-
-
Notifications
You must be signed in to change notification settings - Fork 35
/
login.php
121 lines (96 loc) · 3.82 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
<?php
/*
Part-DB Version 0.4+ "nextgen"
Copyright (C) 2017 Jan Böhmer
https://github.com/jbtronics
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
include_once __DIR__ . '/start_session.php';
use PartDB\Database;
use PartDB\HTML;
use PartDB\Log;
use PartDB\User;
$user_name = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
$logout = isset($_REQUEST['logout']);
$redirect_url = $_REQUEST['redirect'] ?? '';
$messages = array();
$fatal_error = false;
$action = 'default';
if (!User::isLoggedIn() && $user_name != '') {
$action = 'login';
}
if ($logout == true && User::isLoggedIn() && $user_name == '') {
$action = 'logout';
}
if (User::isLoggedIn() && $logout == false) {
$action = 'redirect';
}
$html = new HTML($config['html']['theme'], $user_config['theme'], $config['partdb_title'] . ' - ' . _('Login'));
try {
$database = new Database();
$log = new Log($database);
$user = User::getLoggedInUser($database, $log);
} catch (Exception $e) {
$messages[] = array('text' => nl2br($e->getMessage()), 'strong' => true, 'color' => 'red');
$fatal_error = true;
}
if (!$fatal_error) {
switch ($action) {
case 'logout':
User::logout();
$html->setVariable('refresh_navigation_frame', true, 'boolean');
$html->setVariable('loggedout', true);
break;
case 'login':
try {
$user = User::getUserByName($database, $log, $user_name);
$pw_valid = User::login($user, $password);
} catch (Exception $ex) {
$pw_valid = false;
}
$html->setVariable('pw_valid', $pw_valid, 'boolean');
if (User::isLoggedIn()) {
$html->setVariable('refresh_navigation_frame', true, 'boolean');
}
break;
case 'redirect':
if ($redirect_url != '') {
//We need to remove Part-DB/ part, because PHP_URI_REQUEST contains it...
$html->redirect(str_replace(BASE_RELATIVE . '/', '', $redirect_url));
} elseif (User::getLoggedInUser()->getNeedPasswordChange()) { //Redirect to user settings, when user needs to change password.
$html->redirect('user_settings.php');
} else { //Else redirect to start page.
$html->redirect('startup.php');
}
break;
case 'default':
break;
}
}
//If a ajax version is requested, say this the template engine.
/*if (isset($_REQUEST["ajax"])) {
$html->setVariable("ajax_request", true);
}*/
if (User::isLoggedIn()) {
$user = User::getLoggedInUser($database, $log);
$html->setVariable('loggedin', true, 'boolean');
}
$html->setVariable('username', $user_name, 'string');
//$html->set_variable("refresh_navigation_frame", true, "boolean");
$reload_link = $fatal_error ? 'login.php' : ''; // an empty string means that the...
$html->printHeader($messages, $reload_link); // ...reload-button won't be visible
if (! $fatal_error) {
$html->printTemplate('login');
}
$html->printFooter();