refactored login.php
This commit is contained in:
parent
a3641a1896
commit
bf2c7356d0
|
@ -13,7 +13,7 @@
|
||||||
//
|
//
|
||||||
// list_domains
|
// list_domains
|
||||||
//
|
//
|
||||||
// Form GET Variables:
|
// Form POST \ GET Variables:
|
||||||
//
|
//
|
||||||
// username
|
// username
|
||||||
//
|
//
|
||||||
|
|
|
@ -14,7 +14,7 @@
|
||||||
// list_alias
|
// list_alias
|
||||||
// list_mailbox
|
// list_mailbox
|
||||||
//
|
//
|
||||||
// Form GET Variables:
|
// Form POST \ GET Variables:
|
||||||
//
|
//
|
||||||
// domain
|
// domain
|
||||||
// offset
|
// offset
|
||||||
|
|
|
@ -398,31 +398,6 @@ function db_array($result) {
|
||||||
return $row;
|
return $row;
|
||||||
}
|
}
|
||||||
|
|
||||||
// db_assoc
|
|
||||||
// Action: Returns a row from a table
|
|
||||||
// Call: db_assoc(int result)
|
|
||||||
//
|
|
||||||
function db_assoc($result) {
|
|
||||||
global $CONF;
|
|
||||||
$row = "";
|
|
||||||
if ($CONF['database_type'] == "mysqli") $row = mysqli_fetch_assoc($result);
|
|
||||||
return $row;
|
|
||||||
}
|
|
||||||
|
|
||||||
//
|
|
||||||
// db_delete
|
|
||||||
// Action: Deletes a row from a specified table
|
|
||||||
// Call: db_delete(string table, string where, string delete)
|
|
||||||
//
|
|
||||||
function db_delete($table,$where,$delete) {
|
|
||||||
$result = db_query("DELETE FROM $table WHERE $where='$delete'");
|
|
||||||
if ($result['rows'] >= 1) {
|
|
||||||
return $result['rows'];
|
|
||||||
} else {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// logging
|
// logging
|
||||||
// Action: Logs actions from admin
|
// Action: Logs actions from admin
|
||||||
// Call: logging(string username, string domain, string action, string data)
|
// Call: logging(string username, string domain, string action, string data)
|
||||||
|
|
|
@ -15,8 +15,7 @@ $LANG['Login_welcome'] = 'Mail admins login here to administer your domain.';
|
||||||
$LANG['Login_username'] = 'Login (email)';
|
$LANG['Login_username'] = 'Login (email)';
|
||||||
$LANG['Login_password'] = 'Password';
|
$LANG['Login_password'] = 'Password';
|
||||||
$LANG['Login_button'] = 'Login';
|
$LANG['Login_button'] = 'Login';
|
||||||
$LANG['Login_username_incorrect'] = '<span class="error_msg">Your login is not correct. Make sure that you login with your email address.</span>';
|
$LANG['Login_incorrect'] = '<span class="error_msg">Your login or password is not correct.</span>';
|
||||||
$LANG['Login_password_incorrect'] = '<span class="error_msg">Your password is not correct.</span>';
|
|
||||||
$LANG['Login_login_users'] = 'Users click here to login to the user section.';
|
$LANG['Login_login_users'] = 'Users click here to login to the user section.';
|
||||||
|
|
||||||
$LANG['Menu_overview'] = 'Overview';
|
$LANG['Menu_overview'] = 'Overview';
|
||||||
|
|
48
login.php
48
login.php
|
@ -11,44 +11,44 @@
|
||||||
//
|
//
|
||||||
// Template variables:
|
// Template variables:
|
||||||
//
|
//
|
||||||
// tMessage
|
// message
|
||||||
// tUsername
|
// username
|
||||||
//
|
//
|
||||||
// GET / POST variables:
|
// GET / POST variables:
|
||||||
//
|
//
|
||||||
// fUsername
|
// username
|
||||||
// fPassword
|
// password
|
||||||
//
|
//
|
||||||
require("./variables.inc.php");
|
require_once './functions.inc.php';
|
||||||
require("./config.inc.php");
|
include './languages/' . check_language () . '.lang';
|
||||||
require("./functions.inc.php");
|
|
||||||
