1
I’m making a portal, and to register need Cpf and email. Then I send a confirmation email, it clicks on the link and its situation in my comic changes. So the user can access the portal. It will only have one page, and all users will use the same page, only the data that will come from the api will be different from each one. How do I know that the user who entered (I need to know from Cpf) is such person to put the data, and such.
Page index.php
<?php session_start(); include 'config/conexao.php';
?>
<!DOCTYPE html>
<html lang="pt-br">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- As 3 meta tags acima *devem* vir em primeiro lugar dentro do `head`; qualquer outro conteúdo deve vir *após* essas tags -->
<title>Lojas Guido | Portal do Cliente - Login</title>
<link href="https://fonts.googleapis.com/css?family=Lato:300,400,700" rel="stylesheet">
<!-- Bootstrap -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" media="all">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
<link rel="icon" href="img/icon/guido.ico" type="image/x-icon">
<link href="css/style.css" rel="stylesheet" media="all">
<script src="js/jquery-3.2.1.min.js"></script>
<script>
$(function(){
$("#footer").load("footer.php");
});
</script>
</head>
<body>
<nav class="navbar navbar-default navbar-fixed-top fot" role="navigation">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#elementoCollapse1">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a href="http://lojasguido.com.br/" target="_blank" class="navbar-brand links nome">Lojas Guido</a>
<a href="https://www.facebook.com/lojasguido/" target="_blank" class="navbar-brand links nome"></span><span class="fa fa-facebook-square" style="font-size:24px"></span></a>
<a href="https://www.google.com/search?q=lojas+guido&npsic=0&rflfq=1&rlha=0&rllag=-9663965,-35738591,201&tbm=lcl&ved=0ahUKEwi4-pKZsoLYAhXJkOAKHexfD34QtgMIKw&tbs=lrf:!2m1!1e2!2m1!1e3!3sIAE,lf:1,lf_ui:10&rldoc=1#rlfi=hd:;si:;mv:!1m3!1d9280.090187594818!2d-35.724626199999996!3d-9.6568108!2m3!1f0!2f0!3f0!3m2!1i791!2i453!4f13.1;tbs:lrf:!2m1!1e2!2m1!1e3!3sIAE,lf:1,lf_ui:10" target="_blank" class="navbar-brand links nome"></span><span class="fa fa-map-marker" style="font-size:24px"></span></a>
</div>
<div class="collapse navbar-collapse" id="elementoCollapse1">
<div class="navbar-form navbar-right">
<a class="btn btn-default" href="cadastro.php" role="button">Cadastrar</a>
</div>
</div>
</div>
</nav>
</div>
<div class="container">
<div class="row-fluid">
<div class="col-xs-12 ok">
<h1 class="portal">Portal do Cliente</h1>
<div class="form-login">
<h2>Entrar</h2>
<form name="formulario" id="formEnvia" method="POST">
<?php
include "config/valida.php";
?>
<label >CPF*</label>
<span>Apenas números</span>
<input type="text" id="cpf" name="cpf" class="form-control input-lg" placeholder="000.000.000-00" maxlength="14"
title="Digite apenas números" required />
<br>
<label inputemail>E-mail*:</label>
<input type="email" id="email" name="email" class="form-control input-lg " placeholder="[email protected]" maxlength="50" required/>
<br>
<button type="submit" name="valida" id="valida" value="valida" onclick="valida_envio()" class="btn btn-primary btn-lg btn-block">
<span class="glyphicon glyphicon-ok"></span>
<span id="cpf"></span>Acessar</button>
<br>
<span>Não possui cadastro?</span> <a class="btn btn-default bot" href="cadastro.php" role="button">Cadastre-se</a>
</form>
</div>
</div>
</div>
</div>
<br>
<br><br>
<!-- RODAPÉ -->
<div id="footer"></div>
<!-- FIM RODAPÉ -->
<script src="js/jquery-3.2.1.min.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" ></script>
<script src="js/ValidaCpf.js"></script>
<script src="js/jquery.maskedinput.js" type="text/javascript"></script>
</body>
</html>
Page valida.php
<?php
require_once "config/conexao.php";
if(isset($_REQUEST['valida'])){
$var1 = $_REQUEST['cpf'];
$var2 = $_REQUEST['email'];
$query = "SELECT `leados`.`email`, `leados`.`cpf`, `links_emaos`.`situacao` from `leados` INNER JOIN `links_emaos` ON `leados`.`id` = `links_emaos`.`leado_id` WHERE situacao = '2' AND cpf='$var1' AND email= '$var2'";
$querySelect = mysqli_query($conn,$query);
if ($received_token === token()) {
if(mysqli_num_rows($querySelect) == 0){
$mensagem = "<div class='alert alert-danger'>CPF ou E-mail incorreto!</div>";
printf ($mensagem);
}else {
$_SESSION['cpf'] = $var1;
$_SESSION['email'] = $var2;
header("Location:postagem.php");
}
}else {
$mensagem = "<div class='alert alert-danger'>Você não tem autorização para entrar!</div>";
printf ($mensagem);
}
}
Note: I deleted the token codes
by what it seems to me you are saving Cpf and his email in a Session, you cannot use this value to indicate to your api which user is logged in?
– Leandro Angelo
I did in the 3 pages that exists on the site (already after logging in) <body onload="load();"> <?php $secao_cpf = $_SESSION['Cpf']; $secao_email = $_SESSION['email']; ? > But I don’t know if it already makes the api know the Cpf logged in
– Maria