edit: replace save confirmation by page close protection

[minimedit.git] / login.php

diff --git a/login.php b/login.php
index 67812117f72799d5755a285355cc532ca63bce5e..db276d191b04ff1dbc0f59ab30d9e7fd050f4d8e 100644 (file)
--- a/login.php
+++ b/login.php
@@ -1,11 +1,29 @@
 <?php
-require 'auth.inc.php';
+include 'page.inc.php';
+?>
+<h2>Inloggen</h2>
 
-if (!$editable) {
-       require 'logout.php';
-       exit;
-}
+<?php
+if (isset($_POST['login'])) {
+       if ($user = login($_POST['login'], $_POST['pass'])) {
+               setcookie('login', $user['auth'], 0, '/');
+
+               $target = ltrim(@$_GET['goto'], '/');
+               header("Location: /$target");
+               http_response_code(302);
+               exit;
+       }
 
-http_response_code(307);
-header('Location: /');
+       echo '<p class="warn">Ongeldige gebruikersnaam of wachtwoord.</p>'."\n\n";
+}
+elseif (!empty($User)) {
+       setcookie('login', '', time(), '/'); # expire immediately
+       echo '<p class="warn">Uitgelogd.</p>'."\n\n";
+}
 
+?>
+<form action="" method="post">
+       <input id="login" name="login" placeholder="Huisnummer" />
+       <input id="pass" name="pass" type="password" value="" placeholder="Wachtwoord" />
+       <input type="submit" value="Log in" />
+</form>