<?php
-require 'auth.inc.php';
+$message = NULL;
-if ($editable) {
- http_response_code(307);
- header('Location: /');
- exit;
+if (isset($_POST['login'])) {
+ if ($User = login($_POST['login'], $_POST['pass'])) {
+ login_setcookie();
+ }
+ else {
+ $message = 'Ongeldige gebruikersnaam of wachtwoord.';
+ }
+}
+elseif (isset($_GET['logout'])) {
+ setcookie('login', '', time(), '/'); # expire immediately
+ $User = NULL;
+ $message = 'Uitgelogd.';
}
-header('WWW-Authenticate: Basic realm=""');
-http_response_code(401);
+if (empty($User)) {
+ ob_clean();
+ require_once 'login.inc.php';
+ return TRUE;
+}
-// fallback page shown on authentication failure
-include 'head.inc.php';
+if (isset($_GET['goto'])) {
+ ob_clean();
+ $target = ltrim($_GET['goto'], '/');
+ header("Location: /$target");
+ http_response_code(302);
+ exit;
+}
?>
-<h2>Inloggen mislukt</h2>
-<p>Geen geldige login voor sitebeheer.</p>
+<p>Ingelogd als <em><?php print $User['name']; ?></em>.</p>
+
+<p class="nav"><a href="?logout">Uitloggen</a></p>
+<?php
+if (!empty($User['admin'])) {
+ include_once 'admin/index.html';
+ include_once 'admin.php';
+}