goodoldpaul/MastodonStartpage
1
0
Fork 0
Code Releases Activity
MastodonStartpage/web/mustard/login.php
pezcurrel 1ae0e3c71b ...
2020-05-08 17:38:54 +02:00

42 lines
1.3 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
require('include/glob.php');
require('include/muoribene.php');
function hspech($str) {
return(htmlspecialchars($str,ENT_QUOTES|ENT_HTML5,'UTF-8'));
}
$btl='<a href="index.php">Back to login</a>';
$errs='';
if (!array_key_exists('email',$_POST) || trim($_POST['email'])=='')
$errs.='You didnt specify your email.<br>'.N;
if (!array_key_exists('password',$_POST) || trim($_POST['password'])=='')
$errs.='You didnt specify your password.<br>'.N;
if ($errs!='') muoribene($errs.$btl,false);
require('include/myconn.php');
$res=mysqli_query($link,'SELECT * FROM Admins WHERE Email=\''.mysqli_real_escape_string($link,$_POST['email']).'\'')
or muoribene(__LINE__.': '.mysqli_error($link).'<br>'.$btl,true);
mysqli_close($link);
if (mysqli_num_rows($res)>1)
muoribene('Theres more than one account with Email=«'.hspech($_POST['email']).'»!<br>'.$btl,false);
$row=mysqli_fetch_assoc($res);
if (mysqli_num_rows($res)<1 || !password_verify($_POST['password'],$row['Password']))
muoribene('Unknown email or wrong password.<br>'.$btl,false);
if ($row['Enabled']==0)
muoribene('Your account is not enabled.<br>'.$btl,false);
session_name('mustard');
session_start();
$_SESSION['AdmID']=$row['ID'];
if ($row['Level']=='guest')
header('Location: guestinsts.php');
else
header('Location: instances.php');
?>
View git blame Copy permalink