X-Git-Url: http://git.shiar.net/minimedit.git/blobdiff_plain/fe92ec8f17c832c4a663aea399dc90a4c09ce6b1..b9757db57858fdcff8af1a6566e299559e491b17:/login/index.php

diff --git a/login/index.php b/login/index.php
index 0835133..2b073f0 100644
--- a/login/index.php
+++ b/login/index.php
@@ -1,4 +1,5 @@
 <?php
+if (!$User) return;
 $message = NULL;
 
 if (isset($_POST['mail'])) {
@@ -10,10 +11,12 @@ if (isset($_POST['mail'])) {
 			$message = "Er is een e-mail verstuurd naar $inputq.";
 		}
 		else {
+			http_response_code(404);
 			$message = "E-mailadres $inputq is nergens ingesteld.";
 		}
 	}
 	catch (Exception $e) {
+		http_response_code(500);
 		$message = "E-mail kon niet verstuurd worden."
 			. " Probeer het later nog eens of neem contact op.";
 	}
@@ -23,6 +26,7 @@ elseif (isset($_POST['login'])) {
 		login_setcookie();
 	}
 	else {
+		http_response_code(403);
 		$message = 'Ongeldige gebruikersnaam of wachtwoord.';
 	}
 }
@@ -32,28 +36,49 @@ elseif (isset($_GET['logout'])) {
 	$message = "Je bent uitgelogd. Graag tot ziens!";
 }
 
-if (empty($User)) {
-	ob_clean();
+if (!$User or !$User->login) {
+	$Page->title = 'Inloggen';
+	if (isset($_REQUEST['goto'])) {
+		if (empty($message)) http_response_code(403);
+		$target = ltrim($_REQUEST['goto'], '/');
+		$target = new ArchiveArticle("$target.html");
+
+		if ($target and $target->handler) {
+			# run forbidden handler to determine metadata
+			$User = NULL;
+			$caller = $Page;
+			$Page = $target;
+			ob_start();
+			include "./{$target->handler}/index.php";
+			ob_end_clean();
+			$Page = $caller;
+		}
+
+		if ($target->title) {
+			$Page->title .= ' voor ' . $target->title;
+		}
+		$Page->image = $target->image;
+		$Page->teaser = $target->teaser;
+	}
+	ob_start();
 	require_once 'login/form.inc.php';
-	$part = ['warn' => $message];
-	print getoutput($part);
+	$Page->raw = ob_get_clean();
+	$Page->place['warn'] = $message;
 	return TRUE;
 }
 
-if (isset($_GET['goto'])) {
-	ob_clean();
-	$target = ltrim($_GET['goto'], '/');
+if (isset($_REQUEST['goto'])) {
+	$target = ltrim($_REQUEST['goto'], '/');
 	header("Location: /$target");
 	http_response_code(302);
 	exit;
 }
 
-$part = [
-	'user'  => $User['name'],
-];
-print getoutput($part);
-
-if (empty($Args) and !empty($User['admin'])) {
+if (isset($Page->raw)) {
+	print $Page->raw;
+}
+if (empty($Page->path) and $User->admin) {
 	include_once 'login/admin.html';
-	include_once 'login/admin/index.php';
 }
+
+return;