2015-02-11 23:52:11 -05:00
|
|
|
<?php
|
|
|
|
session_start();
|
|
|
|
require_once("config.inc.php");
|
2015-02-20 05:16:28 -05:00
|
|
|
require_once($yaptc_inc . "functions.inc.php");
|
2017-05-12 11:07:03 -04:00
|
|
|
require_once($yaptc_lang);
|
2015-02-25 16:01:50 -05:00
|
|
|
$yaptc_pagename = lang('LOGIN');
|
2016-02-04 14:18:34 -05:00
|
|
|
$yaptc_pageicon = '<i class="fa fa-sign-in"></i> ';
|
2015-02-11 23:52:11 -05:00
|
|
|
require_once($yaptc_inc . "header.inc.php");
|
2015-02-20 01:57:34 -05:00
|
|
|
if (getSessionStatus() == true):
|
2015-02-25 16:01:50 -05:00
|
|
|
header('Location: index.php');
|
2015-02-20 05:16:28 -05:00
|
|
|
else: ?>
|
2015-02-25 16:01:50 -05:00
|
|
|
<!-- ********** BEGIN CONTENT ********** -->
|
2015-02-20 01:57:34 -05:00
|
|
|
<?php
|
2015-02-25 16:01:50 -05:00
|
|
|
// hash password for comparison
|
2015-02-11 23:52:11 -05:00
|
|
|
require_once($yaptc_lib . "phpass-0.3/PasswordHash.php");
|
2015-02-20 01:57:34 -05:00
|
|
|
$hasher = new PasswordHash(8, FALSE);
|
2015-02-25 16:01:50 -05:00
|
|
|
// compare if posted
|
2015-02-20 01:57:34 -05:00
|
|
|
if (!empty($_POST)):
|
|
|
|
$query = "SELECT id, password, UNIX_TIMESTAMP(created) AS salt, firstname, lastname FROM users WHERE username = :username";
|
|
|
|
$stmt = $yaptc_db->prepare($query);
|
|
|
|
$stmt->execute(array(
|
|
|
|
':username' => $_POST['username']
|
|
|
|
));
|
|
|
|
$user = $stmt->fetchObject();
|
|
|
|
if ($user && $user->password == $hasher->CheckPassword($_POST['password'], $user->password)):
|
2015-02-11 23:52:11 -05:00
|
|
|
session_regenerate_id();
|
|
|
|
$_SESSION['user_id'] = $user->id;
|
|
|
|
$_SESSION['loggedIn'] = TRUE;
|
|
|
|
$_SESSION['signature'] = md5($user->id . $_SERVER['HTTP_USER_AGENT']);
|
2015-02-20 01:57:34 -05:00
|
|
|
$_SESSION['firstname'] = $user->firstname;
|
|
|
|
$_SESSION['lastname'] = $user->lastname;
|
2015-02-11 23:52:11 -05:00
|
|
|
session_write_close();
|
2015-02-20 01:57:34 -05:00
|
|
|
header("Location: index.php");
|
|
|
|
endif;
|
|
|
|
endif;
|
|
|
|
?>
|
2015-02-11 23:52:11 -05:00
|
|
|
|
2017-05-11 16:57:56 -04:00
|
|
|
<div class="container">
|
|
|
|
<form class="form-signin" action="login.php" method="post">
|
|
|
|
<h2 class="form-signin-heading"><?php echo lang('PLEASE_LOG_IN'); ?></h2>
|
|
|
|
<label for="username" class="sr-only"><?php echo lang('EMAIL'); ?></label>
|
|
|
|
<input type="text" id="username" name="username" class="form-control" placeholder="<?php echo lang('USERNAME'); ?>" required autofocus>
|
|
|
|
<label for="password" class="sr-only"><?php echo lang('PASSWORD'); ?></label>
|
|
|
|
<input type="password" id="password" name="password" class="form-control" placeholder="<?php echo lang('PASSWORD'); ?>" required>
|
|
|
|
<button class="btn btn-lg btn-primary btn-block" type="submit" name="login"><?php echo lang('LOGIN'); ?></button>
|
|
|
|
</form>
|
2017-05-12 11:07:03 -04:00
|
|
|
|
2017-05-11 16:57:56 -04:00
|
|
|
</div>
|
2015-02-25 16:01:50 -05:00
|
|
|
|
2017-05-11 16:57:56 -04:00
|
|
|
<!-- ********** END CONTENT ********** -->
|
2015-02-20 05:16:28 -05:00
|
|
|
<?php endif; require_once($yaptc_inc . "footer.inc.php"); ?>
|