58 lines
1.6 KiB
PHP
Executable File
58 lines
1.6 KiB
PHP
Executable File
<?php
|
|
include('auth.php');
|
|
#include('redirect.php');
|
|
/* custom redirect */
|
|
if ($_SESSION["admin"] === true) {
|
|
header("Location: /admin/index.php");
|
|
die();
|
|
}
|
|
|
|
/* Login logic */
|
|
if ((isset($_POST['username'])) && (isset($_POST['password']))) {
|
|
|
|
if(anti_spam()){
|
|
$error = "AntiSpam: Vennligst vent og prøv igjen.";
|
|
} else {
|
|
if (($_POST['username'] === $config['username']) && $_POST['password'] === $config['password']) {
|
|
$_SESSION["admin"] = true;
|
|
$_SESSION["username"] = $_POST['username'];
|
|
$_SESSION["password"] = $_POST['password'];
|
|
header("Location: /admin/index.php");
|
|
die();
|
|
} else {
|
|
$error = "Feil påloggingsinformasjon.";
|
|
}
|
|
}
|
|
}
|
|
|
|
function anti_spam() {
|
|
$last_time = file_get_contents("../../anti_spam/login.txt");
|
|
$seconds = time() - $last_time;
|
|
if($seconds < 10) {
|
|
return true;
|
|
} else {
|
|
file_put_contents("../../anti_spam/login.txt", time());
|
|
return false;
|
|
}
|
|
}
|
|
?>
|
|
|
|
<?php include('../../_header.php'); ?>
|
|
|
|
<h3>Administrator Login</h3>
|
|
|
|
<form style="border: 1px solid #888; padding: 10px; border-radius: 2px;" action="" method="post">
|
|
<?php
|
|
if(isset($error)==true) {
|
|
print("<small style='color: red;'>".$error."</small><br><br>");
|
|
}
|
|
?>
|
|
<!-- hvem bryr seg om CSRF -->
|
|
<label for="username">Brukernavn:</label><br>
|
|
<input type="text" id="username" name="username"><br>
|
|
<label for="password">Passord:</label><br>
|
|
<input type="password" id="password" name="password"><br><br>
|
|
<input type="submit" value="Bekreft">
|
|
</form>
|
|
|
|
<?php include('../../_footer.php'); ?>
|