.querySelector('input[name="'+ err.field + '"]').classList.add('invalid');
|
||||||
|
}
|
||||||
alert(err.message);
|
alert(err.message);
|
||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
@ -1,5 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
#ini_set('display_errors', 1);
|
|
||||||
|
session_set_cookie_params(3600);
|
||||||
|
session_start();
|
||||||
|
|
||||||
$email = $_POST['email'];
|
$email = $_POST['email'];
|
||||||
$fname = $_POST['full_name'];
|
$fname = $_POST['full_name'];
|
||||||
@ -15,8 +17,9 @@ $phone_num = preg_replace("/[^0-9]/", '', $phone);
|
|||||||
if (strlen($phone_num) == 11)
|
if (strlen($phone_num) == 11)
|
||||||
$phone_num = preg_replace("/^1/", '', $phone_num);
|
$phone_num = preg_replace("/^1/", '', $phone_num);
|
||||||
|
|
||||||
if (!$email || preg_match($pattern, $email) !== 1 || !$fname || strlen($phone_num) != 10) {
|
if (!$email || preg_match($pattern, $email) !== 1 || !$fname || strlen($phone_num) !== 10) {
|
||||||
http_response_code(400);
|
http_response_code(400);
|
||||||
|
header('Content-Type: application/json');
|
||||||
die(json_encode([
|
die(json_encode([
|
||||||
'field' => 'email',
|
'field' => 'email',
|
||||||
'message' => 'Error: An email address, first name, and last name are required.'
|
'message' => 'Error: An email address, first name, and last name are required.'
|
||||||
@ -24,6 +27,7 @@ if (!$email || preg_match($pattern, $email) !== 1 || !$fname || strlen($phone_nu
|
|||||||
}
|
}
|
||||||
if ($gender && $gender !== 'm' && $gender !== 'f') {
|
if ($gender && $gender !== 'm' && $gender !== 'f') {
|
||||||
http_response_code(400);
|
http_response_code(400);
|
||||||
|
header('Content-Type: application/json');
|
||||||
die(json_encode([
|
die(json_encode([
|
||||||
'field' => 'full_name',
|
'field' => 'full_name',
|
||||||
'message' => 'Error: An invalid gender was given.'
|
'message' => 'Error: An invalid gender was given.'
|
||||||
@ -37,14 +41,33 @@ $query = $conn->prepare(
|
|||||||
);
|
);
|
||||||
if (!$query) {
|
if (!$query) {
|
||||||
http_response_code(500);
|
http_response_code(500);
|
||||||
|
header('Content-Type: application/json');
|
||||||
die(json_encode(['message' => $conn->error]));
|
die(json_encode(['message' => $conn->error]));
|
||||||
}
|
}
|
||||||
|
if (!isset($_SESSION['signups'])) {
|
||||||
|
$_SESSION['signups'] = 0;
|
||||||
|
} else if ($_SESSION['signups'] >= 5) {
|
||||||
|
http_response_code(429);
|
||||||
|
header('Content-Type: application/json');
|
||||||
|
die(json_encode(['message' => 'You are subscribing too often.']));
|
||||||
|
}
|
||||||
$query->bind_param(
|
$query->bind_param(
|
||||||
"sssss",
|
"sssss",
|
||||||
$email, $fname, $phone_num, $gender,
|
$email, $fname, $phone_num, $gender,
|
||||||
date("Y-m-d H:i:s")
|
date("Y-m-d H:i:s")
|
||||||
);
|
);
|
||||||
$query->execute();
|
if (!$query->execute()) {
|
||||||
|
http_response_code(500);
|
||||||
|
header('Content-Type: application/json');
|
||||||
|
if ($query->errno === 1062) {
|
||||||
|
http_response_code(400);
|
||||||
|
header('Content-Type: application/json');
|
||||||
|
die(json_encode(['message' => 'This email is already subscribed.', 'field' => 'email']));
|
||||||
|
} else {
|
||||||
|
die(json_encode(['message' => $query->error, 'errno' => $query->errno]));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$_SESSION['signups']++;
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<!DOCTYPE HTML>
|
<!DOCTYPE HTML>
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user