GitList - GitList

Raw Blame Patch Log History
<!doctype html>
<!--
 * @copyright 2024 Double Bastion LLC <www.doublebastion.com>
 *
 * @author Double Bastion LLC
 *
 * @license GNU AGPL version 3 or any later version
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
 * License as published by the Free Software Foundation; either
 * version 3 of the License, or any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
 *
 * You should have received a copy of the GNU Affero General Public
 * License along with this program.  If not, see <http://www.gnu.org/licenses/>.
-->

<head>
   <meta charset="utf-8">
   <title>RED SCARF Suite Panel</title>
   <link rel="stylesheet" href="assets/css/login-style.css"/>
   <script type="text/javascript" src="assets/js/jquery-3.3.1.min.js"></script>
   <script type="text/javascript" src="assets/js/panel-login.js"></script>
   <link rel="shortcut icon" type="image/png" href="images/favicon.png" />
</head>
<body>

  <div class="wrapper">
  <div id="formContent">
    <!-- Tabs Titles -->
    <a href="panel-login.php"><h2 id="signintab" class="active underlineHover">Log In</h2></a>
    <a id="signupsec" href="panel-signup.php"><h2 id="signuptab" class="underlineHover">Sign Up</h2></a>

    <!-- Icon -->
    <div id="logosection">
      <img src="images/red-scarf-suite-panel_logo_login.svg" id="panel-logo" alt="RED SCARF Suite Panel logo" />
    </div>

    <div id="submitmessage"></div>

    <!-- Login Form -->
    <form id="loginform" method="POST">
      <input type="text" id="login" name="login" placeholder="username">
      <input type="password" id="password" name="password" placeholder="password">
      <input type="submit" id="signinbutton" name="signinbutton" value="Log In">
    </form>

    <!-- Remind Passowrd -->
    <div id="formFooter">
      <a id="forgotpass" class="underlineHover" href="forgot-password.php">Forgot Password?</a>
    </div>

  </div>
</div>

<?php

define('ACCESSCONST', TRUE);

define('RESTRICTED', TRUE);

require 'db-connect.php';


// Extract the sign up parameter from 'install-signup-check.php' to activate or deactivate the 'Sign Up' tab
if (is_file(dirname(__FILE__) . '/install-signup-check.php')) {

    $setupfile = file(dirname(__FILE__) . '/install-signup-check.php');
    $signup_check = 'false';

    foreach ($setupfile as $keyfile => $valuefile) {
         if ((strpos($valuefile, "\$signupcheck") !== false) && (strpos($valuefile, "//") === false)) {
              $signup_init = explode("=", $valuefile);
              $firsttwo_init = str_replace(" ","", $signup_init[0]);
              $signup_sec = explode(";", $signup_init[1]);
              $signup_check = str_replace(" ","", $signup_sec[0]);
              break;
         }
    }

    ?>
    <script type="text/javascript">
         var signupCheck = "<?php print_r($signup_check); ?>";
    </script>
    <?php


 if(isset($_POST['signinbutton'])) {

    $signinusername = $_POST['login'];
    $signinpassword = $_POST['password'];

    if ($_POST['login'] != '' && $_POST['password'] != '') {

      // Get the password for the current user from the database
      $sqlquery = $mysqli->prepare("SELECT userrole, username, password, registered FROM panelusers WHERE BINARY username=?");
      $sqlquery->bind_param("s", $signinusername);
      $sqlquery->execute();
      $fetchdata = $sqlquery->get_result();
      $fetchresult = $fetchdata->fetch_row();
      $userrole = $fetchresult[0];
      $signinpassfromdb = $fetchresult[2];
      $registered = $fetchresult[3];
      $sqlquery->close();

      // Verify the given password
      $signinpswdverify = password_verify($signinpassword, $signinpassfromdb);

        if ($registered == '0') {
           ?>
           <script type="text/javascript">
               $("#submitmessage").append("<span>Your account hasn't been activated yet. Please check your email account used at registration and click on the activation link to activate your account !</span>");
               $("#submitmessage").css("color", "#AC1F23");
           </script>
           <?php
        } elseif ($signinpswdverify && $registered == '1') {

            session_start();
            $_SESSION['userrole'] = $userrole;
            $_SESSION['login'] = $signinusername;
            $_SESSION['loggedtorspanel'] = true;
            header("Location: index.php");

        } else {
           ?>
           <script type="text/javascript">
               $("#submitmessage").append("<span>Username and/or password incorrect !</span>");
               $("#submitmessage").css("color", "#AC1F23");
           </script>
           <?php
          }

    } else {
           ?>
           <script type="text/javascript">
               $("#submitmessage").append("<span>Please enter both your username and password !</span>");
               $("#submitmessage").css("color", "#AC1F23");
           </script>
           <?php
      }
 }

}

?>

</body>
</html>