$user = new PanelUser($_POST['username']);
/* not being too informative with the login error in case of attackers */
- if (!$user->id)
- {
- $failmsg = "Incorrect login";
- }
- else if ($user->password_verify($_POST['password']))
+ if (isset($user->id) && $user->password_verify($_POST['password']))
{
$_SESSION['id'] = $user->id;
header('Location: ' . $redirect);
- $user->add_meta("last_login", date("Y-m-d m:i:s"));
+ $user->add_meta("last_login", date("Y-m-d H:i:s"));
+ Hook::run(HOOKTYPE_USER_LOGIN, $user);
+ die();
}
else
{
+ $fail = [
+ "login" => htmlspecialchars($_POST['username']),
+ "IP" => $_SERVER['REMOTE_ADDR']
+ ];
+ Hook::run(HOOKTYPE_USER_LOGIN_FAIL, $fail);
$failmsg = "Incorrect login";
}
<body role="document">
<div class="container-fluid">
<form method="post" action="index.php?redirect=<?php echo $redirect; ?>">
- <div class="modal" id="loginModal" data-bs-backdrop="static" data-bs-keyboard="false" tabindex="-1" aria-labelledby="loginModal" aria-hidden="false"></a>
+ <div class="modal" id="loginModal" data-backdrop="static" data-keyboard="false" tabindex="-1" aria-labelledby="loginModal" aria-hidden="false"></a>
<div class="modal-dialog modal-dialog-centered">
<div class="modal-content">
<div class="modal-header" style="margin: 0 auto;">