-
<?php
-require_once "../common.php";
+require_once "../inc/common.php";
$logout = false;
-$redirect = (isset($_GET['redirect'])) ? $_GET['redirect'] : BASE_URL;
+$redirect = get_config("base_url");
+if (!empty($_GET['redirect']))
+{
+ $str = urldecode($_GET['redirect']);
+ if (str_starts_with($str, get_config("base_url"))) // prevent redirects to like https://othersite/
+ $redirect = $_GET['redirect'];
+}
+
+$redirect = (isset($_GET['redirect'])) ? $_GET['redirect'] : get_config("base_url");
if (!empty($_GET['logout']))
{
if (!isset($_SESSION['id']))
$failmsg = "Nothing to logout from";
else {
+ $_SESSION = NULL;
session_destroy();
$logout = true;
}
}
+if (!empty($_GET['timeout']))
+{
+ $failmsg = "Your session has timed out. Please login again to continue";
+ $_SESSION = NULL;
+ session_destroy();
+}
if (!empty($_POST))
{
if ($_POST['username'] && $_POST['password'])
{
-
- /* securitah */
- security_check();
$user = new PanelUser($_POST['username']);
-
/* not being too informative with the login error in case of attackers */
- if (isset($user->id) && $user->password_verify($_POST['password']))
+ $hash_needs_updating = false;
+ if (isset($user->id) && $user->password_verify($_POST['password'], $hash_needs_updating))
{
+ /* SUCCESSFUL LOGIN */
+ if ($hash_needs_updating)
+ {
+ /* Set password again so it is freshly hashed */
+ $hash = PanelUser::password_hash($_POST['password']);
+ $ar = ["update_pass_conf"=>$hash];
+ $user->update_core_info($ar);
+ unset($ar);
+ unset($hash);
+ }
+ panel_start_session($user);
$_SESSION['id'] = $user->id;
- header('Location: ' . $redirect);
$user->add_meta("last_login", date("Y-m-d H:i:s"));
Hook::run(HOOKTYPE_USER_LOGIN, $user);
+
+ /* Middle of install? Override redirect: */
+ if (!isset($config['unrealircd']))
+ $redirect = get_config("base_url")."settings/rpc-servers.php";
+ header('Location: ' . $redirect);
die();
}
else
{
+ /* LOGIN FAILED */
$fail = [
"login" => htmlspecialchars($_POST['username']),
"IP" => $_SERVER['REMOTE_ADDR']
?><!DOCTYPE html>
<head>
+<link href="<?php echo get_config("base_url"); ?>css/unrealircd-admin.css" rel="stylesheet">
+<script src="<?php echo get_config("base_url"); ?>js/unrealircd-admin.js"></script>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css">
<!-- Font Awesome icons -->
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css">
-<script src="<?php echo BASE_URL; ?>js/unrealircd-admin.js"></script>
+<link rel="icon" type="image/x-icon" href="<?php echo get_config("base_url"); ?>img/favicon.ico">
<title>UnrealIRCd Panel</title>
-<link rel="icon" type="image/x-icon" href="<?php echo BASE_URL; ?>img/favicon.ico">
-<link href="<?php echo BASE_URL; ?>css/unrealircd-admin.css" rel="stylesheet">
</head>
-<script>
- $(document).ready(function(){
- $("#loginModal").modal({backdrop: 'static', keyboard: false}, 'show');
- });
-
-</script>
-<body role="document">
-<div class="container-fluid">
-<form method="post" action="index.php?redirect=<?php echo $redirect; ?>">
- <div class="modal" id="loginModal" data-backdrop="static" data-keyboard="false" tabindex="-1" aria-labelledby="loginModal" aria-hidden="false"></a>
- <div class="modal-dialog modal-dialog-centered">
- <div class="modal-content">
- <div class="modal-header" style="margin: 0 auto;">
- <h3 class="modal-title" id="loginModaltitle"><img src="<?php echo BASE_URL; ?>img/favicon.ico"> Log in to use Admin Panel</h3>
- </div>
- <div class="modal-body">
- <div class="form-group">
- <?php
- if (isset($failmsg)) Message::Fail($failmsg);
- if ($logout)
- Message::Success("You have been logged out");
- ?>
- <br>
- <div class="input-group mb-3">
- <div class="input-group-prepend">
- <span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-user"></i></span>
- </div><input type="text" class="form-control" name="username" id="username" placeholder="Username" aria-label="Username" aria-describedby="basic-addon1">
- </div>
+<section class="vh-100">
+ <div class="container py-5 h-10">
+ <div class="row d-flex justify-content-center align-items-center h-100">
+ <div class="col-12 col-md-8 col-lg-6 col-xl-5">
+ <div class="card shadow-2-strong" style="border-radius: 1rem;">
+ <div class="card-body p-5 text-center">
+ <form id="login" method="post" action="index.php?redirect=<?php echo $redirect; ?>">
+ <h3><img src="<?php echo get_config("base_url"); ?>img/favicon.ico"> Log in to use Admin Panel</h3>
- </div>
- <div class="form-group">
- <div class="input-group mb-3">
- <div class="input-group-prepend">
- <span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-key"></i></span>
- </div><input type="password" class="form-control" name="password" id="password" placeholder="Password">
- </div>
+ <?php
+ if (isset($failmsg)) Message::Fail($failmsg);
+ if ($logout)
+ Message::Success("You have been logged out");
+ ?>
+ <div class="input-group">
+ <div id="username" class="input-group mb-3">
+ <div class="input-group-prepend">
+ <span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-user"></i></span>
+ </div><input type="text" id="userinp" class="form-control" name="username" placeholder="Username" aria-label="Username" aria-describedby="basic-addon1">
+ <div id="user_inv" class="invalid-feedback">
+ Username cannot be empty.
+ </div>
+ </div>
+ <div id="password" class="input-group mb-3">
+ <div class="input-group-prepend">
+ <span class="input-group-text" id="basic-addon1"><i class="fa-solid fa-key"></i></span>
+ </div><input type="password" id="passinp" class="form-control" name="password" placeholder="Password">
+ <div id="pass_inv" class="invalid-feedback">
+ Password cannot be empty.
+ </div>
+
+ </div>
+
+ </div>
+ <button type="submit" class="btn btn-primary btn-block">Log-In</button>
+ </form>
</div>
</div>
- <div class="modal-footer">
- <a class="btn btn-secondary" href="#">Cancel</a>
- <button type="submit" class="btn btn-primary">Log-In</button>
- </div>
- </div>
</div>
- </div>
-</form>
-<?php require_once "../footer.php";
\ No newline at end of file
+</div>
+</div></section>
+
+<script>
+ var form = document.getElementById('login');
+ var pinp = document.getElementById('passinp');
+ var uinp = document.getElementById('userinp');
+
+ form.addEventListener('submit', (event) =>
+ {
+ event.preventDefault();
+ var err = 0;
+ if (uinp.value.length == 0)
+ {
+ $('#user_inv').show();
+ err++;
+ }
+ if (pinp.value.length == 0)
+ {
+ $('#pass_inv').show();
+ err++;
+ }
+ if (err)
+ return;
+ else
+ form.submit();
+ });
+</script>
+
+<?php require_once "../inc/footer.php";
\ No newline at end of file
projects / irc / unrealircd / unrealircd-webpanel.git / blobdiff