opensmtpdadmin/users/login.php

56 lines
1.2 KiB
PHP
Raw Normal View History

2022-08-18 14:01:52 +02:00
<?php
//
// OpenSMTPD Admin
// by Mischa Peters <mischa at high5 dot nl>
// Copyright (c) 2022 High5!
// License Info: LICENSE.TXT
//
// File: login.php
//
// Template File: login.tpl
//
2022-09-04 19:17:50 +02:00
// Template variables:
2022-08-18 14:01:52 +02:00
//
2022-09-04 19:17:50 +02:00
// message
// username
2022-08-18 14:01:52 +02:00
//
2022-09-04 19:17:50 +02:00
// GET / POST variables:
2022-08-18 14:01:52 +02:00
//
2022-09-04 19:17:50 +02:00
// username
// password
2022-08-18 14:01:52 +02:00
//
2022-09-04 19:17:50 +02:00
require_once '../functions.inc.php';
include '../languages/' . check_language () . '.lang';
2022-08-18 14:01:52 +02:00
if ($_SERVER['REQUEST_METHOD'] == "POST") {
2022-09-04 19:17:50 +02:00
$username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL);
$password = filter_input(INPUT_POST, 'password', FILTER_DEFAULT);
2022-08-18 14:01:52 +02:00
2022-09-04 19:17:50 +02:00
if (!empty($username) && !empty($password)) {
2022-09-04 20:50:21 +02:00
$dbh = pdo_connect();
2022-09-04 19:17:50 +02:00
$sth = $dbh->prepare("SELECT password FROM mailbox WHERE username=?");
$sth->bindParam(1, $username, PDO::PARAM_STR);
$sth->execute();
$row = $sth->fetch(PDO::FETCH_COLUMN);
}
if (!empty($row)) {
if (!password_verify($password, $row)) {
$message = $LANG['Login_incorrect'];
2022-08-18 14:01:52 +02:00
}
} else {
2022-09-04 19:17:50 +02:00
$message = $LANG['Login_incorrect'];
2022-08-18 14:01:52 +02:00
}
2022-09-04 19:17:50 +02:00
if (empty($message)) {
2022-08-18 14:01:52 +02:00
session_start();
2022-09-04 19:17:50 +02:00
$_SESSION['userid']['username'] = $username;
2022-09-05 08:20:02 +02:00
header("Location: password.php");
2022-08-18 14:01:52 +02:00
exit;
}
}
2022-09-04 19:17:50 +02:00
include '../templates/header.tpl';
include '../templates/users_login.tpl';
include '../templates/footer.tpl';
2022-08-18 14:01:52 +02:00
?>