fixed auth bugs

mychidarko · mychidarko · commit 6a5dfec54bcf · 2019-12-11T19:07:21.000Z
diff --git a/src/core/auth.php b/src/core/auth.php
@@ -36,17 +36,27 @@ public function basicLogin($username, $password, $password_encode = "md5") {
 			"username" => "validusername",
 			"password" => "required"
 		]);
+		if (!$this->select("users", "*", "username = ?", [$username])->fetchObj()) {
+			$this->form->errorsArray["username"] = "Username doesn't exist";
+		}
 		if (!empty($this->form->errors())) {
             $this->response->respond([
                 "errors" => $this->form->errors()
-            ]);
+			]);
+			exit();
         } else {
 			if ($password_encode == "md5") {
 				$password = md5($password);
 			} else {
 				$password = \base64_encode($password);
 			}
 			$user = $this->select("users", "*", "username = ? AND password = ?", [$username, $password])->fetchObj();
+			if (!$user) {
+				$this->response->respond([
+					"errors" => "Password is incorrect"
+				]);
+				exit();
+			}
 			$token = $this->token->generateSimpleToken($user->id, "User secret key");
 			$user->token = $token;
 			unset($user->password);
@@ -62,13 +72,20 @@ public function basicRegister($username, $email, $password, $confirm_password, $
 			"password" => "required",
 			"confirm_password" => "required"
 		]);
+		if ($this->select("users", "*", "username = ?", [$username])->fetchObj()) {
+			$this->form->errorsArray["username"] = "Username already exists";
+		}
+		if ($this->select("users", "*", "email = ?", [$email])->fetchObj()) {
+			$this->form->errorsArray["email"] = "Email is already registered";
+		}
 		if ($password != $confirm_password) {
-			$this->form->errors["password"] = "Your passwords don't match";
+			$this->form->errorsArray["password"] = "Your passwords don't match";
 		}
 		if (!empty($this->form->errors())) {
             $this->response->respond([
                 "errors" => $this->form->errors()
-            ]);
+			]);
+			exit();
         } else {
 			if ($password_encode == "md5") {
 				$password = md5($password);
diff --git a/src/core/db/mysqli.php b/src/core/db/mysqli.php
@@ -41,8 +41,6 @@ public function query(string $sql, array $params = [], string $types = ''): self
 				exit();
 			}
 
-			if(!is_array($params)) $params = [$params];
-
 			if(!$types) $types = str_repeat('s', count($params));
 
 			if(!$params) {

Original file line number	Diff line number	Diff line change
`@@ -41,8 +41,6 @@ public function query(string $sql, array $params = [], string $types = ''): self`
`41`	`41`	`exit();`
`42`	`42`	`}`
`43`	`43`
`44`		`- if(!is_array($params)) $params = [$params];`
`45`		`-`
`46`	`44`	`if(!$types) $types = str_repeat('s', count($params));`
`47`	`45`
`48`	`46`	`if(!$params) {`