66 lines
1.6 KiB
PHP
66 lines
1.6 KiB
PHP
<?php
|
|
//
|
|
// OpenSMTPD Admin
|
|
// by Mischa Peters <mischa at high5 dot nl>
|
|
// Copyright (c) 2022 High5!
|
|
// License Info: LICENSE.TXT
|
|
//
|
|
// File: login.php
|
|
//
|
|
// Template File: login.tpl
|
|
//
|
|
// Template variables:
|
|
//
|
|
// message
|
|
// username
|
|
//
|
|
// GET / POST variables:
|
|
//
|
|
// username
|
|
// password
|
|
//
|
|
require_once './functions.inc.php';
|
|
include './languages/' . check_language () . '.lang';
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] == "POST") {
|
|
$username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL);
|
|
$password = filter_input(INPUT_POST, 'password', FILTER_DEFAULT);
|
|
|
|
if (!empty($username) && !empty($password)) {
|
|
$dbh = pdo_connect();
|
|
$sth = $dbh->prepare("SELECT password,role FROM admin WHERE username=?");
|
|
$sth->bindParam(1, $username, PDO::PARAM_STR);
|
|
$sth->execute();
|
|
$row = $sth->fetch(PDO::FETCH_ASSOC);
|
|
if (empty($row)) {
|
|
$sth = $dbh->prepare("SELECT password FROM mailbox WHERE username=?");
|
|
$sth->bindParam(1, $username, PDO::PARAM_STR);
|
|
$sth->execute();
|
|
$row = $sth->fetch(PDO::FETCH_ASSOC);
|
|
$location = "password.php";
|
|
} else {
|
|
$location = "list-domain.php";
|
|
}
|
|
}
|
|
|
|
if (!empty($row['password'])) {
|
|
if (!password_verify($password, $row['password'])) {
|
|
$message = $LANG['Login_incorrect'];
|
|
}
|
|
} else {
|
|
$message = $LANG['Login_incorrect'];
|
|
}
|
|
|
|
if (empty($message)) {
|
|
session_start();
|
|
$_SESSION['sessid']['username'] = $username;
|
|
$_SESSION['sessid']['role'] = $row['role'] ?? '';
|
|
header("Location: $location");
|
|
exit;
|
|
}
|
|
}
|
|
include './templates/header.tpl';
|
|
include './templates/login.tpl';
|
|
include './templates/footer.tpl';
|
|
?>
|