ponepaste/admin/index.php

<?php
define('IN_PONEPASTE', 1);
require_once(__DIR__ . '/../includes/common.php');

use PonePaste\Models\AdminLog;

if ($current_user === null || !$current_user->admin) {
    header('Location: ..');
    die();
}

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    if (password_verify($_POST['password'], $current_user->admin_password_hash)) {
        updateAdminHistory($current_user, AdminLog::ACTION_LOGIN);
        $_SESSION['admin_login'] = true;
        header("Location: dashboard.php");
        exit();
    } else {
        updateAdminHistory($current_user, AdminLog::ACTION_FAIL_LOGIN);
        $msg = '<div class="paste-alert alert6" style="text-align:center;">
						Wrong Password
					</div>';
    }
}
?>

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>PonePaste - Authenticate</title>
    <link href="css/paste.css" rel="stylesheet">
    <style>
        body {
            background: #F5F5F5;
        }
    </style>
</head>
<body>
<div class="login-form">
    <?php
    if (isset($msg)) {
        echo $msg;
    }
    ?>
    <form action="." method="post">
        <div class="top">
            <h1>PonePaste Admin Authentication</h1>
        </div>
        <div class="form-area">
            <div class="group">
                <input type="text" class="form-control" id="username" name="username" disabled="disabled" value="<?= pp_html_escape($current_user->username); ?>">
                <i class="fa fa-user"></i>
            </div>
            <div class="group">
                <input type="password" class="form-control" id="password" name="password" placeholder="Password"
                       value="">
                <i class="fa fa-key"></i>
            </div>
            <button type="submit" class="btn btn-default btn-block">Authenticate</button>
        </div>
    </form>
</div>
</body>
</html>
Initial commit Initial commit 2021-07-10 19:18:17 +01:00			`<?php`
Make admin dashboard work again. 2021-08-13 16:54:06 -04:00			`define('IN_PONEPASTE', 1);`
Reformat code. 2021-08-22 22:05:26 -04:00			`require_once(__DIR__ . '/../includes/common.php');`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00
More Eloquent moves 2021-11-02 08:46:40 -04:00			`use PonePaste\Models\AdminLog;`

			`if ($current_user === null \|\| !$current_user->admin) {`
			`header('Location: ..');`
			`die();`
			`}`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00
			`if ($_SERVER['REQUEST_METHOD'] == 'POST') {`
More Eloquent moves 2021-11-02 08:46:40 -04:00			`if (password_verify($_POST['password'], $current_user->admin_password_hash)) {`
			`updateAdminHistory($current_user, AdminLog::ACTION_LOGIN);`
			`$_SESSION['admin_login'] = true;`
Make admin dashboard work again. 2021-08-13 16:54:06 -04:00			`header("Location: dashboard.php");`
			`exit();`
Run formatter on all PHP code; should not change behaviour in any way 2021-07-12 09:03:02 -04:00			`} else {`
More Eloquent moves 2021-11-02 08:46:40 -04:00			`updateAdminHistory($current_user, AdminLog::ACTION_FAIL_LOGIN);`
Run formatter on all PHP code; should not change behaviour in any way 2021-07-12 09:03:02 -04:00			`$msg = '<div class="paste-alert alert6" style="text-align:center;">`
More Eloquent moves 2021-11-02 08:46:40 -04:00			`Wrong Password`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00			`</div>';`
Run formatter on all PHP code; should not change behaviour in any way 2021-07-12 09:03:02 -04:00			`}`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00			`}`
			`?>`

			`<!DOCTYPE html>`
			`<html lang="en">`
Run formatter on all PHP code; should not change behaviour in any way 2021-07-12 09:03:02 -04:00			`<head>`
			`<meta charset="utf-8">`
			`<meta http-equiv="X-UA-Compatible" content="IE=edge">`
			`<meta name="viewport" content="width=device-width, initial-scale=1">`
More Eloquent moves 2021-11-02 08:46:40 -04:00			`<title>PonePaste - Authenticate</title>`
Run formatter on all PHP code; should not change behaviour in any way 2021-07-12 09:03:02 -04:00			`<link href="css/paste.css" rel="stylesheet">`
Remove pages 2021-08-06 10:59:47 -04:00			`<style>`
Run formatter on all PHP code; should not change behaviour in any way 2021-07-12 09:03:02 -04:00			`body {`
			`background: #F5F5F5;`
			`}`
			`</style>`
			`</head>`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00			`<body>`
Run formatter on all PHP code; should not change behaviour in any way 2021-07-12 09:03:02 -04:00			`<div class="login-form">`
			`<?php`
			`if (isset($msg)) {`
			`echo $msg;`
			`}`
			`?>`
			`<form action="." method="post">`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00			`<div class="top">`
More Eloquent moves 2021-11-02 08:46:40 -04:00			`<h1>PonePaste Admin Authentication</h1>`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00			`</div>`
			`<div class="form-area">`
Run formatter on all PHP code; should not change behaviour in any way 2021-07-12 09:03:02 -04:00			`<div class="group">`
More Eloquent moves 2021-11-02 08:46:40 -04:00			`<input type="text" class="form-control" id="username" name="username" disabled="disabled" value="<?= pp_html_escape($current_user->username); ?>">`
Run formatter on all PHP code; should not change behaviour in any way 2021-07-12 09:03:02 -04:00			`<i class="fa fa-user"></i>`
			`</div>`
			`<div class="group">`
			`<input type="password" class="form-control" id="password" name="password" placeholder="Password"`
			`value="">`
			`<i class="fa fa-key"></i>`
			`</div>`
More Eloquent moves 2021-11-02 08:46:40 -04:00			`<button type="submit" class="btn btn-default btn-block">Authenticate</button>`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00			`</div>`
Run formatter on all PHP code; should not change behaviour in any way 2021-07-12 09:03:02 -04:00			`</form>`
			`</div>`
Initial commit Initial commit 2021-07-10 19:18:17 +01:00			`</body>`
			`</html>`