id/views/login.php

70 lines
1.7 KiB
PHP
Raw Normal View History

2024-06-29 21:52:46 +00:00
<?php
if ($_SESSION['auth']) {
if (key_exists('callback', $query)) {
2024-07-03 13:20:39 +00:00
header('Location: ' . urldecode($query['callback']));
2024-06-29 21:52:46 +00:00
} else {
header('Location: /dashboard');
}
exit();
}
2024-07-01 21:15:51 +00:00
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Figure out if it's a user
$user_to_log_in_as = db_execute('SELECT id, email, password FROM accounts WHERE email = ?', [$_POST['email']]);
if (!$user_to_log_in_as) {
$error_body = get_string('error.incorrectAuth');
goto skip;
}
if (password_verify($_POST['password'], $user_to_log_in_as['password'])) {
$_SESSION['auth'] = true;
$_SESSION['id'] = $user_to_log_in_as['id'];
if (key_exists('callback', $query)) {
2024-07-03 13:20:39 +00:00
header('Location: ' . urldecode($query['callback']));
2024-07-01 21:15:51 +00:00
} else {
header('Location: /dashboard');
}
exit();
}
}
skip:
2024-06-29 21:52:46 +00:00
?>
<!doctype html>
<html lang="en">
<head>
<?php include 'partials/head.php' ?>
</head>
<body>
<?php include 'partials/header.php' ?>
<main><?php
if ($_SESSION['auth']) {
$error_body = get_string('error.loggedIn');
}
?>
2024-07-01 21:15:51 +00:00
<h1><?= get_string('page.login') ?></h1>
<?php
if (isset($error_body)) {
include 'partials/error.php';
}
?>
2024-06-29 21:52:46 +00:00
<form method="post">
2024-07-01 21:15:51 +00:00
<p><label for="email"><?= get_string("auth.email") ?></label>
2024-06-29 21:52:46 +00:00
<input type="email" name="email" id="email" /></p>
2024-07-01 21:15:51 +00:00
<p><label for="password"><?= get_string("auth.password") ?></label>
2024-06-29 21:52:46 +00:00
<input type="password" name="password" id="password" /></p>
<button type="submit">Submit</button>
</form>
</main>
<?php include 'partials/footer.php' ?>
</body>
</html>