include("./languages/" . check_language () . ".lang");
|
|
||||||
|
|
||||||
if ($_SERVER['REQUEST_METHOD'] == "POST") {
|
if ($_SERVER['REQUEST_METHOD'] == "POST") {
|
||||||
$fUsername = escape_string ($_POST['fUsername']);
|
$username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL);
|
||||||
$fPassword = escape_string ($_POST['fPassword']);
|
$password = filter_input(INPUT_POST, 'password', FILTER_DEFAULT);
|
||||||
|
|
||||||
$result = db_query("SELECT password FROM admin WHERE username='$fUsername' AND active='1'");
|
if (!empty($username) && !empty($password)) {
|
||||||
if ($result['rows'] == 1) {
|
$dbh = connect_db();
|
||||||
$row = db_array($result['result']);
|
$sth = $dbh->prepare("SELECT password FROM admin WHERE username=?");
|
||||||
if (!password_verify($fPassword, $row['assword'])) {
|
$sth->bindParam(1, $username, PDO::PARAM_STR);
|
||||||
$error = 1;
|
$sth->execute();
|
||||||
$tMessage = $LANG['Login_password_incorrect'];
|
$row = $sth->fetch(PDO::FETCH_COLUMN);
|
||||||
$tUsername = $fUsername;
|
}
|
||||||
|
if (!empty($row)) {
|
||||||
|
if (!password_verify($password, $row)) {
|
||||||
|
$message = $LANG['Login_incorrect'];
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
$error = 1;
|
$message = $LANG['Login_incorrect'];
|
||||||
$tMessage = $LANG['Login_username_incorrect'];
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($error != 1) {
|
if (empty($message)) {
|
||||||
session_start();
|
session_start();
|
||||||
$_SESSION['sessid']['username'] = $fUsername;
|
$_SESSION['sessid']['username'] = $username;
|
||||||
header("Location: main.php");
|
header("Location: main.php");
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
include("./templates/header.tpl");
|
include './templates/header.tpl';
|
||||||
include("./templates/login.tpl");
|
include './templates/login.tpl';
|
||||||
include("./templates/footer.tpl");
|
include './templates/footer.tpl';
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -6,17 +6,17 @@
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td><?php echo $LANG['Login_username'] . ":"; ?></td>
|
<td><?php echo $LANG['Login_username'] . ":"; ?></td>
|
||||||
<td><input class="flat" type="text" name="fUsername" value="<?php echo $tUsername; ?>" /></td>
|
<td><input class="flat" type="text" name="username" value="<?php echo $username ?? ''; ?>" /></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td><?php echo $LANG['Login_password'] . ":"; ?></td>
|
<td><?php echo $LANG['Login_password'] . ":"; ?></td>
|
||||||
<td><input class="flat" type="password" name="fPassword" /></td>
|
<td><input class="flat" type="password" name="password" /></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td colspan="2" class="hlp_center"><input class="button" type="submit" name="submit" value="<?php echo $LANG['Login_button']; ?>" /></td>
|
<td colspan="2" class="hlp_center"><input class="button" type="submit" name="submit" value="<?php echo $LANG['Login_button']; ?>" /></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td colspan="2" class="standout"><?php echo $tMessage; ?></td>
|
<td colspan="2" class="standout"><?php echo $message ?? ' '; ?></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td colspan="2"><a href="users/"><?php echo $LANG['Login_login_users']; ?></a></td>
|
<td colspan="2"><a href="users/"><?php echo $LANG['Login_login_users']; ?></a></td>
|
||||||
|
|
Loading…
Reference in New Issue