opensmtpdadmin/login.php

65 lines
1.5 KiB
PHP
Raw Normal View History

2022-08-18 14:01:52 +02:00
<?php
//
// OpenSMTPD Admin
// by Mischa Peters <mischa at high5 dot nl>
// Copyright (c) 2022 High5!
// License Info: LICENSE.TXT
//
// File: login.php
//
// Template File: login.tpl
//
2022-09-02 23:06:08 +02:00
// Template variables:
2022-08-18 14:01:52 +02:00
//
2022-09-04 12:10:27 +02:00
// message
// username
2022-08-18 14:01:52 +02:00
//
2022-09-02 23:06:08 +02:00
// GET / POST variables:
2022-08-18 14:01:52 +02:00
//
2022-09-04 12:10:27 +02:00
// username
// password
2022-08-18 14:01:52 +02:00
//
2022-09-04 12:10:27 +02:00
require_once './functions.inc.php';
include './languages/' . check_language () . '.lang';
2022-08-18 14:01:52 +02:00
if ($_SERVER['REQUEST_METHOD'] == "POST") {
2022-09-04 12:10:27 +02:00
$username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL);
$password = filter_input(INPUT_POST, 'password', FILTER_DEFAULT);
2022-08-18 14:01:52 +02:00
2022-09-04 12:10:27 +02:00
if (!empty($username) && !empty($password)) {
2022-09-04 20:50:21 +02:00
$dbh = pdo_connect();
2022-09-06 13:56:05 +02:00
$sth = $dbh->prepare("SELECT password FROM admin WHERE username=?");
2022-09-04 12:10:27 +02:00
$sth->bindParam(1, $username, PDO::PARAM_STR);
$sth->execute();
2022-09-05 20:29:41 +02:00
$row = $sth->fetch(PDO::FETCH_ASSOC);
2022-09-06 10:32:25 +02:00
if (empty($row)) {
$sth = $dbh->prepare("SELECT password FROM mailbox WHERE username=?");
$sth->bindParam(1, $username, PDO::PARAM_STR);
$sth->execute();
$row = $sth->fetch(PDO::FETCH_ASSOC);
$location = "password.php";
} else {
$location = "list-domain.php";
}
2022-09-04 12:10:27 +02:00
}
2022-09-04 19:17:50 +02:00
2022-09-05 20:29:41 +02:00
if (!empty($row['password'])) {
if (!password_verify($password, $row['password'])) {
2022-09-04 12:10:27 +02:00
$message = $LANG['Login_incorrect'];
2022-08-18 14:01:52 +02:00
}
} else {
2022-09-04 12:10:27 +02:00
$message = $LANG['Login_incorrect'];
2022-08-18 14:01:52 +02:00
}
2022-09-04 12:10:27 +02:00
if (empty($message)) {
2022-08-18 14:01:52 +02:00
session_start();
2022-09-04 12:10:27 +02:00
$_SESSION['sessid']['username'] = $username;
2022-09-06 10:32:25 +02:00
header("Location: $location");
2022-08-18 14:01:52 +02:00
exit;
}
}
2022-09-04 12:10:27 +02:00
include './templates/header.tpl';
include './templates/login.tpl';
include './templates/footer.tpl';
2022-08-18 14:01:52 +02:00
?>