auth.php

   1 <?php
   2 /* vim: set ts=4 tw=0 sw=4 noet: */
   3     require_once 'config.php';
   4     require_once $CFG->root . 'lib/utils.inc.php';
   5
   6     $auth_url = $_SERVER['PHP_SELF'] . '?op=login';
   7     $login = $_SERVER['PHP_SELF'];
   8     $login_form = <<<LF
   9 <!DOCTYPE html>
  10 <html>
  11     <head>
  12         <meta charset="UTF-8">
  13         <title>Login</title>
  14         <link rel="stylesheet" href="css/auth.css">
  15     </head>
  16     <body>
  17         <div class="container">
  18             <div id="login-form">
  19                 <h3>Login</h3>
  20                 <fieldset>
  21                     <form action="$auth_url" method="post">
  22                         <input type="email" name="user" required value="Email" onBlur="if(this.value=='')this.value='Email'" onFocus="if(this.value=='Email')this.value='' "/>
  23                         <input type="password" name="password" required value="Password" onBlur="if(this.value=='')this.value='Password'" onFocus="if(this.value=='Password')this.value='' "/>
  24                         <input type="submit" value="Login"/>
  25 <!--                        <footer class="clearfix">
  26                             <p><span class="info">?</span><a href="#">Forgot Password</a></p>
  27                         </footer>-->
  28                     </form>
  29                 </fieldset>
  30             </div> <!-- end login-form -->
  31             <p class="footer">Powered by <a href="https://qtadmin.datanom.net">
  32             QtAdmin</a>. &copy; 2015 by Michael Rasmussen</p>
  33         </div>
  34     </body>
  35 </html>
  36 LF;
  37
  38     $login_error = <<<LE
  39 <DOCTYPE html>
  40 <html>
  41     <head>
  42         <meta charset="UTF-8">
  43         <title>Error</title>
  44         <link rel="stylesheet" href="css/auth.css">
  45     </head>
  46     <body>
  47         <div class="container">
  48             <div id="greeting">
  49                 <h3>ERROR</h3>
  50                 <fieldset>
  51                     <p><span class="error">__ERROR__<span></p>
  52                     <p><a href="$login">Login</a></p>
  53                 </fieldset>
  54             </div> <!-- end login-form -->
  55             <p class="footer">Powered by <a href="https://qtadmin.datanom.net">
  56             QtAdmin</a>. &copy; 2015 by Michael Rasmussen</p>
  57         </div>
  58     </body>
  59 </html>
  60 LE;
  61
  62     $util = new Utils;
  63     if (isset($_GET['op']))
  64         $action = $_GET['op'];
  65     else
  66         $action = 'default';
  67
  68     if ($action == 'logout') {
  69         // logout
  70         $util->logout();
  71         echo $login_form;
  72     } else if ($action == 'login') {
  73         // login
  74         $user = $_POST['user'];
  75         $password = $_POST['password'];
  76         if ($util->login($user, $password)) {
  77             header('Location: index.php');
  78         } else {
  79             $error = $util->getLoginStatus();
  80             $error = str_replace('__ERROR__', $error, $login_error);
  81             echo $error;
  82         }
  83     } else {
  84         echo $login_form;
  85     }
  86 ?>
  87