Login failed.
\n"; $content .= "\t\t"; exit(page_renderer::render_main($title, $content)); }); /* * _ _ _ _ * ___| |__ ___ ___| | _| | ___ __ _(_)_ __ * / __| '_ \ / _ \/ __| |/ / |/ _ \ / _` | | '_ \ * | (__| | | | __/ (__| <| | (_) | (_| | | | | | * \___|_| |_|\___|\___|_|\_\_|\___/ \__, |_|_| |_| * %checklogin% |___/ */ add_action("checklogin", function() { global $settings, $env; //actually do the login if(isset($_POST["user"]) and isset($_POST["pass"])) { //the user wants to log in $user = $_POST["user"]; $pass = $_POST["pass"]; if($settings->users[$user] == hash_password($pass)) { $env->is_logged_in = true; $expiretime = time() + 60*60*24*30; //30 days from now $_SESSION["$settings->sessionprefix-user"] = $user; $_SESSION["$settings->sessionprefix-pass"] = hash_password($pass); $_SESSION["$settings->sessionprefix-expiretime"] = $expiretime; //redirect to wherever the user was going http_response_code(302); if(isset($_POST["goto"])) header("location: " . $_POST["returnto"]); else header("location: index.php"); exit(); } else { http_response_code(302); header("location: index.php?action=login&failed=yes"); exit(); } } else { http_response_code(302); header("location: index.php?action=login&failed=yes&badrequest=yes"); exit(); } }); } ]); /* * @summary Hashes the given password according to the current settings defined * in $settings. * * @param $pass {string} The password to hash. * * @returns {string} The hashed password. Uses sha3 if $settings->use_sha3 is * enabled, or sha256 otherwise. */ function hash_password($pass) { global $settings; if($settings->use_sha3) { return sha3($pass, 256); } else { return hash("sha256", $pass); } } ?>