bludit/bl-kernel/admin/controllers/login.php

<?php defined('BLUDIT') or die('Bludit CMS.');

// ============================================================================
// Check role
// ============================================================================

// ============================================================================
// Functions
// ============================================================================

function checkLogin($args)
{
	global $Security;
	global $Login;
	global $Language;

	if ($Security->isBlocked()) {
		Alert::set($Language->g('IP address has been blocked').'<br>'.$Language->g('Try again in a few minutes'));
		return false;
	}

	if ($Login->verifyUser($_POST['username'], $_POST['password'])) {
		if (isset($_POST['remember'])) {
			$Login->setRememberMe($_POST['username']);
		}
		// Renew the token. This token will be the same inside the session for multiple forms.
		$Security->generateTokenCSRF();
		Redirect::page('dashboard');
		return true;
	}

	// Bruteforce protection, add IP to the blacklist
	$Security->addToBlacklist();

	// Create alert
	Alert::set($Language->g('Username or password incorrect'));

	return false;
}

function checkRememberMe()
{
	global $Security;
	global $Login;

	if ($Security->isBlocked()) {
		return false;
	}

	if ($Login->verifyUserByRemember()) {
		$Security->generateTokenCSRF();
		Redirect::page('dashboard');
		return true;
	}

	return false;
}

// ============================================================================
// Main before POST
// ============================================================================

if ($_SERVER['REQUEST_METHOD']!=='POST') {
	checkRememberMe();
}

// ============================================================================
// POST Method
// ============================================================================

if ($_SERVER['REQUEST_METHOD']=='POST') {
	checkLogin($_POST);
}

// ============================================================================
// Main after POST
// ============================================================================
New features 2015-03-27 02:00:01 +01:00			`<?php defined('BLUDIT') or die('Bludit CMS.');`

Minor changes 2015-08-03 02:49:12 +02:00			`// ============================================================================`
			`// Check role`
			`// ============================================================================`

			`// ============================================================================`
			`// Functions`
			`// ============================================================================`

Login and Security improves 2017-07-16 00:42:37 +02:00			`function checkLogin($args)`
Bruteforce protection 2015-08-18 04:02:19 +02:00			`{`
			`global $Security;`
			`global $Login;`
			`global $Language;`

Login and Security improves 2017-07-16 00:42:37 +02:00			`if ($Security->isBlocked()) {`
Bruteforce protection 2015-08-18 04:02:19 +02:00			`Alert::set($Language->g('IP address has been blocked').'<br>'.$Language->g('Try again in a few minutes'));`
			`return false;`
			`}`

Login and Security improves 2017-07-16 00:42:37 +02:00			`if ($Login->verifyUser($_POST['username'], $_POST['password'])) {`
Remember me 2017-11-07 00:18:16 +01:00			`if (isset($_POST['remember'])) {`
			`$Login->setRememberMe($_POST['username']);`
			`}`
Updates 2015-09-08 02:51:48 +02:00			`// Renew the token. This token will be the same inside the session for multiple forms.`
Opengraph, Admin panel responsive, Improves on Security tokens 2015-11-28 15:47:03 +01:00			`$Security->generateTokenCSRF();`
Bug fixes, developer area, google plugin updated, rss and sitemap updated 2017-06-05 22:36:09 +02:00			`Redirect::page('dashboard');`
Bruteforce protection 2015-08-18 04:02:19 +02:00			`return true;`
			`}`

Login and Security improves 2017-07-16 00:42:37 +02:00			`// Bruteforce protection, add IP to the blacklist`
			`$Security->addToBlacklist();`
Bug fixes, developer area, google plugin updated, rss and sitemap updated 2017-06-05 22:36:09 +02:00
			`// Create alert`
Bruteforce protection 2015-08-18 04:02:19 +02:00			`Alert::set($Language->g('Username or password incorrect'));`

			`return false;`
			`}`

Remember me 2017-11-07 00:18:16 +01:00			`function checkRememberMe()`
			`{`
			`global $Security;`
			`global $Login;`

			`if ($Security->isBlocked()) {`
			`return false;`
			`}`

Remember me improves 2017-11-08 00:00:48 +01:00			`if ($Login->verifyUserByRemember()) {`
Remember me 2017-11-07 00:18:16 +01:00			`$Security->generateTokenCSRF();`
			`Redirect::page('dashboard');`
			`return true;`
			`}`

			`return false;`
			`}`

Minor changes 2015-08-03 02:49:12 +02:00			`// ============================================================================`
			`// Main before POST`
			`// ============================================================================`

Remember me 2017-11-07 00:18:16 +01:00			`if ($_SERVER['REQUEST_METHOD']!=='POST') {`
			`checkRememberMe();`
			`}`

Minor changes 2015-08-03 02:49:12 +02:00			`// ============================================================================`
			`// POST Method`
			`// ============================================================================`

Remember me 2017-11-07 00:18:16 +01:00			`if ($_SERVER['REQUEST_METHOD']=='POST') {`
Login and Security improves 2017-07-16 00:42:37 +02:00			`checkLogin($_POST);`
Minor changes 2015-08-03 02:49:12 +02:00			`}`

			`// ============================================================================`
			`// Main after POST`
Opengraph, Admin panel responsive, Improves on Security tokens 2015-11-28 15:47:03 +01:00			`// ============================================================================`