High5
/
opensmtpdadmin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactored login.php

This commit is contained in:
mischa 2022-09-04 10:10:27 +00:00
parent a3641a1896
commit bf2c7356d0
6 changed files with 30 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
admin/list-domain.php
View File

@ -13,7 +13,7 @@
// //
// list_domains // list_domains
// //
// Form GET Variables: // Form POST \ GET Variables:
// //
// username // username
// //

2
admin/list-virtual.php
View File

@ -14,7 +14,7 @@
// list_alias // list_alias
// list_mailbox // list_mailbox
// //
// Form GET Variables: // Form POST \ GET Variables:
// //
// domain // domain
// offset // offset

25
functions.inc.php
View File

@ -398,31 +398,6 @@ function db_array($result) {
return $row; return $row;
} }
// db_assoc
// Action: Returns a row from a table
// Call: db_assoc(int result)
//
function db_assoc($result) {
global $CONF;
$row = "";
if ($CONF['database_type'] == "mysqli") $row = mysqli_fetch_assoc($result);
return $row;
}
//
// db_delete
// Action: Deletes a row from a specified table
// Call: db_delete(string table, string where, string delete)
//
function db_delete($table,$where,$delete) {
$result = db_query("DELETE FROM $table WHERE $where='$delete'");
if ($result['rows'] >= 1) {
return $result['rows'];
} else {
return true;
}
}
// logging // logging
// Action: Logs actions from admin // Action: Logs actions from admin
// Call: logging(string username, string domain, string action, string data) // Call: logging(string username, string domain, string action, string data)

3
languages/en.lang
View File

@ -15,8 +15,7 @@ $LANG['Login_welcome'] = 'Mail admins login here to administer your domain.';
$LANG['Login_username'] = 'Login (email)'; $LANG['Login_username'] = 'Login (email)';
$LANG['Login_password'] = 'Password'; $LANG['Login_password'] = 'Password';
$LANG['Login_button'] = 'Login'; $LANG['Login_button'] = 'Login';
$LANG['Login_username_incorrect'] = '<span class="error_msg">Your login is not correct. Make sure that you login with your email address.</span>'; $LANG['Login_incorrect'] = '<span class="error_msg">Your login or password is not correct.</span>';
$LANG['Login_password_incorrect'] = '<span class="error_msg">Your password is not correct.</span>';
$LANG['Login_login_users'] = 'Users click here to login to the user section.'; $LANG['Login_login_users'] = 'Users click here to login to the user section.';
$LANG['Menu_overview'] = 'Overview'; $LANG['Menu_overview'] = 'Overview';

48
login.php
View File

@ -11,44 +11,44 @@
// //
// Template variables: // Template variables:
// //
// tMessage // message
// tUsername // username
// //
// GET / POST variables: // GET / POST variables:
// //
// fUsername // username
// fPassword // password
// //
require("./variables.inc.php"); require_once './functions.inc.php';
require("./config.inc.php"); include './languages/' . check_language () . '.lang';
require("./functions.inc.php");
include("./languages/" . check_language () . ".lang");
if ($_SERVER['REQUEST_METHOD'] == "POST") { if ($_SERVER['REQUEST_METHOD'] == "POST") {
$fUsername = escape_string ($_POST['fUsername']); $username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL);
$fPassword = escape_string ($_POST['fPassword']); $password = filter_input(INPUT_POST, 'password', FILTER_DEFAULT);
$result = db_query("SELECT password FROM admin WHERE username='$fUsername' AND active='1'"); if (!empty($username) && !empty($password)) {
if ($result['rows'] == 1) { $dbh = connect_db();
$row = db_array($result['result']); $sth = $dbh->prepare("SELECT password FROM admin WHERE username=?");
if (!password_verify($fPassword, $row['assword'])) { $sth->bindParam(1, $username, PDO::PARAM_STR);
$error = 1; $sth->execute();
$tMessage = $LANG['Login_password_incorrect']; $row = $sth->fetch(PDO::FETCH_COLUMN);
$tUsername = $fUsername; }
if (!empty($row)) {
if (!password_verify($password, $row)) {
$message = $LANG['Login_incorrect'];
} }
} else { } else {
$error = 1; $message = $LANG['Login_incorrect'];
$tMessage = $LANG['Login_username_incorrect'];
} }
if ($error != 1) { if (empty($message)) {
session_start(); session_start();
$_SESSION['sessid']['username'] = $fUsername; $_SESSION['sessid']['username'] = $username;
header("Location: main.php"); header("Location: main.php");
exit; exit;
} }
} }
include("./templates/header.tpl"); include './templates/header.tpl';
include("./templates/login.tpl"); include './templates/login.tpl';
include("./templates/footer.tpl"); include './templates/footer.tpl';
?> ?>

6
templates/login.tpl
View File

@ -6,17 +6,17 @@
</tr> </tr>
<tr> <tr>
<td><?php echo $LANG['Login_username'] . ":"; ?></td> <td><?php echo $LANG['Login_username'] . ":"; ?></td>
<td><input class="flat" type="text" name="fUsername" value="<?php echo $tUsername; ?>" /></td> <td><input class="flat" type="text" name="username" value="<?php echo $username ?? ''; ?>" /></td>
</tr> </tr>
<tr> <tr>
<td><?php echo $LANG['Login_password'] . ":"; ?></td> <td><?php echo $LANG['Login_password'] . ":"; ?></td>
<td><input class="flat" type="password" name="fPassword" /></td> <td><input class="flat" type="password" name="password" /></td>
</tr> </tr>
<tr> <tr>
<td colspan="2" class="hlp_center"><input class="button" type="submit" name="submit" value="<?php echo $LANG['Login_button']; ?>" /></td> <td colspan="2" class="hlp_center"><input class="button" type="submit" name="submit" value="<?php echo $LANG['Login_button']; ?>" /></td>
</tr> </tr>
<tr> <tr>
<td colspan="2" class="standout"><?php echo $tMessage; ?></td> <td colspan="2" class="standout"><?php echo $message ?? '&nbsp;'; ?></td>
</tr> </tr>
<tr> <tr>
<td colspan="2"><a href="users/"><?php echo $LANG['Login_login_users']; ?></a></td> <td colspan="2"><a href="users/"><?php echo $LANG['Login_login_users']; ?></a></td>