-
<?php
-require_once "../common.php";
+require_once "../inc/common.php";
$logout = false;
{
if ($_POST['username'] && $_POST['password'])
{
- /* securitah */
$user = new PanelUser($_POST['username']);
/* not being too informative with the login error in case of attackers */
- if (isset($user->id) && $user->password_verify($_POST['password']))
+ $hash_needs_updating = false;
+ if (isset($user->id) && $user->password_verify($_POST['password'], $hash_needs_updating))
{
+ /* SUCCESSFUL LOGIN */
+ if ($hash_needs_updating)
+ {
+ /* Set password again so it is freshly hashed */
+ $hash = PanelUser::password_hash($_POST['password']);
+ $ar = ["update_pass_conf"=>$hash];
+ $user->update_core_info($ar);
+ unset($ar);
+ unset($hash);
+ }
+ panel_start_session($user);
$_SESSION['id'] = $user->id;
- header('Location: ' . $redirect);
$user->add_meta("last_login", date("Y-m-d H:i:s"));
Hook::run(HOOKTYPE_USER_LOGIN, $user);
+
+ /* Middle of install? Override redirect: */
+ if (!isset($config['unrealircd']))
+ $redirect = get_config("base_url")."settings/rpc-servers.php";
+ header('Location: ' . $redirect);
die();
}
else
{
+ /* LOGIN FAILED */
$fail = [
"login" => htmlspecialchars($_POST['username']),
"IP" => $_SERVER['REMOTE_ADDR']
</head>
<section class="vh-100">
<div class="container py-5 h-10">
- <div class="row d-flex justify-content-center align-items-center h-100">
+ <div class="row d-flex justify-content-center align-items-center">
<div class="col-12 col-md-8 col-lg-6 col-xl-5">
<div class="card shadow-2-strong" style="border-radius: 1rem;">
<div class="card-body p-5 text-center">
</div>
</div>
</div></section>
+<style>
+body {
+ background-image: url('https://cdn.wallpapersafari.com/34/98/yznZmQ.jpg');
+ background-size: cover;
+ }
+</style>
<script>
var form = document.getElementById('login');
var pinp = document.getElementById('passinp');
form.submit();
});
</script>
-
-<?php require_once "../footer.php";
\ No newline at end of file