git.shiar.nl / minimedit.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
login: log authenticated user in apache note
[minimedit.git] / login.php
diff --git a/login.php b/login.php
index 35dc55e34873791721c19ae51f356c7abc45cbc2..3b590641649ed69d6237d8fba0e78a144114acc6 100644 (file)
--- a/login.php
+++ b/login.php
@@ -1,18 +1,34 @@
 <?php
-require 'auth.inc.php';
+$message = NULL;
 
-if ($editable) {
-       http_response_code(307);
-       header('Location: /');
-       exit;
+if (isset($_POST['login'])) {
+       if ($User = login($_POST['login'], $_POST['pass'])) {
+               setcookie('login', $User['auth'], 0, '/');
+       }
+       else {
+               $message = 'Ongeldige gebruikersnaam of wachtwoord.';
+       }
+}
+elseif (isset($_GET['logout'])) {
+       setcookie('login', '', time(), '/'); # expire immediately
+       $User = NULL;
+       $message = 'Uitgelogd.';
 }
 
-header('WWW-Authenticate: Basic realm=""');
-http_response_code(401);
+if (isset($_GET['goto']) and isset($User)) {
+       ob_clean();
+       $target = ltrim($_GET['goto'], '/');
+       header("Location: /$target");
+       http_response_code(302);
+       exit;
+}
 
-// fallback page shown on authentication failure
-include 'head.inc.php';
+if (empty($User)) {
+       ob_clean();
+       require_once 'login.inc.php';
+       return TRUE;
+}
 ?>
-<h2>Inloggen mislukt</h2>
-<p>Geen geldige login voor sitebeheer.</p>
+<p>Ingelogd als <em><?php print $User['name']; ?></em>.</p>
 
+<p class="nav"><a href="?logout">Uitloggen</a></p>
MinimEdit - databaseless cms with only a bit of php