2021-07-10 19:18:17 +01:00
|
|
|
<?php
|
2021-08-13 16:54:06 -04:00
|
|
|
define('IN_PONEPASTE', 1);
|
2023-05-12 02:06:31 -04:00
|
|
|
require_once(__DIR__ . '/../../includes/common.php');
|
2021-07-10 19:18:17 +01:00
|
|
|
|
2021-11-02 19:09:46 -04:00
|
|
|
use PonePaste\Models\User;
|
2021-11-02 08:46:40 -04:00
|
|
|
use PonePaste\Models\AdminLog;
|
|
|
|
|
|
2023-02-24 06:26:40 -05:00
|
|
|
function updateAdminHistory(User $admin, int $action) : void {
|
2021-11-02 19:09:46 -04:00
|
|
|
$log = new AdminLog([
|
|
|
|
|
'user_id' => $admin->id,
|
|
|
|
|
'action' => $action,
|
|
|
|
|
'ip' => $_SERVER['REMOTE_ADDR']
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
$log->save();
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-13 21:19:35 -04:00
|
|
|
if ($current_user === null || $current_user->role < User::ROLE_MODERATOR) {
|
2021-11-02 08:46:40 -04:00
|
|
|
header('Location: ..');
|
|
|
|
|
die();
|
|
|
|
|
}
|
2021-07-10 19:18:17 +01:00
|
|
|
|
2023-05-13 20:05:10 -04:00
|
|
|
if (isset($_SESSION['admin_login']) && $_SESSION['admin_login']) {
|
|
|
|
|
header('Location: dashboard.php');
|
|
|
|
|
exit();
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-10 19:18:17 +01:00
|
|
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
2023-05-12 02:06:31 -04:00
|
|
|
if (pp_password_verify($_POST['password'], $current_user->admin_password_hash)) {
|
2021-11-02 08:46:40 -04:00
|
|
|
updateAdminHistory($current_user, AdminLog::ACTION_LOGIN);
|
|
|
|
|
$_SESSION['admin_login'] = true;
|
2021-08-13 16:54:06 -04:00
|
|
|
header("Location: dashboard.php");
|
|
|
|
|
exit();
|
2021-07-12 09:03:02 -04:00
|
|
|
} else {
|
2021-11-02 08:46:40 -04:00
|
|
|
updateAdminHistory($current_user, AdminLog::ACTION_FAIL_LOGIN);
|
2021-07-12 09:03:02 -04:00
|
|
|
$msg = '<div class="paste-alert alert6" style="text-align:center;">
|
2021-11-02 08:46:40 -04:00
|
|
|
Wrong Password
|
2021-07-10 19:18:17 +01:00
|
|
|
</div>';
|
2021-07-12 09:03:02 -04:00
|
|
|
}
|
2021-07-10 19:18:17 +01:00
|
|
|
}
|
|
|
|
|
?>
|
|
|
|
|
<!DOCTYPE html>
|
|
|
|
|
<html lang="en">
|
2021-07-12 09:03:02 -04:00
|
|
|
<head>
|
|
|
|
|
<meta charset="utf-8">
|
|
|
|
|
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
|
|
|
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
2021-11-02 08:46:40 -04:00
|
|
|
<title>PonePaste - Authenticate</title>
|
2021-07-12 09:03:02 -04:00
|
|
|
<link href="css/paste.css" rel="stylesheet">
|
2021-08-06 10:59:47 -04:00
|
|
|
<style>
|
2021-07-12 09:03:02 -04:00
|
|
|
body {
|
|
|
|
|
background: #F5F5F5;
|
|
|
|
|
}
|
|
|
|
|
</style>
|
|
|
|
|
</head>
|
2021-07-10 19:18:17 +01:00
|
|
|
<body>
|
2021-07-12 09:03:02 -04:00
|
|
|
<div class="login-form">
|
|
|
|
|
<?php
|
|
|
|
|
if (isset($msg)) {
|
|
|
|
|
echo $msg;
|
|
|
|
|
}
|
|
|
|
|
?>
|
|
|
|
|
<form action="." method="post">
|
2021-07-10 19:18:17 +01:00
|
|
|
<div class="top">
|
2021-11-02 08:46:40 -04:00
|
|
|
<h1>PonePaste Admin Authentication</h1>
|
2021-07-10 19:18:17 +01:00
|
|
|
</div>
|
|
|
|
|
<div class="form-area">
|
2021-07-12 09:03:02 -04:00
|
|
|
<div class="group">
|
2021-11-02 08:46:40 -04:00
|
|
|
<input type="text" class="form-control" id="username" name="username" disabled="disabled" value="<?= pp_html_escape($current_user->username); ?>">
|
2021-07-12 09:03:02 -04:00
|
|
|
<i class="fa fa-user"></i>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="group">
|
|
|
|
|
<input type="password" class="form-control" id="password" name="password" placeholder="Password"
|
|
|
|
|
value="">
|
|
|
|
|
<i class="fa fa-key"></i>
|
|
|
|
|
</div>
|
2021-11-02 08:46:40 -04:00
|
|
|
<button type="submit" class="btn btn-default btn-block">Authenticate</button>
|
2021-07-10 19:18:17 +01:00
|
|
|
</div>
|
2021-07-12 09:03:02 -04:00
|
|
|
</form>
|
|
|
|
|
</div>
|
2021-07-10 19:18:17 +01:00
|
|
|
</body>
|
|
|
|
|
</html>
|
