login.php
97 lines
| 3.4 KiB
| text/x-php
|
HtmlPhpLexer
| r1 | <?php | |||
| require_once('include/admin.inc.php'); | ||||
| /* Megatokyo admin system assumes that everyone has equivilent | ||||
| ability to create and alter content. There are no permission | ||||
| levels or access controls other than "Can they login?" */ | ||||
| $error = ''; | ||||
| switch( $_REQUEST['action'] ) { | ||||
| case 'logout': | ||||
| mt_clearcookie(); | ||||
| _redirect( ADMIN_PATH .'/login.php?loggedout=true' ); | ||||
| case 'login': | ||||
| $log = $_POST['log']; | ||||
| $pwd = $_POST['pwd']; | ||||
| if( mt_login( $log, $pwd )) { | ||||
| //logthis ( "AUTH: Successful login from $log at " . $_SERVER["REMOTE_ADDR"], false ); | ||||
| adminlog("User ".$log." has logged in from ".$_SERVER['REMOTE_ADDR'], MTS_LOGIN, MTA_CHANGE); | ||||
| // correct password | ||||
| // set cookie | ||||
| mt_setcookie($log, $pwd, false, ADMIN_PATH, isset($_POST['rememberme']) ); | ||||
| if($_POST['redirect_to']) _redirect( $_POST['redirect_to'] ); | ||||
| _redirect( ADMIN_PATH .'/' ); | ||||
| } else { | ||||
| //logthis ('AUTH: Failed login attempt from ' . $_SERVER["REMOTE_ADDR"], var_export( $_REQUEST, true ) ); | ||||
| } | ||||
| // incorrect username or password, fall through to error display | ||||
| case 'error': | ||||
| default: | ||||
| if ( !empty($_COOKIE[USER_COOKIE]) && mt_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true) ) { | ||||
| // Already logged in, redirect to admin dashboard. | ||||
| nocache_headers(); | ||||
| _redirect( ADMIN_PATH .'/' ); | ||||
| } | ||||
| if( $_GET['loggedout'] == true ) $error.='<p>Successfully logged you out.</p>'; | ||||
| ?> | ||||
| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> | ||||
| <html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US"> | ||||
| <head> | ||||
| <title>Megatokyo Admin › Login</title> | ||||
| <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> | ||||
| <meta name="generator" content="Alan J Castonguay, Robert Sherby, Jeremy Wagner-Kaiser, Shawn Morford (!! nathanbp, jrl !!)" /> | ||||
| <link rel="stylesheet" href="wp-admin.css" type="text/css" /> | ||||
| <!--[if IE]><style type="text/css">#login h1 a { margin-top: 35px; } #login ul { padding-bottom: 65px; }</style><![endif]--><!-- Curse you, IE! --> | ||||
| <script type="text/javascript"> | ||||
| function focusit() { | ||||
| document.getElementById('user_login').focus(); | ||||
| } | ||||
| window.onload = focusit; | ||||
| </script> | ||||
| </head> | ||||
| <body class="login"> | ||||
| <div id="login"><h1><a href="<?php echo SITE_HOST.SITE_PATH; ?>">Megatokyo Admin</a></h1> | ||||
| <?php | ||||
| if ( $error ) echo "<div id=\"login_error\">$error</div>\n"; | ||||
| ?> | ||||
| <form name="loginform" id="loginform" action="login.php" method="post"> | ||||
| <?php if($_GET['redirect_to']) { | ||||
| echo '<input type="hidden" name="redirect_to" value="' . htmlentities($_GET['redirect_to']) . '" />'; | ||||
| } ?> | ||||
| <p> | ||||
| <label>Username:<br/> | ||||
| <input type="text" name="log" id="user_login" class="input" value="" size="20" tabindex="10" /></label> | ||||
| </p> | ||||
| <p> | ||||
| <label>Password:<br/> | ||||
| <input type="password" name="pwd" id="user_pass" class="input" value="" size="20" tabindex="20" /></label> | ||||
| </p> | ||||
| <hr/> | ||||
| <p><label><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="90" /> Remember me</label></p> | ||||
| <p class="submit"> | ||||
| <input type="submit" name="submit" id="submit" value="Login »" tabindex="100" /> | ||||
| <input type="hidden" name="action" value="login" /> | ||||
| </p> | ||||
| </form></div> | ||||
| <ul> | ||||
| <li><a href="<?php echo SITE_HOST.SITE_PATH; ?>" title="Return to the public Megatokyo website.">Back to Megatokyo Website</a></li> | ||||
| </ul> | ||||
| </body> | ||||
| </html> | ||||
| <?php | ||||
| die(); | ||||
| } // end switch | ||||
| ?> | ||||
