[irc/unrealircd/unrealircd-webpanel.git] / login / index.php


<?php
require_once "../common.php";

$logout = false;

$redirect = BASE_URL;
if (!empty($_GET['redirect']))
{
	$str = urldecode($_GET['redirect']);
	if (str_starts_with($str, BASE_URL)) // prevent redirects to like https://othersite/
		$redirect = $_GET['redirect'];
}

$redirect = (isset($_GET['redirect'])) ? $_GET['redirect'] : BASE_URL;
if (!empty($_GET['logout']))
{
	if (!isset($_SESSION['id']))
		$failmsg = "Nothing to logout from";
	else {
		$_SESSION = NULL;
		session_destroy();
		$logout = true;
	}
}
if (!empty($_GET['timeout']))
{
	$failmsg = "Your session has timed out. Please login again to continue";
	$_SESSION = NULL;
	session_destroy();
}
if (!empty($_POST))
{
	if ($_POST['username'] && $_POST['password'])
	{
		
		/* securitah */
		security_check();
		$user = new PanelUser($_POST['username']);
		/* not being too informative with the login error in case of attackers */
		if (isset($user->id) && $user->password_verify($_POST['password']))
		{
			$_SESSION['id'] = $user->id;
			header('Location: ' . $redirect);
			$user->add_meta("last_login", date("Y-m-d H:i:s"));
			Hook::run(HOOKTYPE_USER_LOGIN, $user);
			die();
		}
		else
		{
			$fail = [
				"login" => htmlspecialchars($_POST['username']),
				"IP" => $_SERVER['REMOTE_ADDR']
			];
			Hook::run(HOOKTYPE_USER_LOGIN_FAIL, $fail);
			$failmsg = "Incorrect login";
		}

	}
	else
	$failmsg = "Couldn't log you in: Missing credentials";
}

?><!DOCTYPE html>
<head>
<link href="<?php echo BASE_URL; ?>css/unrealircd-admin.css" rel="stylesheet">
<script src="<?php echo BASE_URL; ?>js/unrealircd-admin.js"></script>
 <!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css">

<!-- jQuery library -->
<script src="https://cdn.jsdelivr.net/npm/jquery@3.6.1/dist/jquery.slim.min.js"></script>

<!-- Popper JS -->
<script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js"></script>

<!-- Latest compiled JavaScript -->
<script src="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js"></script>

<!-- Font Awesome icons -->
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css">

<link rel="icon" type="image/x-icon" href="<?php echo BASE_URL; ?>img/favicon.ico">
<title>UnrealIRCd Panel</title>
</head>
<section class="vh-100">
  <div class="container py-5 h-10">
	<div class="row d-flex justify-content-center align-items-center h-100">
	  <div class="col-12 col-md-8 col-lg-6 col-xl-5">
		<div class="card shadow-2-strong" style="border-radius: 1rem;">
		  <div class="card-body p-5 text-center">
			<form method="post" action="index.php?redirect=<?php echo $redirect; ?>">
				<h3><img src="<?php echo BASE_URL; ?>img/favicon.ico">	Log in to use Admin Panel</h3>
				
					<?php 
					if (isset($failmsg)) Message::Fail($failmsg);
					if ($logout)
						Message::Success("You have been logged out");
					?>
					<div class="input-group">
					<div class="input-group mb-3">
						<div class="input-group-prepend">
							<span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-user"></i></span>
						</div><input type="text" class="form-control" name="username" id="username" placeholder="Username" aria-label="Username" aria-describedby="basic-addon1">
					</div>
					<div class="input-group mb-3">
						<div class="input-group-prepend">
							<span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-key"></i></span>
						</div><input type="password" class="form-control" name="password" id="password" placeholder="Password">
					</div>

