diff options
| author | Andrew Dolgov <[email protected]> | 2017-06-28 12:32:48 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2017-06-28 12:32:48 +0300 |
| commit | 9f4927825bb5efeefdff9a2aac05c5b3200f5ef6 (patch) | |
| tree | f7782cb57127c68bfd5c67fb0d90c725eb8f0e68 /login.php | |
| parent | 4496d4a5e1f3ddb5fd0b3a0315f12c207e7c9041 (diff) | |
move to internal user management because it's impossible to implement
proper transparent offline mode with http auth (worker is incapable of
authenticating properly)
MIGRATION:
1. disable HTTP authentication (this is important!)
2. add two new tables to db/scratch.db (sessions & users)
3. create users via useradm.php (same names and passwords, previous data
is kept)
Diffstat (limited to 'login.php')
| -rw-r--r-- | login.php | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/login.php b/login.php new file mode 100644 index 0000000..e54d989 --- /dev/null +++ b/login.php @@ -0,0 +1,73 @@ +<?php + require_once "config.php"; + require_once "sessions.php"; + + @$op = $_REQUEST["op"]; + + if ($op == "perform-login") { + $user = SQLite3::escapeString($_REQUEST["user"]); + $password = SQLite3::escapeString('SHA256:' . hash('sha256', "$user:" . $_REQUEST["password"])); + + $dbh = Db::get(); + + $res = $dbh->query("SELECT id FROM epube_users WHERE user = '$user' AND pass = '$password'"); + + if ($line = $res->fetchArray(SQLITE3_ASSOC)) { + $_SESSION["owner"] = $user; + header("Location: index.php"); + } + } + +?> +<!DOCTYPE html> +<html> +<head> + <meta name="viewport" content="width=device-width, initial-scale=1.0"> + <link href="lib/bootstrap/v3/css/bootstrap.min.css" rel="stylesheet" media="screen"> + <link href="lib/bootstrap/v3/css/bootstrap-theme.min.css" rel="stylesheet" media="screen"> + <link href="lib/qtip2/jquery.qtip.min.css" rel="stylesheet" media="screen"> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> + <script src="lib/bootstrap/v3/js/jquery.js"></script> + <script src="lib/bootstrap/v3/js/bootstrap.min.js"></script> + <script src="lib/holder.min.js"></script> + <script src="lib/localforage.min.js"></script> + <script src="lib/qtip2/jquery.qtip.min.js"></script> + <title>The Epube</title> + <link type="text/css" rel="stylesheet" media="screen" href="css/index.css" /> + <link rel="shortcut icon" type="image/png" href="img/favicon.png" /> + <link rel="icon" sizes="192x192" href="img/favicon_hires.png"> + <link rel="manifest" href="manifest.json"> + <meta name="mobile-web-app-capable" content="yes"> + <script src="js/index.js"></script> + <script src="js/common.js"></script> +</head> +<body> + +<div class="navbar navbar-default navbar-static-top"> +<div class="container"> + <div class="navbar-header"> + <span class="navbar-brand"><a href="?">The Epube</a></span> + </div> +</div> +</div> + +<div class="container"> + + <form> + <input type="hidden" name="op" value="perform-login"> + + <div class="form-group"> + <label>User</label> + <input class="form-control" required="true" name="user"> + </div> + <div class="form-group"> + <label>Password</label> + <input type="password" class="form-control" name="password" required="true"> + </div> + <button type="submit" class="btn btn-default">Log in</button> + </form> + +</div> + +</body> +</html> |