[REV] Staff Client PIN System

[Seriosk]

Hello, since everyone seems to be releasing staff pin systems at the moment I thought I would release my own I coded a few weeks back, the code is still up to date and works really well in my opinion, anyway here we go... Didn't really take my time with this so its pretty rusty, should of actually created a proper system for this instead of just dumping it in client.php

First, you need to execute this query to add a 'client_pin_code' column to your database.

ALTER TABLE `users` ADD `client_pin_code` INT(4) NOT NULL DEFAULT '1234';

Now, here is the PHP code, just put it before anything in your client.php file.

<?php
$minRank = 4; // Minimum rank to require pin.

if ($_SESSION['user']['rank'] >= $minRank)
{
    if ($_SESSION['user']['client_pin_code'] == '1234')
    {
        header("location: set_client_pin"); // default pin...
        exit();
    }
 
    if (!$_SESSION['user']['unlocked_client'])
    {
        header("location: enter_client_pin");
        exit();
    }
}
?>

set_client_pin.php:

<?php
if ($_SESSION['user']['client_pin_code'] != '1234')
{
    header("location: client");
    exit();
}

if (isset($_POST['set_pin_form_submit']))
{
    $pin = isset($_POST['pin_code']) ? $_POST['pin_code'] : '';
 
    if (strlen($pin) != 4 || !is_int($pin))
    {
        $error = 'You have entered an incorrect PIN code, try again.';
    }
 
    if ($pin == '1234')
    {
        $error = 'You can\'t use 1234 as your pin, its too obvious...';
    }
}
?>
<!DOCTYPE html>
<html lang="en-gb">
<head>
<title>{hotelName} - Pin Setup</title>
</head>
<body>
<?php
if (isset($error))
{
    echo '<font color="red">' . $error . '</font>';
}
else
{
    mysql_query("UPDATE `users` SET `client_pin_code` = '" . mysql_real_escape_string($pin) . "' WHERE `id` = '" . mysql_real_escape_string($_SESSION['user']['id']) . "' LIMIT 1");
 
    header("location: client");
    exit();
}
?>

<form name="set_pin_form" method="post">
<input type="text" name="pin_code" placeholder="Enter your pin">
<input type="submit" name="set_pin_form_submit" value="Set PIN">
</form>
</body>
</html>

enter_client_pin:

<?php
if (isset($_POST['set_pin_form_submit']) && $_SESSION['user']['client_pin_code'] != $_POST['pin_code'])
{
    $error = 'Incorrect pin';
}
?>
<!DOCTYPE html>
<html lang="en-gb">
<head>
<title>{hotelName} - Enter PIN</title>
</head>
<body>
<?php
if (isset($error))
{
    echo '<font color="red">' . $error . '</font>';
}
else
{
    $_SESSION['user']['client_unlocked'] = true;
    header("location: client");
    exit();
}
?>

<form name="enter_pin_form" method="post">
<input type="text" name="pin_code" placeholder="Enter your pin">
<input type="submit" name="enter_pin_form_submit" value="Enter">
</form>
</body>
</html>

So ye, that is the full code.. I could of done it a lot better by coding it with functions and all in one page but it was at a time where I just dint have the motivation to do that, if it doesn't work let me know its literally need sat in my CDN folder for weeks and I haven't even tested it, but if there are any issues I'll modify the post with fixed code.

No design?
Couldn't be bothered to code css for it so ye, sorry but I might add some css or a design for it later, heading off.

You might have to load client_pin_code column from class.users.php depending on what version of rev your on, some "SELECT *" shit but ye, your welcome.

Might do a 2.0 of this with ajax and no reloading if this gets support, let me know if you want that

 

[JynX]

Well done with this bro, maybe the missing CSS is a buzz kill, but other than that it's better than most we see on DevBest. Looking forward a 2.0 in ajax.