]>
Commit | Line | Data |
---|---|---|
6930484c VP |
1 | |
2 | <?php | |
3 | require_once "../common.php"; | |
4 | ||
5 | $logout = false; | |
bc75e1cb BM |
6 | |
7 | $redirect = BASE_URL; | |
8 | if (!empty($_GET['redirect'])) | |
9 | { | |
10 | $str = urldecode($_GET['redirect']); | |
11 | if (str_starts_with($str, BASE_URL)) // prevent redirects to like https://othersite/ | |
12 | $redirect = $_GET['redirect']; | |
13 | } | |
14 | ||
6930484c | 15 | $redirect = (isset($_GET['redirect'])) ? $_GET['redirect'] : BASE_URL; |
6930484c VP |
16 | if (!empty($_GET['logout'])) |
17 | { | |
18 | if (!isset($_SESSION['id'])) | |
19 | $failmsg = "Nothing to logout from"; | |
20 | else { | |
148df839 | 21 | $_SESSION = NULL; |
6930484c VP |
22 | session_destroy(); |
23 | $logout = true; | |
24 | } | |
25 | } | |
26 | if (!empty($_POST)) | |
27 | { | |
28 | if ($_POST['username'] && $_POST['password']) | |
29 | { | |
30 | ||
31 | /* securitah */ | |
32 | security_check(); | |
33 | $user = new PanelUser($_POST['username']); | |
6930484c | 34 | /* not being too informative with the login error in case of attackers */ |
c44f6efa | 35 | if (isset($user->id) && $user->password_verify($_POST['password'])) |
6930484c VP |
36 | { |
37 | $_SESSION['id'] = $user->id; | |
38 | header('Location: ' . $redirect); | |
e9996356 | 39 | $user->add_meta("last_login", date("Y-m-d H:i:s")); |
c44f6efa VP |
40 | Hook::run(HOOKTYPE_USER_LOGIN, $user); |
41 | die(); | |
6930484c VP |
42 | } |
43 | else | |
44 | { | |
c44f6efa VP |
45 | $fail = [ |
46 | "login" => htmlspecialchars($_POST['username']), | |
47 | "IP" => $_SERVER['REMOTE_ADDR'] | |
48 | ]; | |
49 | Hook::run(HOOKTYPE_USER_LOGIN_FAIL, $fail); | |
6930484c VP |
50 | $failmsg = "Incorrect login"; |
51 | } | |
52 | ||
53 | } | |
54 | else | |
55 | $failmsg = "Couldn't log you in: Missing credentials"; | |
56 | } | |
57 | ||
58 | ?><!DOCTYPE html> | |
59 | <head> | |
2405dc8e VP |
60 | <link href="<?php echo BASE_URL; ?>css/unrealircd-admin.css" rel="stylesheet"> |
61 | <script src="<?php echo BASE_URL; ?>js/unrealircd-admin.js"></script> | |
6930484c VP |
62 | <!-- Latest compiled and minified CSS --> |
63 | <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css"> | |
64 | ||
65 | <!-- jQuery library --> | |
66 | <script src="https://cdn.jsdelivr.net/npm/jquery@3.6.1/dist/jquery.slim.min.js"></script> | |
67 | ||
68 | <!-- Popper JS --> | |
69 | <script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js"></script> | |
70 | ||
71 | <!-- Latest compiled JavaScript --> | |
72 | <script src="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js"></script> | |
73 | ||
74 | <!-- Font Awesome icons --> | |
75 | <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css"> | |
76 | ||
6930484c | 77 | <link rel="icon" type="image/x-icon" href="<?php echo BASE_URL; ?>img/favicon.ico"> |
2405dc8e | 78 | <title>UnrealIRCd Panel</title> |
584066dc | 79 | </head> |
012c8a3e VP |
80 | <section class="vh-100"> |
81 | <div class="container py-5 h-10"> | |
82 | <div class="row d-flex justify-content-center align-items-center h-100"> | |
83 | <div class="col-12 col-md-8 col-lg-6 col-xl-5"> | |
84 | <div class="card shadow-2-strong" style="border-radius: 1rem;"> | |
85 | <div class="card-body p-5 text-center"> | |
86 | <form method="post" action="index.php?redirect=<?php echo $redirect; ?>"> | |
87 | <h3><img src="<?php echo BASE_URL; ?>img/favicon.ico"> Log in to use Admin Panel</h3> | |
88 | ||
89 | <?php | |
90 | if (isset($failmsg)) Message::Fail($failmsg); | |
91 | if ($logout) | |
92 | Message::Success("You have been logged out"); | |
93 | ?> | |
94 | <div class="input-group"> | |
95 | <div class="input-group mb-3"> | |
96 | <div class="input-group-prepend"> | |
97 | <span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-user"></i></span> | |
98 | </div><input type="text" class="form-control" name="username" id="username" placeholder="Username" aria-label="Username" aria-describedby="basic-addon1"> | |
99 | </div> | |
100 | <div class="input-group mb-3"> | |
101 | <div class="input-group-prepend"> | |
102 | <span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-key"></i></span> | |
103 | </div><input type="password" class="form-control" name="password" id="password" placeholder="Password"> | |
104 | </div> | |
2405dc8e | 105 | |
012c8a3e VP |
106 | </div> |
107 | <button type="submit" class="btn btn-primary btn-block">Log-In</button> | |
108 | </form> | |
109 | </div> | |
110 | </div> | |
6930484c | 111 | </div> |
2405dc8e | 112 | </div> |
012c8a3e | 113 | </div></section> |
6930484c | 114 | <?php require_once "../footer.php"; |