Bot Discord - Commit completo con todos los cambios

login.php

@@ -0,0 +1,69 @@
+<?php
+ini_set('session.cookie_secure', 1);
+ini_set('session.cookie_httponly', 1);
+if (session_status() === PHP_SESSION_NONE) {
+    session_start();
+}
+
+// If user is already logged in, redirect to index.php
+if (isset($_SESSION['user_id'])) {
+    header('Location: index.php');
+    exit();
+}
+
+// Generate CSRF token
+if (empty($_SESSION['csrf_token'])) {
+    $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
+}
+$csrf_token = $_SESSION['csrf_token'];
+
+// Incluir el helper de URLs
+require_once __DIR__ . '/includes/url_helper.php';
+
+$error = $_GET['error'] ?? '';
+?>
+<!DOCTYPE html>
+<html lang="es">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Iniciar Sesión - Bot Discord</title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+</head>
+<body style="background-image: url('<?php echo site_url('galeria/login.png'); ?>'); background-size: cover; background-repeat: no-repeat; background-position: center center;">
+    <div class="container-fluid">
+        <div class="row justify-content-center align-items-center vh-100">
+            <div class="col-md-4">
+                <div class="card">
+                    <div class="card-body">
+                        <h3 class="card-title text-center mb-4">Iniciar Sesión</h3>
+                        <?php if ($error === 'invalid_credentials'): ?>
+                            <div class="alert alert-danger">Usuario o contraseña incorrectos.</div>
+                        <?php elseif ($error === 'missing_fields'): ?>
+                            <div class="alert alert-danger">Por favor, completa todos los campos.</div>
+                        <?php elseif ($error === 'db_error'): ?>
+                             <div class="alert alert-danger">Error del sistema. Inténtalo más tarde.</div>
+                        <?php elseif ($error === 'csrf_error'): ?>
+                             <div class="alert alert-danger">Error de validación. Por favor, inténtalo de nuevo.</div>
+                        <?php endif; ?>
+                        <form action="<?php echo site_url('includes/auth.php'); ?>" method="POST">
+                            <input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($csrf_token); ?>">
+                            <div class="mb-3">
+                                <label for="username" class="form-label">Usuario</label>
+                                <input type="text" class="form-control" id="username" name="username" required>
+                            </div>
+                            <div class="mb-3">
+                                <label for="password" class="form-label">Contraseña</label>
+                                <input type="password" class="form-control" id="password" name="password" required>
+                            </div>
+                            <div class="d-grid">
+                                <button type="submit" class="btn btn-primary">Entrar</button>
+                            </div>
+                        </form>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</body>
+</html>