1
0
Fork 0
MastodonStartpage/web/admin/login.php

37 lines
1.4 KiB
PHP
Raw Normal View History

2019-12-26 21:57:36 +01:00
<?php
require('include/glob.php');
require('include/muoribene.php');
$btl='<a href="index.php">Torna al login</a>';
$errs='';
if (!array_key_exists('username',$_POST) || $_POST['username']=='')
$errs.='Non hai specificato il nome<br>'.N;
if (!array_key_exists('password',$_POST) || $_POST['password']=='')
$errs.='Non hai specificato la password<br>'.N;
if ($errs!='') muoribene($errs.$btl,false);
$iniarr=parse_ini_file('sec/mastostartadmin.ini')
or muoribene('Impossibile aprire il file di configurazione.<br>'.$btl,false);
$link=mysqli_connect($iniarr['db_host'],$iniarr['db_admin_name'],$iniarr['db_admin_password'],$iniarr['db_name'],$iniarr['db_port'],$iniarr['db_socket'])
or muoribene('Impossibile connettersi al database: '.mysqli_connect_error().' ['.mysqli_connect_errno().']',false);
2019-12-28 22:51:41 +01:00
mysqli_set_charset($link,'utf8mb4');
2019-12-26 21:57:36 +01:00
$res=mysqli_query($link,'SELECT * FROM Admins WHERE Username=\''.mysqli_real_escape_string($link,$_POST['username']).'\'')
or muoribene(mysqli_error($link).'<br>'.$btl,true);
mysqli_close($link);
if (mysqli_num_rows($res)>1)
muoribene('Record admin duplicato.<br>'.$btl,false);
$row=mysqli_fetch_assoc($res);
if (mysqli_num_rows($res)<1 || !password_verify($_POST['password'],$row['Password']))
muoribene('Nome admin e/o password sbagliati.<br>'.$btl,false);
session_name('mastostartadmin');
session_start();
2020-01-11 00:51:02 +01:00
$_SESSION['AdmID']=$row['ID'];
2019-12-26 21:57:36 +01:00
header('Location: instances.php');
?>