login: prevent admin contents on profile subpages

[minimedit.git] / login.php

diff --git a/login.php b/login.php
index fd1cba165c9c376831043333eb32e8cd60c33ec9..714b5c56d096638fb1fb46ac02989ebddd43e238 100644 (file)
--- a/login.php
+++ b/login.php
@@ -3,7 +3,7 @@ $message = NULL;
 
 if (isset($_POST['login'])) {
        if ($User = login($_POST['login'], $_POST['pass'])) {
-               setcookie('login', $User['auth'], 0, '/');
+               login_setcookie();
        }
        else {
                $message = 'Ongeldige gebruikersnaam of wachtwoord.';
@@ -28,13 +28,13 @@ if (isset($_GET['goto'])) {
        http_response_code(302);
        exit;
 }
-?>
-<p>Ingelogd als <em><?php print $User['name']; ?></em>.</p>
 
-<p class="nav"><a href="?logout">Uitloggen</a></p>
+$part = [
+       'user'  => $User['name'],
+];
+print getoutput($part);
 
-<?php
-if (!empty($User['admin'])) {
-       print "<h3>Laatste aanpassingen</h3>\n";
-       include_once 'admin/commits.php';
+if (empty($Args) and !empty($User['admin'])) {
+       include_once 'admin/index.html';
+       include_once 'admin.php';
 }