1
0
Fork 0
mirror of https://github.com/sbrl/Pepperminty-Wiki.git synced 2024-11-25 17:23:00 +00:00

Refactor login code a bit to reduce nesting

This commit is contained in:
Starbeamrainbowlabs 2019-10-07 18:19:48 +01:00
parent 5239fff462
commit 6213a6e715
Signed by: sbrl
GPG key ID: 1BE5172E637709C2
2 changed files with 62 additions and 68 deletions

View file

@ -27,12 +27,9 @@ if(isset($_SESSION[$settings->sessionprefix . "-user"]) and
// Check to see if the currently logged in user is an admin // Check to see if the currently logged in user is an admin
$env->is_admin = false; $env->is_admin = false;
if($env->is_logged_in) if($env->is_logged_in) {
{ foreach($settings->admins as $admin_username){
foreach($settings->admins as $admin_username) if($admin_username == $env->user) {
{
if($admin_username == $env->user)
{
$env->is_admin = true; $env->is_admin = true;
break; break;
} }

View file

@ -86,14 +86,33 @@ register_module([
add_action("checklogin", function() { add_action("checklogin", function() {
global $settings, $env; global $settings, $env;
if(!isset($_POST["user"]) or !isset($_POST["pass"])) {
http_response_code(302);
$nextUrl = "index.php?action=login&failed=yes&badrequest=yes";
if(!empty($_GET["returnto"]))
$nextUrl .= "&returnto=" . rawurlencode($_GET["returnto"]);
header("location: $nextUrl");
exit();
}
// Actually do the login // Actually do the login
if(isset($_POST["user"]) and isset($_POST["pass"]))
{
// The user wants to log in // The user wants to log in
$user = $_POST["user"]; $user = $_POST["user"];
$pass = $_POST["pass"]; $pass = $_POST["pass"];
if(!empty($settings->users->$user) && verify_password($pass, $settings->users->$user->password))
{ // Verify their password
if(empty($settings->users->$user) || !verify_password($pass, $settings->users->$user->password)) {
// Login failed :-(
http_response_code(302);
header("x-login-success: no");
$nextUrl = "index.php?action=login&failed=yes";
if(!empty($_GET["returnto"]))
$nextUrl .= "&returnto=" . rawurlencode($_GET["returnto"]);
header("location: $nextUrl");
exit();
}
// Success! :D // Success! :D
// Update the environment // Update the environment
@ -133,28 +152,6 @@ register_module([
else else
header("location: index.php"); header("location: index.php");
exit(); exit();
}
else
{
// Login failed :-(
http_response_code(302);
header("x-login-success: no");
$nextUrl = "index.php?action=login&failed=yes";
if(!empty($_GET["returnto"]))
$nextUrl .= "&returnto=" . rawurlencode($_GET["returnto"]);
header("location: $nextUrl");
exit();
}
}
else
{
http_response_code(302);
$nextUrl = "index.php?action=login&failed=yes&badrequest=yes";
if(!empty($_GET["returnto"]))
$nextUrl .= "&returnto=" . rawurlencode($_GET["returnto"]);
header("location: $nextUrl");
exit();
}
}); });
add_action("hash-cost-test", function() { add_action("hash-cost-test", function() {