2022-08-31 06:06:27 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace KaraDAV;
|
|
|
|
|
|
|
|
require_once __DIR__ . '/_inc.php';
|
|
|
|
|
|
|
|
$users = new Users;
|
2022-10-24 17:06:00 +00:00
|
|
|
|
|
|
|
if (empty($_GET['nc']) && $users->current()) {
|
|
|
|
header('Location: ' . WWW_URL);
|
|
|
|
exit;
|
|
|
|
}
|
2022-08-31 06:06:27 +00:00
|
|
|
|
2022-08-31 07:57:49 +00:00
|
|
|
$error = 0;
|
2022-08-31 06:06:27 +00:00
|
|
|
|
2022-10-28 21:42:55 +00:00
|
|
|
if (!empty($_POST['login']) && !empty($_POST['password']) && csrf_check()) {
|
2022-08-31 06:06:27 +00:00
|
|
|
if ($users->login($_POST['login'], $_POST['password'])) {
|
2022-08-31 07:57:49 +00:00
|
|
|
$url = null;
|
|
|
|
|
|
|
|
if (!empty($_POST['nc']) && $_POST['nc'] == 'redirect') {
|
|
|
|
$url = $users->appSessionCreateAndGetRedirectURL();
|
|
|
|
}
|
|
|
|
elseif (!empty($_POST['nc'])) {
|
|
|
|
$users->appSessionCreate($_POST['nc']);
|
|
|
|
$error = -1;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$url = './';
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($url) {
|
|
|
|
header('Location: ' . $url);
|
|
|
|
exit;
|
|
|
|
}
|
2022-08-31 06:06:27 +00:00
|
|
|
}
|
2022-08-31 07:57:49 +00:00
|
|
|
else {
|
|
|
|
$error = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
html_head('Login');
|
2022-08-31 06:06:27 +00:00
|
|
|
|
2022-08-31 07:57:49 +00:00
|
|
|
if ($error == -1) {
|
2022-10-24 17:06:00 +00:00
|
|
|
echo '<p class="info">You are logged in, you can close this window or tab and go back to the app.</p>';
|
2022-10-24 22:35:52 +00:00
|
|
|
html_foot();
|
2022-08-31 07:57:49 +00:00
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($error) {
|
|
|
|
echo '<p class="error">Invalid login or password</p>';
|
2022-08-31 06:06:27 +00:00
|
|
|
}
|
|
|
|
|
2022-08-31 07:57:49 +00:00
|
|
|
echo '
|
|
|
|
<form method="post" action="">';
|
|
|
|
|
|
|
|
if (isset($_GET['nc'])) {
|
|
|
|
printf('<input type="hidden" name="nc" value="%s" />', htmlspecialchars($_GET['nc']));
|
2022-10-28 21:42:55 +00:00
|
|
|
echo '<p class="info">An external application is trying to access your data. Please login to continue and allow access.</p>';
|
2022-08-31 07:57:49 +00:00
|
|
|
}
|
|
|
|
|
2022-10-28 21:42:55 +00:00
|
|
|
echo html_csrf();
|
|
|
|
|
2022-08-31 07:57:49 +00:00
|
|
|
echo '
|
2022-08-31 06:06:27 +00:00
|
|
|
<fieldset>
|
|
|
|
<legend>Login</legend>
|
|
|
|
<dl>
|
|
|
|
<dt><label for="f_login">Login</label></dt>
|
2022-09-03 04:25:02 +00:00
|
|
|
<dd><input type="text" name="login" id="f_login" required autocapitalize="none" /></dd>
|
2022-08-31 06:06:27 +00:00
|
|
|
<dt><label for="f_password">Password</label></dt>
|
|
|
|
<dd><input type="password" name="password" id="f_password" required /></dd>
|
2022-10-24 17:06:00 +00:00
|
|
|
<dd><input type="submit" value="Connect me" /></dd>
|
2022-08-31 06:06:27 +00:00
|
|
|
</dl>
|
|
|
|
</fieldset>
|
|
|
|
</form>
|
2022-08-31 07:57:49 +00:00
|
|
|
';
|
|
|
|
|
|
|
|
html_foot();
|