jilo-web/app/pages/login.php

69 lines
2.3 KiB
PHP
Raw Normal View History

<?php
2024-07-01 09:45:07 +00:00
// clear the global error var before login
unset($error);
try {
2024-08-10 18:42:44 +00:00
// connect to database
$dbWeb = connectDB($config);
2024-08-10 18:42:44 +00:00
if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
$username = $_POST['username'];
$password = $_POST['password'];
2024-06-30 07:49:51 +00:00
// login successful
2024-09-06 16:34:03 +00:00
if ( $userObject->login($username, $password) ) {
2024-06-30 07:49:51 +00:00
// if remember_me is checked, max out the session
if (isset($_POST['remember_me'])) {
// 30*24*60*60 = 30 days
2024-07-02 17:04:12 +00:00
$cookie_lifetime = 30 * 24 * 60 * 60;
2024-07-03 06:37:35 +00:00
$setcookie_lifetime = time() + 30 * 24 * 60 * 60;
2024-07-02 17:04:12 +00:00
$gc_maxlifetime = 30 * 24 * 60 * 60;
2024-06-30 07:49:51 +00:00
} else {
// 0 - session end on browser close
// 1440 - 24 minutes (default)
2024-07-02 17:04:12 +00:00
$cookie_lifetime = 0;
2024-07-03 06:37:35 +00:00
$setcookie_lifetime = 0;
2024-07-02 17:04:12 +00:00
$gc_maxlifetime = 1440;
2024-06-30 07:49:51 +00:00
}
2024-07-03 06:37:35 +00:00
// set session lifetime and cookies
setcookie('username', $username, [
'expires' => $setcookie_lifetime,
'path' => $config['folder'],
'domain' => $config['domain'],
'secure' => isset($_SERVER['HTTPS']),
'httponly' => true,
'samesite' => 'Strict'
]);
2024-06-30 07:49:51 +00:00
// redirect to index
2024-07-01 09:45:07 +00:00
$_SESSION['notice'] = "Login successful";
2024-09-16 14:09:37 +00:00
$user_id = $userObject->getUserId($username)[0]['id'];
2024-09-17 11:22:43 +00:00
$logObject->insertLog($user_id, "Login: User \"$username\" logged in. IP: $user_IP", 'user');
2024-10-23 12:28:45 +00:00
header('Location: ' . htmlspecialchars($app_root));
exit();
2024-06-30 07:49:51 +00:00
// login failed
} else {
2024-07-01 09:45:07 +00:00
$_SESSION['error'] = "Login failed.";
2024-09-16 14:09:37 +00:00
$user_id = $userObject->getUserId($username)[0]['id'];
2024-09-17 11:22:43 +00:00
$logObject->insertLog($user_id, "Login: Failed login attempt for user \"$username\". IP: $user_IP", 'user');
2024-10-23 12:28:45 +00:00
header('Location: ' . htmlspecialchars($app_root));
2024-07-01 09:45:07 +00:00
exit();
}
}
} catch (Exception $e) {
2024-08-17 08:20:08 +00:00
$error = getError('There was an unexpected error. Please try again.', $e->getMessage());
}
if (!empty($config['login_message'])) {
$notice = $config['login_message'];
2024-08-12 11:12:24 +00:00
include '../app/templates/block-message.php';
}
2024-08-12 11:12:24 +00:00
include '../app/templates/form-login.php';
?>