]>
Commit | Line | Data |
---|---|---|
6930484c VP |
1 | |
2 | <?php | |
3 | require_once "../common.php"; | |
4 | ||
5 | $logout = false; | |
bc75e1cb | 6 | |
ea90b321 | 7 | $redirect = get_config("base_url"); |
bc75e1cb BM |
8 | if (!empty($_GET['redirect'])) |
9 | { | |
10 | $str = urldecode($_GET['redirect']); | |
ea90b321 | 11 | if (str_starts_with($str, get_config("base_url"))) // prevent redirects to like https://othersite/ |
bc75e1cb BM |
12 | $redirect = $_GET['redirect']; |
13 | } | |
14 | ||
ea90b321 | 15 | $redirect = (isset($_GET['redirect'])) ? $_GET['redirect'] : get_config("base_url"); |
6930484c VP |
16 | if (!empty($_GET['logout'])) |
17 | { | |
18 | if (!isset($_SESSION['id'])) | |
19 | $failmsg = "Nothing to logout from"; | |
20 | else { | |
148df839 | 21 | $_SESSION = NULL; |
6930484c VP |
22 | session_destroy(); |
23 | $logout = true; | |
24 | } | |
25 | } | |
39206f24 VP |
26 | if (!empty($_GET['timeout'])) |
27 | { | |
28 | $failmsg = "Your session has timed out. Please login again to continue"; | |
29 | $_SESSION = NULL; | |
30 | session_destroy(); | |
31 | } | |
6930484c VP |
32 | if (!empty($_POST)) |
33 | { | |
34 | if ($_POST['username'] && $_POST['password']) | |
35 | { | |
6930484c | 36 | $user = new PanelUser($_POST['username']); |
6930484c | 37 | /* not being too informative with the login error in case of attackers */ |
c44f6efa | 38 | if (isset($user->id) && $user->password_verify($_POST['password'])) |
6930484c VP |
39 | { |
40 | $_SESSION['id'] = $user->id; | |
41 | header('Location: ' . $redirect); | |
e9996356 | 42 | $user->add_meta("last_login", date("Y-m-d H:i:s")); |
c44f6efa VP |
43 | Hook::run(HOOKTYPE_USER_LOGIN, $user); |
44 | die(); | |
6930484c VP |
45 | } |
46 | else | |
47 | { | |
c44f6efa VP |
48 | $fail = [ |
49 | "login" => htmlspecialchars($_POST['username']), | |
50 | "IP" => $_SERVER['REMOTE_ADDR'] | |
51 | ]; | |
52 | Hook::run(HOOKTYPE_USER_LOGIN_FAIL, $fail); | |
6930484c VP |
53 | $failmsg = "Incorrect login"; |
54 | } | |
55 | ||
56 | } | |
57 | else | |
58 | $failmsg = "Couldn't log you in: Missing credentials"; | |
59 | } | |
60 | ||
61 | ?><!DOCTYPE html> | |
62 | <head> | |
ea90b321 BM |
63 | <link href="<?php echo get_config("base_url"); ?>css/unrealircd-admin.css" rel="stylesheet"> |
64 | <script src="<?php echo get_config("base_url"); ?>js/unrealircd-admin.js"></script> | |
6930484c VP |
65 | <!-- Latest compiled and minified CSS --> |
66 | <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css"> | |
67 | ||
68 | <!-- jQuery library --> | |
69 | <script src="https://cdn.jsdelivr.net/npm/jquery@3.6.1/dist/jquery.slim.min.js"></script> | |
70 | ||
71 | <!-- Popper JS --> | |
72 | <script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js"></script> | |
73 | ||
74 | <!-- Latest compiled JavaScript --> | |
75 | <script src="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js"></script> | |
76 | ||
77 | <!-- Font Awesome icons --> | |
78 | <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css"> | |
79 | ||
ea90b321 | 80 | <link rel="icon" type="image/x-icon" href="<?php echo get_config("base_url"); ?>img/favicon.ico"> |
2405dc8e | 81 | <title>UnrealIRCd Panel</title> |
584066dc | 82 | </head> |
012c8a3e VP |
83 | <section class="vh-100"> |
84 | <div class="container py-5 h-10"> | |
85 | <div class="row d-flex justify-content-center align-items-center h-100"> | |
86 | <div class="col-12 col-md-8 col-lg-6 col-xl-5"> | |
87 | <div class="card shadow-2-strong" style="border-radius: 1rem;"> | |
88 | <div class="card-body p-5 text-center"> | |
cf6697ac | 89 | <form id="login" method="post" action="index.php?redirect=<?php echo $redirect; ?>"> |
ea90b321 | 90 | <h3><img src="<?php echo get_config("base_url"); ?>img/favicon.ico"> Log in to use Admin Panel</h3> |
012c8a3e VP |
91 | |
92 | <?php | |
93 | if (isset($failmsg)) Message::Fail($failmsg); | |
94 | if ($logout) | |
95 | Message::Success("You have been logged out"); | |
96 | ?> | |
97 | <div class="input-group"> | |
cf6697ac | 98 | <div id="username" class="input-group mb-3"> |
012c8a3e VP |
99 | <div class="input-group-prepend"> |
100 | <span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-user"></i></span> | |
cf6697ac VP |
101 | </div><input type="text" id="userinp" class="form-control" name="username" placeholder="Username" aria-label="Username" aria-describedby="basic-addon1"> |
102 | <div id="user_inv" class="invalid-feedback"> | |
103 | Username cannot be empty. | |
104 | </div> | |
105 | ||
012c8a3e | 106 | </div> |
cf6697ac | 107 | <div id="password" class="input-group mb-3"> |
012c8a3e VP |
108 | <div class="input-group-prepend"> |
109 | <span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-key"></i></span> | |
cf6697ac VP |
110 | </div><input type="password" id="passinp" class="form-control" name="password" placeholder="Password"> |
111 | <div id="pass_inv" class="invalid-feedback"> | |
112 | Password cannot be empty. | |
113 | </div> | |
114 | ||
012c8a3e | 115 | </div> |
2405dc8e | 116 | |
012c8a3e VP |
117 | </div> |
118 | <button type="submit" class="btn btn-primary btn-block">Log-In</button> | |
119 | </form> | |
120 | </div> | |
121 | </div> | |
6930484c | 122 | </div> |
2405dc8e | 123 | </div> |
012c8a3e | 124 | </div></section> |
cf6697ac VP |
125 | |
126 | <script> | |
127 | var form = document.getElementById('login'); | |
128 | var pinp = document.getElementById('passinp'); | |
129 | var uinp = document.getElementById('userinp'); | |
130 | ||
131 | form.addEventListener('submit', (event) => | |
132 | { | |
133 | event.preventDefault(); | |
134 | var err = 0; | |
135 | if (uinp.value.length == 0) | |
136 | { | |
137 | $('#user_inv').show(); | |
138 | err++; | |
139 | } | |
140 | if (pinp.value.length == 0) | |
141 | { | |
142 | $('#pass_inv').show(); | |
143 | err++; | |
144 | } | |
145 | if (err) | |
146 | return; | |
147 | else | |
148 | form.submit(); | |
149 | }); | |
150 | </script> | |
151 | ||
6930484c | 152 | <?php require_once "../footer.php"; |