[irc/unrealircd/unrealircd-webpanel.git] / login / index.php


<?php
require_once "../common.php";

$logout = false;

$redirect = BASE_URL;
if (!empty($_GET['redirect']))
{
	$str = urldecode($_GET['redirect']);
	if (str_starts_with($str, BASE_URL)) // prevent redirects to like https://othersite/
		$redirect = $_GET['redirect'];
}

$redirect = (isset($_GET['redirect'])) ? $_GET['redirect'] : BASE_URL;
if (!empty($_GET['logout']))
{
	if (!isset($_SESSION['id']))
		$failmsg = "Nothing to logout from";
	else {
		$_SESSION = NULL;
		session_destroy();
		$logout = true;
	}
}
if (!empty($_POST))
{
	if ($_POST['username'] && $_POST['password'])
	{
		
		/* securitah */
		security_check();
		$user = new PanelUser($_POST['username']);
		/* not being too informative with the login error in case of attackers */
		if (isset($user->id) && $user->password_verify($_POST['password']))
		{
			$_SESSION['id'] = $user->id;
			header('Location: ' . $redirect);
			$user->add_meta("last_login", date("Y-m-d H:i:s"));
			Hook::run(HOOKTYPE_USER_LOGIN, $user);
			die();
		}
		else
		{
			$fail = [
				"login" => htmlspecialchars($_POST['username']),
				"IP" => $_SERVER['REMOTE_ADDR']
			];
			Hook::run(HOOKTYPE_USER_LOGIN_FAIL, $fail);
			$failmsg = "Incorrect login";
		}

	}
	else
	$failmsg = "Couldn't log you in: Missing credentials";
}

?><!DOCTYPE html>
<head>
<link href="<?php echo BASE_URL; ?>css/unrealircd-admin.css" rel="stylesheet">
<script src="<?php echo BASE_URL; ?>js/unrealircd-admin.js"></script>
 <!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css">

<!-- jQuery library -->
<script src="https://cdn.jsdelivr.net/npm/jquery@3.6.1/dist/jquery.slim.min.js"></script>

<!-- Popper JS -->
<script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js"></script>

<!-- Latest compiled JavaScript -->
<script src="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js"></script>

<!-- Font Awesome icons -->
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css">

<link rel="icon" type="image/x-icon" href="<?php echo BASE_URL; ?>img/favicon.ico">
<title>UnrealIRCd Panel</title>
</head>
<section class="vh-100">
  <div class="container py-5 h-10">
	<div class="row d-flex justify-content-center align-items-center h-100">
	  <div class="col-12 col-md-8 col-lg-6 col-xl-5">
		<div class="card shadow-2-strong" style="border-radius: 1rem;">
		  <div class="card-body p-5 text-center">
			<form method="post" action="index.php?redirect=<?php echo $redirect; ?>">
				<h3><img src="<?php echo BASE_URL; ?>img/favicon.ico">	Log in to use Admin Panel</h3>
				
					<?php 
					if (isset($failmsg)) Message::Fail($failmsg);
					if ($logout)
						Message::Success("You have been logged out");
					?>
					<div class="input-group">
					<div class="input-group mb-3">
						<div class="input-group-prepend">
							<span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-user"></i></span>
						</div><input type="text" class="form-control" name="username" id="username" placeholder="Username" aria-label="Username" aria-describedby="basic-addon1">
					</div>
					<div class="input-group mb-3">
						<div class="input-group-prepend">
							<span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-key"></i></span>
						</div><input type="password" class="form-control" name="password" id="password" placeholder="Password">
					</div>

