]> jfr.im git - irc/unrealircd/unrealircd-webpanel.git/blob - login/index.php
projects / irc / unrealircd / unrealircd-webpanel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Move to new style config, with config in config/ directory.
[irc/unrealircd/unrealircd-webpanel.git] / login / index.php
1
2 <?php
3 require_once "../common.php";
4
5 $logout = false;
6
7 $redirect = get_config("base_url");
8 if (!empty($_GET['redirect']))
9 {
10 $str = urldecode($_GET['redirect']);
11 if (str_starts_with($str, get_config("base_url"))) // prevent redirects to like https://othersite/
12 $redirect = $_GET['redirect'];
13 }
14
15 $redirect = (isset($_GET['redirect'])) ? $_GET['redirect'] : get_config("base_url");
16 if (!empty($_GET['logout']))
17 {
18 if (!isset($_SESSION['id']))
19 $failmsg = "Nothing to logout from";
20 else {
21 $_SESSION = NULL;
22 session_destroy();
23 $logout = true;
24 }
25 }
26 if (!empty($_GET['timeout']))
27 {
28 $failmsg = "Your session has timed out. Please login again to continue";
29 $_SESSION = NULL;
30 session_destroy();
31 }
32 if (!empty($_POST))
33 {
34 if ($_POST['username'] && $_POST['password'])
35 {
36
37 /* securitah */
38 security_check();
39 $user = new PanelUser($_POST['username']);
40 /* not being too informative with the login error in case of attackers */
41 if (isset($user->id) && $user->password_verify($_POST['password']))
42 {
43 $_SESSION['id'] = $user->id;
44 header('Location: ' . $redirect);
45 $user->add_meta("last_login", date("Y-m-d H:i:s"));
46 Hook::run(HOOKTYPE_USER_LOGIN, $user);
47 die();
48 }
49 else
50 {
51 $fail = [
52 "login" => htmlspecialchars($_POST['username']),
53 "IP" => $_SERVER['REMOTE_ADDR']
54 ];
55 Hook::run(HOOKTYPE_USER_LOGIN_FAIL, $fail);
56 $failmsg = "Incorrect login";
57 }
58
59 }
60 else
61 $failmsg = "Couldn't log you in: Missing credentials";
62 }
63
64 ?><!DOCTYPE html>
65 <head>
66 <link href="<?php echo get_config("base_url"); ?>css/unrealircd-admin.css" rel="stylesheet">
67 <script src="<?php echo get_config("base_url"); ?>js/unrealircd-admin.js"></script>
68 <!-- Latest compiled and minified CSS -->
69 <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css">
70
71 <!-- jQuery library -->
72 <script src="https://cdn.jsdelivr.net/npm/jquery@3.6.1/dist/jquery.slim.min.js"></script>
73
74 <!-- Popper JS -->
75 <script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js"></script>
76
77 <!-- Latest compiled JavaScript -->
78 <script src="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js"></script>
79
80 <!-- Font Awesome icons -->
81 <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css">
82
83 <link rel="icon" type="image/x-icon" href="<?php echo get_config("base_url"); ?>img/favicon.ico">
84 <title>UnrealIRCd Panel</title>
85 </head>
86 <section class="vh-100">
87 <div class="container py-5 h-10">
88 <div class="row d-flex justify-content-center align-items-center h-100">
89 <div class="col-12 col-md-8 col-lg-6 col-xl-5">
90 <div class="card shadow-2-strong" style="border-radius: 1rem;">
91 <div class="card-body p-5 text-center">
92 <form id="login" method="post" action="index.php?redirect=<?php echo $redirect; ?>">
93 <h3><img src="<?php echo get_config("base_url"); ?>img/favicon.ico"> Log in to use Admin Panel</h3>
94
95 <?php
96 if (isset($failmsg)) Message::Fail($failmsg);
97 if ($logout)
98 Message::Success("You have been logged out");
99 ?>
100 <div class="input-group">
101 <div id="username" class="input-group mb-3">
102 <div class="input-group-prepend">
103 <span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-user"></i></span>
104 </div><input type="text" id="userinp" class="form-control" name="username" placeholder="Username" aria-label="Username" aria-describedby="basic-addon1">
105 <div id="user_inv" class="invalid-feedback">
106 Username cannot be empty.
107 </div>
108
109 </div>
110 <div id="password" class="input-group mb-3">
111 <div class="input-group-prepend">
112 <span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-key"></i></span>
113 </div><input type="password" id="passinp" class="form-control" name="password" placeholder="Password">
114 <div id="pass_inv" class="invalid-feedback">
115 Password cannot be empty.
116 </div>
117
118 </div>
119
120 </div>
121 <button type="submit" class="btn btn-primary btn-block">Log-In</button>
122 </form>
123 </div>
124 </div>
125 </div>
126 </div>
127 </div></section>
128
129 <script>
130 var form = document.getElementById('login');
131 var pinp = document.getElementById('passinp');
132 var uinp = document.getElementById('userinp');
133
134 form.addEventListener('submit', (event) =>
135 {
136 event.preventDefault();
137 var err = 0;
138 if (uinp.value.length == 0)
139 {
140 $('#user_inv').show();
141 err++;
142 }
143 if (pinp.value.length == 0)
144 {
145 $('#pass_inv').show();
146 err++;
147 }
148 if (err)
149 return;
150 else
151 form.submit();
152 });
153 </script>
154
155 <?php require_once "../footer.php";
Unnamed repository; edit this file 'description' to name the repository.