Exemple #1
0
<?php

if ($_SERVER["REQUEST_METHOD"] == "GET") {
    exit(file_get_contents("templates/login.html"));
}
// The request isn't GET, so it's probably POST.
utils::require_params($_POST, ["username", "password"], "POST");
if (usertils::check_credentials($_POST["username"], $_POST["password"])) {
    env::$username = $_POST["username"];
    env::$role = usertils::get_user($_POST["username"])["roles"];
    http_response_code(302);
    // temporary redirect
    header("location: index.php?action=list&login=success");
    // todo set an *appropriate* cookie here
    // todo output a nice login success page here?
    exit;
}
// The login failed!
http_response_code(401);
// todo output a nice login failed page here.
header("content-type: text/plain");
exit("Login failed.");
Exemple #2
0
<?php

if (isset($_COOKIE["{$settings->cookie_prefix}-user"]) && isset($_COOKIE["{$settings->cookie_prefix}-session-key"])) {
    // The requester has attached a session key, we should probably take a look at it.
    if (sessions::lookup($_COOKIE["{$settings->cookie_prefix}-user"], $_COOKIE["{$settings->cookie_prefix}-session-key"])) {
        // The user's key was valid! Update the environment to reflect the user.
        env::$username = $_COOKIE["{$settings->cookie_prefix}-user"];
        env::$key = $_COOKIE["{$settings->cookie_prefix}-session-key"];
        env::$role = intval(usertils::get_user(env::$username)["roles"]);
    }
}