]> jfr.im git - irc/unrealircd/unrealircd-webpanel.git/blame - login/index.php
projects / irc / unrealircd / unrealircd-webpanel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Setup major reshuffle: split up in pre-auth: backend & user creation, and
[irc/unrealircd/unrealircd-webpanel.git] / login / index.php
CommitLineData
6930484c
VP		 1
2<?php
3require_once "../common.php";
4
5$logout = false;
bc75e1cb 6
ea90b321 7$redirect = get_config("base_url");
bc75e1cb
BM		 8if (!empty($_GET['redirect']))
9{
10 $str = urldecode($_GET['redirect']);
ea90b321 11 if (str_starts_with($str, get_config("base_url"))) // prevent redirects to like https://othersite/
bc75e1cb
BM		 12 $redirect = $_GET['redirect'];
13}
14
ea90b321 15$redirect = (isset($_GET['redirect'])) ? $_GET['redirect'] : get_config("base_url");
6930484c
VP		 16if (!empty($_GET['logout']))
17{
18 if (!isset($_SESSION['id']))
19 $failmsg = "Nothing to logout from";
20 else {
148df839 21 $_SESSION = NULL;
6930484c
VP		 22 session_destroy();
23 $logout = true;
24 }
25}
39206f24
VP		 26if (!empty($_GET['timeout']))
27{
28 $failmsg = "Your session has timed out. Please login again to continue";
29 $_SESSION = NULL;
30 session_destroy();
31}
6930484c
VP		 32if (!empty($_POST))
33{
34 if ($_POST['username'] && $_POST['password'])
35 {
6930484c 36 $user = new PanelUser($_POST['username']);
6930484c 37 /* not being too informative with the login error in case of attackers */
c44f6efa 38 if (isset($user->id) && $user->password_verify($_POST['password']))
6930484c
VP		 39 {
40 $_SESSION['id'] = $user->id;
e9996356 41 $user->add_meta("last_login", date("Y-m-d H:i:s"));
c44f6efa 42 Hook::run(HOOKTYPE_USER_LOGIN, $user);
54b9603c
BM		 43
44 /* Middle of install? Override redirect: */
45 if (!isset($config['unrealircd']) || empty($config['unrealircd']['host']))
46 $redirect = get_config("base_url")."settings/install2.php";
47 header('Location: ' . $redirect);
c44f6efa 48 die();
6930484c
VP		 49 }
50 else
51 {
c44f6efa
VP		 52 $fail = [
53 "login" => htmlspecialchars($_POST['username']),
54 "IP" => $_SERVER['REMOTE_ADDR']
55 ];
56 Hook::run(HOOKTYPE_USER_LOGIN_FAIL, $fail);
6930484c
VP		 57 $failmsg = "Incorrect login";
58 }
59
60 }
61 else
62 $failmsg = "Couldn't log you in: Missing credentials";
63}
64
65?><!DOCTYPE html>
66<head>
ea90b321
BM		 67<link href="<?php echo get_config("base_url"); ?>css/unrealircd-admin.css" rel="stylesheet">
68<script src="<?php echo get_config("base_url"); ?>js/unrealircd-admin.js"></script>
6930484c
VP		 69 <!-- Latest compiled and minified CSS -->
70<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css">
71
72<!-- jQuery library -->
73<script src="https://cdn.jsdelivr.net/npm/jquery@3.6.1/dist/jquery.slim.min.js"></script>
74
75<!-- Popper JS -->
76<script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js"></script>
77
78<!-- Latest compiled JavaScript -->
79<script src="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js"></script>
80
81<!-- Font Awesome icons -->
82<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css">
83
ea90b321 84<link rel="icon" type="image/x-icon" href="<?php echo get_config("base_url"); ?>img/favicon.ico">
2405dc8e 85<title>UnrealIRCd Panel</title>
584066dc 86</head>
012c8a3e
VP		 87<section class="vh-100">
88 <div class="container py-5 h-10">
89 <div class="row d-flex justify-content-center align-items-center h-100">
90 <div class="col-12 col-md-8 col-lg-6 col-xl-5">
91 <div class="card shadow-2-strong" style="border-radius: 1rem;">
92 <div class="card-body p-5 text-center">
cf6697ac 93 <form id="login" method="post" action="index.php?redirect=<?php echo $redirect; ?>">
ea90b321 94 <h3><img src="<?php echo get_config("base_url"); ?>img/favicon.ico"> Log in to use Admin Panel</h3>
012c8a3e
VP		 95
96 <?php
97 if (isset($failmsg)) Message::Fail($failmsg);
98 if ($logout)
99 Message::Success("You have been logged out");
100 ?>
101 <div class="input-group">
cf6697ac 102 <div id="username" class="input-group mb-3">
012c8a3e
VP		 103 <div class="input-group-prepend">
104 <span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-user"></i></span>
cf6697ac
VP		 105 </div><input type="text" id="userinp" class="form-control" name="username" placeholder="Username" aria-label="Username" aria-describedby="basic-addon1">
106 <div id="user_inv" class="invalid-feedback">
107 Username cannot be empty.
108 </div>
109
012c8a3e 110 </div>
cf6697ac 111 <div id="password" class="input-group mb-3">
012c8a3e
VP		 112 <div class="input-group-prepend">
113 <span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-key"></i></span>
cf6697ac
VP		 114 </div><input type="password" id="passinp" class="form-control" name="password" placeholder="Password">
115 <div id="pass_inv" class="invalid-feedback">
116 Password cannot be empty.
117 </div>
118
012c8a3e 119 </div>
2405dc8e 120
012c8a3e
VP		 121 </div>
122 <button type="submit" class="btn btn-primary btn-block">Log-In</button>
123 </form>
124 </div>
125 </div>
6930484c 126 </div>
2405dc8e 127</div>
012c8a3e 128</div></section>
cf6697ac
VP		 129
130<script>
131 var form = document.getElementById('login');
132 var pinp = document.getElementById('passinp');
133 var uinp = document.getElementById('userinp');
134
135 form.addEventListener('submit', (event) =>
136 {
137 event.preventDefault();
138 var err = 0;
139 if (uinp.value.length == 0)
140 {
141 $('#user_inv').show();
142 err++;
143 }
144 if (pinp.value.length == 0)
145 {
146 $('#pass_inv').show();
147 err++;
148 }
149 if (err)
150 return;
151 else
152 form.submit();
153 });
154</script>
155
6930484c 156<?php require_once "../footer.php";
Unnamed repository; edit this file 'description' to name the repository.