pcwvanbeers/assetmgt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
162933affa52d4c42198602355de676a425f4d59
assetmgt/login.php

282 lines
9.1 KiB
PHP
Raw Blame History

<?php
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
include './assets/functions.php';
include './settings/settings_redirector.php';
include './settings/config_redirector.php';
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
//=========================================
//GET Language
//=========================================
// Check for GET parameter override first
if (isset($_GET['language']) && $_GET['language'] != ''){
$lang = strtoupper(trim($_GET['language']));
$lang = in_array($lang, $supportedLanguages) ? $lang : 'US';
$_SESSION['country_code'] = $lang;
}
// Check for existing session language
elseif (isset($_SESSION['country_code'])){
$lang = strtoupper($_SESSION['country_code']);
$lang = in_array($lang, $supportedLanguages) ? $lang : 'US';
}
// Default to browser language
else {
$lang = strtoupper(substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2));
$lang = in_array($lang, $supportedLanguages) ? $lang : 'US';
}
//INCLUDE THE TRANSLATION
include_once './settings/translations/translations_'.$lang.'.php';
include_once './settings/countries.php';
//=========================================
//GET DOMAIN FOR CORRECT STYLING AND SETTINGS
//=========================================
$domain = getDomainName($_SERVER['SERVER_NAME']);
$custom_css = (file_exists(dirname(__FILE__).'/custom/'.$domain.'/style/'.$domain.'_login.css') ? './custom/'.$domain.'/style/'.$domain.'_login.css' : './style/admin_login.css');
// Check if the user is already logged in, if yes then redirect him to welcome page
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
header("location: index.php");
exit();
}
// Define variables and initialize with empty values
$username = $password = '';
$username_err = $password_err = '';
$retry = 0;
// Check for error parameter from redirects
if (isset($_GET['error']) && $_GET['error'] === 'session_expired') {
$password_err = $password_err_2 ?? 'Session expired or invalid. Please login again.';
}
// Process submitted form data
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// Check maintenance mode exception
if (maintenance_mode && trim($_POST['username']) != maintenance_mode_user) {
$username_err = maintenance_mode_text ?? 'System in maintenance';
} else {
// Check if username is empty
if(empty(trim($_POST['username']))){
$username_err = $username_enter ?? 'Please enter username' ;
} else{
$username = trim($_POST['username']);
}
// Check if password is empty
if(empty(trim($_POST['password']))){
$password_err = $password_enter ?? 'Please enter your password';
} else{
$password = trim($_POST['password']);
}
// Validate credentials
if (empty($username_err) && empty($password_err) && $retry < 3) {
$data = json_encode(array("username" => $username, "password" => $password), JSON_UNESCAPED_UNICODE);
//API call
$responses = ioServer('/v2/authorization', $data);
//Decode Payload
if (!empty($responses)){$responses = json_decode($responses,true);}else{$responses = '400';}
if ($responses === 'NOK' || $responses === 'NULL' || $responses === 'NULL '){
$retry++;
$password_err = $password_err_1 ?? 'Not authorized, please retry';
} elseif ($responses == '1'){
$password_err = $password_err_2 ?? 'Too many login attempts. User blocked, please contact your administrator';
} elseif (!empty($responses['userkey']) && ctype_xdigit($responses['userkey'])) {
// Start a new session
session_start();
// Store data in session
$_SESSION['loggedin'] = true;
$_SESSION['authorization'] = $responses;
$language_user = trim($_SESSION['authorization']['language']) ?? 'US';
header('location: index.php?language='.$language_user.'');
exit();
} else {
$retry++;
$password_err = $password_err_1 ?? 'Not authorized, please retry';
}
}
else {
