]> jfr.im git - irc/unrealircd/unrealircd-webpanel.git/blobdiff - login/index.php
projects / irc / unrealircd / unrealircd-webpanel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
More towards notes (still not finished)
[irc/unrealircd/unrealircd-webpanel.git] / login / index.php
diff --git a/login/index.php b/login/index.php
index 283dd0ac9d49d4454f12c63602a027c888fc353e..e35239c429b9ee570a5ceec666867187e1b98dd8 100644 (file)
--- a/login/index.php
+++ b/login/index.php
@@ -1,6 +1,5 @@
-
 <?php
 <?php
-require_once "../common.php";
+require_once "../inc/common.php";
 
 $logout = false;
 
 
 $logout = false;
 
@@ -33,19 +32,35 @@ if (!empty($_POST))
 {
        if ($_POST['username'] && $_POST['password'])
        {
 {
        if ($_POST['username'] && $_POST['password'])
        {
-               /* securitah */
                $user = new PanelUser($_POST['username']);
                /* not being too informative with the login error in case of attackers */
                $user = new PanelUser($_POST['username']);
                /* not being too informative with the login error in case of attackers */
-               if (isset($user->id) && $user->password_verify($_POST['password']))
+               $hash_needs_updating = false;
+               if (isset($user->id) && $user->password_verify($_POST['password'], $hash_needs_updating))
                {
                {
+                       /* SUCCESSFUL LOGIN */
+                       if ($hash_needs_updating)
+                       {
+                               /* Set password again so it is freshly hashed */
+                               $hash = PanelUser::password_hash($_POST['password']);
+                               $ar = ["update_pass_conf"=>$hash];
+                               $user->update_core_info($ar);
+                               unset($ar);
+                               unset($hash);
+                       }
+                       panel_start_session($user);
                        $_SESSION['id'] = $user->id;
                        $_SESSION['id'] = $user->id;
-                       header('Location: ' . $redirect);
                        $user->add_meta("last_login", date("Y-m-d H:i:s"));
                        Hook::run(HOOKTYPE_USER_LOGIN, $user);
                        $user->add_meta("last_login", date("Y-m-d H:i:s"));
                        Hook::run(HOOKTYPE_USER_LOGIN, $user);
+
+                       /* Middle of install? Override redirect: */
+                       if (!isset($config['unrealircd']))
+                               $redirect = get_config("base_url")."settings/rpc-servers.php";
+                       header('Location: ' . $redirect);
                        die();
                }
                else
                {
                        die();
                }
                else
                {
+                       /* LOGIN FAILED */
                        $fail = [
                                "login" => htmlspecialchars($_POST['username']),
                                "IP" => $_SERVER['REMOTE_ADDR']
                        $fail = [
                                "login" => htmlspecialchars($_POST['username']),
                                "IP" => $_SERVER['REMOTE_ADDR']
@@ -83,7 +98,7 @@ if (!empty($_POST))
 </head>
 <section class="vh-100">
   <div class="container py-5 h-10">
 </head>
 <section class="vh-100">
   <div class="container py-5 h-10">
-       <div class="row d-flex justify-content-center align-items-center h-100">
+       <div class="row d-flex justify-content-center align-items-center">
          <div class="col-12 col-md-8 col-lg-6 col-xl-5">
                <div class="card shadow-2-strong" style="border-radius: 1rem;">
                  <div class="card-body p-5 text-center">
          <div class="col-12 col-md-8 col-lg-6 col-xl-5">
                <div class="card shadow-2-strong" style="border-radius: 1rem;">
                  <div class="card-body p-5 text-center">
@@ -123,7 +138,13 @@ if (!empty($_POST))
        </div>
 </div>
 </div></section>
        </div>
 </div>
 </div></section>
+<style>
 
 
+body {
+               background-image: url('https://cdn.wallpapersafari.com/34/98/yznZmQ.jpg');
+               background-size: cover;
+       }
+</style>
 <script>
        var form = document.getElementById('login');
        var pinp = document.getElementById('passinp');
 <script>
        var form = document.getElementById('login');
        var pinp = document.getElementById('passinp');
@@ -150,4 +171,4 @@ if (!empty($_POST))
        });
 </script>
 
        });
 </script>
 
-<?php require_once "../footer.php";
\ No newline at end of file
+<?php require_once "../inc/footer.php";
\ No newline at end of file
Unnamed repository; edit this file 'description' to name the repository.