]>
Commit | Line | Data |
---|---|---|
6930484c VP |
1 | |
2 | <?php | |
3 | require_once "../common.php"; | |
4 | ||
5 | $logout = false; | |
bc75e1cb | 6 | |
ea90b321 | 7 | $redirect = get_config("base_url"); |
bc75e1cb BM |
8 | if (!empty($_GET['redirect'])) |
9 | { | |
10 | $str = urldecode($_GET['redirect']); | |
ea90b321 | 11 | if (str_starts_with($str, get_config("base_url"))) // prevent redirects to like https://othersite/ |
bc75e1cb BM |
12 | $redirect = $_GET['redirect']; |
13 | } | |
14 | ||
ea90b321 | 15 | $redirect = (isset($_GET['redirect'])) ? $_GET['redirect'] : get_config("base_url"); |
6930484c VP |
16 | if (!empty($_GET['logout'])) |
17 | { | |
18 | if (!isset($_SESSION['id'])) | |
19 | $failmsg = "Nothing to logout from"; | |
20 | else { | |
148df839 | 21 | $_SESSION = NULL; |
6930484c VP |
22 | session_destroy(); |
23 | $logout = true; | |
24 | } | |
25 | } | |
39206f24 VP |
26 | if (!empty($_GET['timeout'])) |
27 | { | |
28 | $failmsg = "Your session has timed out. Please login again to continue"; | |
29 | $_SESSION = NULL; | |
30 | session_destroy(); | |
31 | } | |
6930484c VP |
32 | if (!empty($_POST)) |
33 | { | |
34 | if ($_POST['username'] && $_POST['password']) | |
35 | { | |
6930484c | 36 | $user = new PanelUser($_POST['username']); |
6930484c | 37 | /* not being too informative with the login error in case of attackers */ |
c44f6efa | 38 | if (isset($user->id) && $user->password_verify($_POST['password'])) |
6930484c VP |
39 | { |
40 | $_SESSION['id'] = $user->id; | |
e9996356 | 41 | $user->add_meta("last_login", date("Y-m-d H:i:s")); |
c44f6efa | 42 | Hook::run(HOOKTYPE_USER_LOGIN, $user); |
54b9603c BM |
43 | |
44 | /* Middle of install? Override redirect: */ | |
45 | if (!isset($config['unrealircd']) || empty($config['unrealircd']['host'])) | |
46 | $redirect = get_config("base_url")."settings/install2.php"; | |
47 | header('Location: ' . $redirect); | |
c44f6efa | 48 | die(); |
6930484c VP |
49 | } |
50 | else | |
51 | { | |
c44f6efa VP |
52 | $fail = [ |
53 | "login" => htmlspecialchars($_POST['username']), | |
54 | "IP" => $_SERVER['REMOTE_ADDR'] | |
55 | ]; | |
56 | Hook::run(HOOKTYPE_USER_LOGIN_FAIL, $fail); | |
6930484c VP |
57 | $failmsg = "Incorrect login"; |
58 | } | |
59 | ||
60 | } | |
61 | else | |
62 | $failmsg = "Couldn't log you in: Missing credentials"; | |
63 | } | |
64 | ||
65 | ?><!DOCTYPE html> | |
66 | <head> | |
ea90b321 BM |
67 | <link href="<?php echo get_config("base_url"); ?>css/unrealircd-admin.css" rel="stylesheet"> |
68 | <script src="<?php echo get_config("base_url"); ?>js/unrealircd-admin.js"></script> | |
6930484c VP |
69 | <!-- Latest compiled and minified CSS --> |
70 | <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css"> | |
71 | ||
72 | <!-- jQuery library --> | |
73 | <script src="https://cdn.jsdelivr.net/npm/jquery@3.6.1/dist/jquery.slim.min.js"></script> | |
74 | ||
75 | <!-- Popper JS --> | |
76 | <script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js"></script> | |
77 | ||
78 | <!-- Latest compiled JavaScript --> | |
79 | <script src="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js"></script> | |
80 | ||
81 | <!-- Font Awesome icons --> | |
82 | <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css"> | |
83 | ||
ea90b321 | 84 | <link rel="icon" type="image/x-icon" href="<?php echo get_config("base_url"); ?>img/favicon.ico"> |
2405dc8e | 85 | <title>UnrealIRCd Panel</title> |
584066dc | 86 | </head> |
012c8a3e VP |
87 | <section class="vh-100"> |
88 | <div class="container py-5 h-10"> | |
89 | <div class="row d-flex justify-content-center align-items-center h-100"> | |
90 | <div class="col-12 col-md-8 col-lg-6 col-xl-5"> | |
91 | <div class="card shadow-2-strong" style="border-radius: 1rem;"> | |
92 | <div class="card-body p-5 text-center"> | |
cf6697ac | 93 | <form id="login" method="post" action="index.php?redirect=<?php echo $redirect; ?>"> |
ea90b321 | 94 | <h3><img src="<?php echo get_config("base_url"); ?>img/favicon.ico"> Log in to use Admin Panel</h3> |
012c8a3e VP |
95 | |
96 | <?php | |
97 | if (isset($failmsg)) Message::Fail($failmsg); | |
98 | if ($logout) | |
99 | Message::Success("You have been logged out"); | |
100 | ?> | |
101 | <div class="input-group"> | |
cf6697ac | 102 | <div id="username" class="input-group mb-3"> |
012c8a3e VP |
103 | <div class="input-group-prepend"> |
104 | <span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-user"></i></span> | |
cf6697ac VP |
105 | </div><input type="text" id="userinp" class="form-control" name="username" placeholder="Username" aria-label="Username" aria-describedby="basic-addon1"> |
106 | <div id="user_inv" class="invalid-feedback"> | |
107 | Username cannot be empty. | |
108 | </div> | |
109 | ||
012c8a3e | 110 | </div> |
cf6697ac | 111 | <div id="password" class="input-group mb-3"> |
012c8a3e VP |
112 | <div class="input-group-prepend"> |
113 | <span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-key"></i></span> | |
cf6697ac VP |
114 | </div><input type="password" id="passinp" class="form-control" name="password" placeholder="Password"> |
115 | <div id="pass_inv" class="invalid-feedback"> | |
116 | Password cannot be empty. | |
117 | </div> | |
118 | ||
012c8a3e | 119 | </div> |
2405dc8e | 120 | |
012c8a3e VP |
121 | </div> |
122 | <button type="submit" class="btn btn-primary btn-block">Log-In</button> | |
123 | </form> | |
124 | </div> | |
125 | </div> | |
6930484c | 126 | </div> |
2405dc8e | 127 | </div> |
012c8a3e | 128 | </div></section> |
cf6697ac VP |
129 | |
130 | <script> | |
131 | var form = document.getElementById('login'); | |
132 | var pinp = document.getElementById('passinp'); | |
133 | var uinp = document.getElementById('userinp'); | |
134 | ||
135 | form.addEventListener('submit', (event) => | |
136 | { | |
137 | event.preventDefault(); | |
138 | var err = 0; | |
139 | if (uinp.value.length == 0) | |
140 | { | |
141 | $('#user_inv').show(); | |
142 | err++; | |
143 | } | |
144 | if (pinp.value.length == 0) | |
145 | { | |
146 | $('#pass_inv').show(); | |
147 | err++; | |
148 | } | |
149 | if (err) | |
150 | return; | |
151 | else | |
152 | form.submit(); | |
153 | }); | |
154 | </script> | |
155 | ||
6930484c | 156 | <?php require_once "../footer.php"; |