				</div>
				<button type="submit" class="btn btn-primary btn-block">Log-In</button>
			</form>
			</div>
		</div>
	</div>
</div>
</div></section>
<?php require_once "../footer.php";
Commit	Line	Data
6930484c VP	1
	2	<?php
	3	require_once "../common.php";
	4
	5	$logout = false;
bc75e1cb BM	6
	7	$redirect = BASE_URL;
	8	if (!empty($_GET['redirect']))
	9	{
	10	$str = urldecode($_GET['redirect']);
	11	if (str_starts_with($str, BASE_URL)) // prevent redirects to like https://othersite/
	12	$redirect = $_GET['redirect'];
	13	}
	14
6930484c	15	$redirect = (isset($_GET['redirect'])) ? $_GET['redirect'] : BASE_URL;
6930484c VP	16	if (!empty($_GET['logout']))
	17	{
	18	if (!isset($_SESSION['id']))
	19	$failmsg = "Nothing to logout from";
	20	else {
148df839	21	$_SESSION = NULL;
6930484c VP	22	session_destroy();
	23	$logout = true;
	24	}
	25	}
39206f24 VP	26	if (!empty($_GET['timeout']))
	27	{
	28	$failmsg = "Your session has timed out. Please login again to continue";
	29	$_SESSION = NULL;
	30	session_destroy();
	31	}
6930484c VP	32	if (!empty($_POST))
	33	{
	34	if ($_POST['username'] && $_POST['password'])
	35	{
	36
	37	/* securitah */
	38	security_check();
	39	$user = new PanelUser($_POST['username']);
6930484c	40	/* not being too informative with the login error in case of attackers */
c44f6efa	41	if (isset($user->id) && $user->password_verify($_POST['password']))
6930484c VP	42	{
	43	$_SESSION['id'] = $user->id;
	44	header('Location: ' . $redirect);
e9996356	45	$user->add_meta("last_login", date("Y-m-d H:i:s"));
c44f6efa VP	46	Hook::run(HOOKTYPE_USER_LOGIN, $user);
c44f6efa VP	47	die();
6930484c VP	48	}
	49	else
	50	{
c44f6efa VP	51	$fail = [
	52	"login" => htmlspecialchars($_POST['username']),
	53	"IP" => $_SERVER['REMOTE_ADDR']
	54	];
	55	Hook::run(HOOKTYPE_USER_LOGIN_FAIL, $fail);
6930484c VP	56	$failmsg = "Incorrect login";
	57	}
	58
	59	}
	60	else
	61	$failmsg = "Couldn't log you in: Missing credentials";
	62	}
	63
	64	?><!DOCTYPE html>
	65	<head>
2405dc8e VP	66	<link href="<?php echo BASE_URL; ?>css/unrealircd-admin.css" rel="stylesheet">
2405dc8e VP	67	<script src="<?php echo BASE_URL; ?>js/unrealircd-admin.js"></script>
6930484c VP	68	<!-- Latest compiled and minified CSS -->
	69	<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css">
	70
	71	<!-- jQuery library -->
	72	<script src="https://cdn.jsdelivr.net/npm/jquery@3.6.1/dist/jquery.slim.min.js"></script>
	73
	74	<!-- Popper JS -->
	75	<script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js"></script>
	76
	77	<!-- Latest compiled JavaScript -->
	78	<script src="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js"></script>
	79
	80	<!-- Font Awesome icons -->
	81	<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css">
	82
6930484c	83	<link rel="icon" type="image/x-icon" href="<?php echo BASE_URL; ?>img/favicon.ico">
2405dc8e	84	<title>UnrealIRCd Panel</title>
584066dc	85	</head>
012c8a3e VP	86	<section class="vh-100">
	87	<div class="container py-5 h-10">
	88	<div class="row d-flex justify-content-center align-items-center h-100">
	89	<div class="col-12 col-md-8 col-lg-6 col-xl-5">
	90	<div class="card shadow-2-strong" style="border-radius: 1rem;">
	91	<div class="card-body p-5 text-center">
	92	<form method="post" action="index.php?redirect=<?php echo $redirect; ?>">
	93	<h3><img src="<?php echo BASE_URL; ?>img/favicon.ico"> Log in to use Admin Panel</h3>
	94
	95	<?php
	96	if (isset($failmsg)) Message::Fail($failmsg);
	97	if ($logout)
	98	Message::Success("You have been logged out");
	99	?>
	100	<div class="input-group">
	101	<div class="input-group mb-3">
	102	<div class="input-group-prepend">
	103	<span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-user"></i></span>
	104	</div><input type="text" class="form-control" name="username" id="username" placeholder="Username" aria-label="Username" aria-describedby="basic-addon1">
	105	</div>
	106	<div class="input-group mb-3">
	107	<div class="input-group-prepend">
	108	<span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-key"></i></span>
	109	</div><input type="password" class="form-control" name="password" id="password" placeholder="Password">
	110	</div>
2405dc8e	111
012c8a3e VP	112	</div>
	113	<button type="submit" class="btn btn-primary btn-block">Log-In</button>
	114	</form>
	115	</div>
	116	</div>
6930484c	117	</div>
2405dc8e	118	</div>
012c8a3e	119	</div></section>
6930484c	120	<?php require_once "../footer.php";