				</div>
				<button type="submit" class="btn btn-primary btn-block">Log-In</button>
			</form>
			</div>
		</div>
	</div>
</div>
</div></section>
<?php require_once "../footer.php";
Commit	Line	Data
6930484c VP	1
	2	<?php
	3	require_once "../common.php";
	4
	5	$logout = false;
bc75e1cb BM	6
	7	$redirect = BASE_URL;
	8	if (!empty($_GET['redirect']))
	9	{
	10	$str = urldecode($_GET['redirect']);
	11	if (str_starts_with($str, BASE_URL)) // prevent redirects to like https://othersite/
	12	$redirect = $_GET['redirect'];
	13	}
	14
6930484c	15	$redirect = (isset($_GET['redirect'])) ? $_GET['redirect'] : BASE_URL;
6930484c VP	16	if (!empty($_GET['logout']))
	17	{
	18	if (!isset($_SESSION['id']))
	19	$failmsg = "Nothing to logout from";
	20	else {
148df839	21	$_SESSION = NULL;
6930484c VP	22	session_destroy();
	23	$logout = true;
	24	}
	25	}
	26	if (!empty($_POST))
	27	{
	28	if ($_POST['username'] && $_POST['password'])
	29	{
	30
	31	/* securitah */
	32	security_check();
	33	$user = new PanelUser($_POST['username']);
6930484c	34	/* not being too informative with the login error in case of attackers */
c44f6efa	35	if (isset($user->id) && $user->password_verify($_POST['password']))
6930484c VP	36	{
	37	$_SESSION['id'] = $user->id;
	38	header('Location: ' . $redirect);
e9996356	39	$user->add_meta("last_login", date("Y-m-d H:i:s"));
c44f6efa VP	40	Hook::run(HOOKTYPE_USER_LOGIN, $user);
c44f6efa VP	41	die();
6930484c VP	42	}
	43	else
	44	{
c44f6efa VP	45	$fail = [
	46	"login" => htmlspecialchars($_POST['username']),
	47	"IP" => $_SERVER['REMOTE_ADDR']
	48	];
	49	Hook::run(HOOKTYPE_USER_LOGIN_FAIL, $fail);
6930484c VP	50	$failmsg = "Incorrect login";
	51	}
	52
	53	}
	54	else
	55	$failmsg = "Couldn't log you in: Missing credentials";
	56	}
	57
	58	?><!DOCTYPE html>
	59	<head>
2405dc8e VP	60	<link href="<?php echo BASE_URL; ?>css/unrealircd-admin.css" rel="stylesheet">
2405dc8e VP	61	<script src="<?php echo BASE_URL; ?>js/unrealircd-admin.js"></script>
6930484c VP	62	<!-- Latest compiled and minified CSS -->
	63	<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css">
	64
	65	<!-- jQuery library -->
	66	<script src="https://cdn.jsdelivr.net/npm/jquery@3.6.1/dist/jquery.slim.min.js"></script>
	67
	68	<!-- Popper JS -->
	69	<script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js"></script>
	70
	71	<!-- Latest compiled JavaScript -->
	72	<script src="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js"></script>
	73
	74	<!-- Font Awesome icons -->
	75	<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css">
	76
6930484c	77	<link rel="icon" type="image/x-icon" href="<?php echo BASE_URL; ?>img/favicon.ico">
2405dc8e	78	<title>UnrealIRCd Panel</title>
584066dc	79	</head>
012c8a3e VP	80	<section class="vh-100">
	81	<div class="container py-5 h-10">
	82	<div class="row d-flex justify-content-center align-items-center h-100">
	83	<div class="col-12 col-md-8 col-lg-6 col-xl-5">
	84	<div class="card shadow-2-strong" style="border-radius: 1rem;">
	85	<div class="card-body p-5 text-center">
	86	<form method="post" action="index.php?redirect=<?php echo $redirect; ?>">
	87	<h3><img src="<?php echo BASE_URL; ?>img/favicon.ico"> Log in to use Admin Panel</h3>
	88
	89	<?php
	90	if (isset($failmsg)) Message::Fail($failmsg);
	91	if ($logout)
	92	Message::Success("You have been logged out");
	93	?>
	94	<div class="input-group">
	95	<div class="input-group mb-3">
	96	<div class="input-group-prepend">
	97	<span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-user"></i></span>
	98	</div><input type="text" class="form-control" name="username" id="username" placeholder="Username" aria-label="Username" aria-describedby="basic-addon1">
	99	</div>
	100	<div class="input-group mb-3">
	101	<div class="input-group-prepend">
	102	<span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-key"></i></span>
	103	</div><input type="password" class="form-control" name="password" id="password" placeholder="Password">
	104	</div>
2405dc8e	105
012c8a3e VP	106	</div>
	107	<button type="submit" class="btn btn-primary btn-block">Log-In</button>
	108	</form>
	109	</div>
	110	</div>
6930484c	111	</div>
2405dc8e	112	</div>
012c8a3e	113	</div></section>
6930484c	114	<?php require_once "../footer.php";