// Display an error for passord mismatch
$password_err = $password_err_3 ?? 'Not authorized';
}
} // Close maintenance mode check
}
echo'
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-type" content="text/html; charset=UTF-8" />
<title>'.site_title.'</title>
<link rel="shortcut icon" href="'.icon_image.'" type="image/x-icon" />
<link href="'.$custom_css.'" rel="stylesheet" type="text/css">
<style>
.maintenance-modal {
position: fixed;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-color: rgba(0, 0, 0, 0.7);
z-index: 9999;
display: flex;
justify-content: center;
align-items: center;
padding: 20px;
box-sizing: border-box;
}
.maintenance-modal.hidden {
display: none !important;
}
.maintenance-modal-content {
background: white;
padding: 30px;
border-radius: 4px;
text-align: center;
max-width: 500px;
width: 100%;
margin: auto;
position: relative;
}
.maintenance-modal-content p {
margin-bottom: 20px;
font-size: 16px;
color: #333;
line-height: 1.5;
}
.modal-close {
position: absolute;
top: 10px;
right: 15px;
font-size: 28px;
font-weight: bold;
color: #999;
cursor: pointer;
transition: color 0.3s;
}
.modal-close:hover {
color: #333;
}
@media (max-width: 768px) {
.maintenance-modal-content {
padding: 20px;
max-width: 90%;
}
.maintenance-modal-content p {
font-size: 14px;
}
}
</style>
</head>
<body>
';
//Logon view
echo'
<div class="login-container">
<div class="login-form">
<div class="logo"></div>
<a href="register.php" class="register-link">'.strtolower($account_create ?? 'create account').'</a>';
if (maintenance_mode) {
echo '
<div id="maintenanceModal" class="maintenance-modal">
<div class="maintenance-modal-content">
<span class="modal-close" onclick="dismissMaintenanceModal()">&times;</span>
<p>'.maintenance_mode_text.'</p>
<p style="text-align: center;">
<small>'.maintenance_mode_notification.'</small>
</p>
</div>
</div>';
}
echo '
<div class="header">
<h1>'.($login_h1 ?? 'Login to your account').'</h1>
<p>'.($login_p ?? 'Enter your details to login.').'</p>
</div>
<form action="'.$_SERVER['PHP_SELF'].'" method="POST">
<div class="input-group">
<input type="text" id="username" name="username" placeholder="'.($User_username ?? 'Username').'" value="'.$username.'" autofocus>
</div>
<div class="input-group">
<input type="password" id="password" name="password" placeholder="'.($account_create_password ?? 'Password').'" value="'.$password.'">
<a href="reset.php'.(isset($_GET['language'])? '?language='.$_GET['language'].'' : '').'" class="forgot-password">'.($button2 ?? 'Forgot password?').'</a>
</div>
<div class="remember-me">
<label for="remember-me"></label>
</div>
<button type="submit" class="login-btn">'.($button1 ?? 'Login').'</button>
</form>';
if($password_err !='' || $username_err != ''){
echo'
<div class="message"><p>'.$username_err.''.$password_err.'</p></div>
';
}
//Maintenance mode notification message
if (maintenance_mode_communication){
echo'
<div class="maintenance">
<p style="text-align: center;">
<small>'.maintenance_mode_notification.'</small>
</p>
</div>';
}
echo'
<div class="trademark">'.site_title.'</div>
<div class="language-selector">
<span>🌐</span>
<select id="language-selector">';
foreach ($supportedLanguages as $language){
echo ' <option value="'.$language.'" '.((isset($_SESSION['country_code']) && $_SESSION['country_code'] == $language) ? 'selected' : '').'>'.$language.'</option>';
}
echo'
</select>
</div>
</div>
<div class="login-visual">
</div>
</div>
</body>
<script>
function dismissMaintenanceModal() {
var modal = document.getElementById("maintenanceModal");
if (modal) {
modal.classList.add("hidden");
}
}
document.getElementById("language-selector").addEventListener("change", function() {
if (this.value) {
var currentUrl = window.location.pathname;
window.location.href = currentUrl + "?language=" + this.value;
}
});
</script>
</html>';
?>
Reference in New Issue View Git Blame Copy Permalink