new file mode 100644

@@ -0,0 +1,154 @@

+<!doctype html>

+<!--

+ * @copyright 2024 Double Bastion LLC <www.doublebastion.com>

+ *

+ * @author Double Bastion LLC

+ *

+ * @license GNU AGPL version 3 or any later version

+ *

+ * This program is free software; you can redistribute it and/or

+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE

+ * License as published by the Free Software Foundation; either

+ * version 3 of the License, or any later version.

+ *

+ * This program is distributed in the hope that it will be useful,

+ * but WITHOUT ANY WARRANTY; without even the implied warranty of

+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.

+ *

+ * You should have received a copy of the GNU Affero General Public

+ * License along with this program.  If not, see <http://www.gnu.org/licenses/>.

+-->

+

+<head>

+   <meta charset="utf-8">

+   <title>RED SCARF Suite Panel</title>

+   <link rel="stylesheet" href="assets/css/login-style.css"/>

+   <script type="text/javascript" src="assets/js/jquery-3.3.1.min.js"></script>

+   <script type="text/javascript" src="assets/js/panel-login.js"></script>

+   <link rel="shortcut icon" type="image/png" href="images/favicon.png" />

+</head>

+<body>

+

+  <div class="wrapper">

+  <div id="formContent">

+    <!-- Tabs Titles -->

+    <a href="panel-login.php"><h2 id="signintab" class="active underlineHover">Log In</h2></a>

+    <a id="signupsec" href="panel-signup.php"><h2 id="signuptab" class="underlineHover">Sign Up</h2></a>

+

+    <!-- Icon -->

+    <div id="logosection">

+      <img src="images/red-scarf-suite-panel_logo_login.svg" id="panel-logo" alt="RED SCARF Suite Panel logo" />

+    </div>

+

+    <div id="submitmessage"></div>

+

+    <!-- Login Form -->

+    <form id="loginform" method="POST">

+      <input type="text" id="login" name="login" placeholder="username">

+      <input type="password" id="password" name="password" placeholder="password">

+      <input type="submit" id="signinbutton" name="signinbutton" value="Log In">

+    </form>

+

+    <!-- Remind Passowrd -->

+    <div id="formFooter">

+      <a id="forgotpass" class="underlineHover" href="forgot-password.php">Forgot Password?</a>

+    </div>

+

+  </div>

+</div>

+

+<?php

+

+define('ACCESSCONST', TRUE);

+

+define('RESTRICTED', TRUE);

+

+require 'db-connect.php';

+

+

+// Extract the sign up parameter from 'install-signup-check.php' to activate or deactivate the 'Sign Up' tab

+if (is_file(dirname(__FILE__) . '/install-signup-check.php')) {

+

+    $setupfile = file(dirname(__FILE__) . '/install-signup-check.php');

+    $signup_check = 'false';

+

+    foreach ($setupfile as $keyfile => $valuefile) {

+         if ((strpos($valuefile, "\$signupcheck") !== false) && (strpos($valuefile, "//") === false)) {

+              $signup_init = explode("=", $valuefile);

+              $firsttwo_init = str_replace(" ","", $signup_init[0]);

+              $signup_sec = explode(";", $signup_init[1]);

+              $signup_check = str_replace(" ","", $signup_sec[0]);

+              break;

+         }

+    }

+

+    ?>

+    <script type="text/javascript">

+         var signupCheck = "<?php print_r($signup_check); ?>";

+    </script>

+    <?php

+

+

+ if(isset($_POST['signinbutton'])) {

+

+    $signinusername = $_POST['login'];

+    $signinpassword = $_POST['password'];

+

+    if ($_POST['login'] != '' && $_POST['password'] != '') {

+

+      // Get the password for the current user from the database

+      $sqlquery = $mysqli->prepare("SELECT userrole, username, password, registered FROM panelusers WHERE BINARY username=?");

+      $sqlquery->bind_param("s", $signinusername);

+      $sqlquery->execute();

+      $fetchdata = $sqlquery->get_result();

+      $fetchresult = $fetchdata->fetch_row();

+      $userrole = $fetchresult[0];

+      $signinpassfromdb = $fetchresult[2];

+      $registered = $fetchresult[3];

+      $sqlquery->close();

+

+      // Verify the given password

+      $signinpswdverify = password_verify($signinpassword, $signinpassfromdb);

+

+        if ($registered == '0') {

+           ?>

+           <script type="text/javascript">

+               $("#submitmessage").append("<span>Your account hasn't been activated yet. Please check your email account used at registration and click on the activation link to activate your account !</span>");

+               $("#submitmessage").css("color", "#AC1F23");

+           </script>

+           <?php

+        } elseif ($signinpswdverify && $registered == '1') {

+

+            session_start();

+            $_SESSION['userrole'] = $userrole;

+            $_SESSION['login'] = $signinusername;

+            $_SESSION['loggedtorspanel'] = true;

+            header("Location: index.php");

+

+        } else {

+           ?>

+           <script type="text/javascript">

+               $("#submitmessage").append("<span>Username and/or password incorrect !</span>");

+               $("#submitmessage").css("color", "#AC1F23");

+           </script>

+           <?php

+          }

+

+    } else {

+           ?>

+           <script type="text/javascript">

+               $("#submitmessage").append("<span>Please enter both your username and password !</span>");

+               $("#submitmessage").css("color", "#AC1F23");

+           </script>

+           <?php

+      }

+ }

+

+}

+

+?>

+

+</body>

+</html>

+