2 require_once "../inc/common.php";
6 $redirect = get_config("base_url");
7 if (!empty($_GET['redirect']))
9 $str = urldecode($_GET['redirect']);
10 if (str_starts_with($str, get_config("base_url"))) // prevent redirects to like https://othersite/
11 $redirect = $_GET['redirect'];
14 $redirect = (isset($_GET['redirect'])) ? $_GET['redirect'] : get_config("base_url");
15 if (!empty($_GET['logout']))
17 if (!isset($_SESSION['id']))
18 $failmsg = "Nothing to logout from";
25 if (!empty($_GET['timeout']))
27 $failmsg = "Your session has timed out. Please login again to continue";
33 if ($_POST['username'] && $_POST['password'])
35 $user = new PanelUser($_POST['username']);
36 /* not being too informative with the login error in case of attackers */
37 $hash_needs_updating = false;
38 if (isset($user->id
) && $user->password_verify($_POST['password'], $hash_needs_updating))
40 /* SUCCESSFUL LOGIN */
41 if ($hash_needs_updating)
43 /* Set password again so it is freshly hashed */
44 $hash = PanelUser
::password_hash($_POST['password']);
45 $ar = ["update_pass_conf"=>$hash];
46 $user->update_core_info($ar);
50 panel_start_session($user);
51 $_SESSION['id'] = $user->id
;
52 $user->add_meta("last_login", date("Y-m-d H:i:s"));
53 Hook
::run(HOOKTYPE_USER_LOGIN
, $user);
55 /* Middle of install? Override redirect: */
56 if (!isset($config['unrealircd']))
57 $redirect = get_config("base_url")."settings/rpc-servers.php";
58 header('Location: ' . $redirect);
65 "login" => htmlspecialchars($_POST['username']),
66 "IP" => $_SERVER['REMOTE_ADDR']
68 Hook
::run(HOOKTYPE_USER_LOGIN_FAIL
, $fail);
69 $failmsg = "Incorrect login";
74 $failmsg = "Couldn't log you in: Missing credentials";
79 <link href
="<?php echo get_config("base_url
"); ?>css/unrealircd-admin.css" rel
="stylesheet">
80 <script src
="<?php echo get_config("base_url
"); ?>js/unrealircd-admin.js"></script
>
81 <!-- Latest compiled
and minified CSS
-->
82 <link rel
="stylesheet" href
="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css">
84 <!-- jQuery library
-->
85 <script src
="https://cdn.jsdelivr.net/npm/jquery@3.6.1/dist/jquery.slim.min.js"></script
>
88 <script src
="https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js"></script
>
90 <!-- Latest compiled JavaScript
-->
91 <script src
="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js"></script
>
93 <!-- Font Awesome icons
-->
94 <link rel
="stylesheet" href
="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css">
96 <link rel
="icon" type
="image/x-icon" href
="<?php echo get_config("base_url
"); ?>img/favicon.ico">
97 <title
>UnrealIRCd Panel
</title
>
99 <section
class="vh-100">
100 <div
class="container py-5 h-10">
101 <div
class="row d-flex justify-content-center align-items-center">
102 <div
class="col-12 col-md-8 col-lg-6 col-xl-5">
103 <div
class="card shadow-2-strong" style
="border-radius: 1rem;">
104 <div
class="card-body p-5 text-center">
105 <form id
="login" method
="post" action
="index.php?redirect=<?php echo $redirect; ?>">
106 <h3
><img src
="<?php echo get_config("base_url
"); ?>img/favicon.ico"> Log in to
use Admin Panel
</h3
>
109 if (isset($failmsg)) Message
::Fail($failmsg);
111 Message
::Success("You have been logged out");
113 <div
class="input-group">
114 <div id
="username" class="input-group mb-3">
115 <div
class="input-group-prepend">
116 <span
class="input-group-text" id
="basic-addon1"><i
class="fa-solid fa-user"></i
></span
>
117 </div
><input type
="text" id
="userinp" class="form-control" name
="username" placeholder
="Username" aria
-label
="Username" aria
-describedby
="basic-addon1">
118 <div id
="user_inv" class="invalid-feedback">
119 Username cannot be
empty.
123 <div id
="password" class="input-group mb-3">
124 <div
class="input-group-prepend">
125 <span
class="input-group-text" id
="basic-addon1"><i
class="fa-solid fa-key"></i
></span
>
126 </div
><input type
="password" id
="passinp" class="form-control" name
="password" placeholder
="Password">
127 <div id
="pass_inv" class="invalid-feedback">
128 Password cannot be
empty.
134 <button type
="submit" class="btn btn-primary btn-block">Log
-In
</button
>
144 background
-image
: url('https://cdn.wallpapersafari.com/34/98/yznZmQ.jpg');
145 background
-size
: cover
;
149 var form
= document
.getElementById('login');
150 var pinp
= document
.getElementById('passinp');
151 var uinp
= document
.getElementById('userinp');
153 form
.addEventListener('submit', (event
) =>
155 event
.preventDefault();
157 if (uinp
.value
.length
== 0)
159 $
('#user_inv').show();
162 if (pinp
.value
.length
== 0)
164 $
('#pass_inv').show();