This repository has been archived on 2024-06-26. You can view files and clone it, but cannot push or open issues or pull requests.
sakura/main/authenticate.php

163 lines
4.4 KiB
PHP
Raw Normal View History

2015-04-06 21:23:54 +00:00
<?php
/*
* Sakura Authentication Page
*/
// Declare Namespace
namespace Sakura;
// Include components
require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sakura.php';
2015-04-08 17:18:19 +00:00
// Page actions
if(
isset($_REQUEST['mode']) &&
isset($_REQUEST['time']) &&
isset($_REQUEST['session'])
) {
2015-04-17 22:51:53 +00:00
// Continue
$continue = true;
2015-04-08 17:18:19 +00:00
2015-04-17 22:51:53 +00:00
// Compare time and session so we know the link isn't forged
if($_REQUEST['time'] < time() - 1000) {
2015-04-08 19:27:51 +00:00
2015-04-17 22:51:53 +00:00
$renderData['page'] = [
'title' => 'Action failed',
'redirect' => '/authenticate',
'message' => 'Timestamps differ too much, please try again.'
];
2015-04-17 22:51:53 +00:00
// Prevent
$continue = false;
2015-04-17 22:51:53 +00:00
}
// Match session ids for the same reason
if($_REQUEST['session'] != session_id()) {
$renderData['page'] = [
'title' => 'Action failed',
'redirect' => '/authenticate',
'message' => 'Session IDs do not match.'
];
// Prevent
$continue = false;
}
2015-04-18 11:35:16 +00:00
// Login check
if(Users::checkLogin()) {
if($_REQUEST['mode'] != 'logout')
$continue = false;
}
2015-04-17 22:51:53 +00:00
if($continue) {
switch($_REQUEST['mode']) {
case 'logout':
// Attempt logout
$logout = Users::logout();
// Add page specific data
$renderData['page'] = [
'title' => 'Logout',
'redirect' => ($logout ? $_REQUEST['redirect'] : '/authenticate'),
'message' => $logout ? 'You are now logged out.' : 'Logout failed.'
];
break;
// Login processing
case 'login':
// Attempt login
$login = Users::login($_REQUEST['username'], $_REQUEST['password'], isset($_REQUEST['remember']));
// Array containing "human understandable" messages
$messages = [
'USER_NOT_EXIST' => 'The user you tried to log into does not exist.',
'INCORRECT_PASSWORD' => 'The password you entered was invalid.',
'DEACTIVATED' => 'Your account is deactivated.',
'LEGACY_SUCCESS' => 'Login successful! Taking you to the password changing page...',
'LOGIN_SUCESS' => 'Login successful!'
];
// Add page specific things
$renderData['page'] = [
'title' => 'Login',
'redirect' => ($login[0] ? $_REQUEST['redirect'] : '/authenticate'),
'message' => $messages[$login[1]]
];
2015-04-08 19:27:51 +00:00
2015-04-17 22:51:53 +00:00
break;
2015-04-08 19:27:51 +00:00
2015-04-17 22:51:53 +00:00
// Registration processing
case 'register':
2015-04-08 19:27:51 +00:00
2015-04-17 22:51:53 +00:00
// Add page specific things
$renderData['page'] = [
'title' => 'Register on Flashii',
'redirect' => $_SERVER['PHP_SELF'],
'message' => 'what'
];
2015-04-08 19:27:51 +00:00
2015-04-17 22:51:53 +00:00
break;
2015-04-08 19:27:51 +00:00
2015-04-17 22:51:53 +00:00
// Unforgetting passwords
case 'forgotpassword':
2015-04-08 19:27:51 +00:00
2015-04-17 22:51:53 +00:00
// Add page specific things
$renderData['page'] = [
'title' => 'Forgot Password',
'redirect' => $_SERVER['PHP_SELF'],
'message' => 'what'
];
2015-04-08 17:18:19 +00:00
2015-04-17 22:51:53 +00:00
break;
2015-04-08 17:18:19 +00:00
2015-04-17 22:51:53 +00:00
}
2015-04-08 17:18:19 +00:00
}
// Print page contents or if the AJAX request is set only display the render data
print isset($_REQUEST['ajax']) ?
(
$renderData['page']['title']
. ':'
. $renderData['page']['message']
. ':'
. $renderData['page']['redirect']
) :
Templates::render('errors/information.tpl', $renderData);
2015-04-08 19:27:51 +00:00
exit;
2015-04-08 17:18:19 +00:00
}
2015-04-06 21:23:54 +00:00
// Add page specific things
$renderData['page'] = [
2015-04-08 17:18:19 +00:00
'title' => 'Login to Flashii'
2015-04-06 21:23:54 +00:00
];
$renderData['auth'] = [
'redirect' => (
isset($_REQUEST['chat']) ?
Configuration::getLocalConfig('urls', 'chat') :
(
isset($_SERVER['HTTP_REFERER']) ?
$_SERVER['HTTP_REFERER'] :
Configuration::getLocalConfig('urls', 'main')
)
),
'blockRegister' => [
'do' => true,
'username' => 'test'
]
];
// Print page contents
2015-04-06 21:57:17 +00:00
print Templates::render('main/authenticate.tpl', $renderData);