bludit/kernel/admin/controllers/login.php

54 lines
1.6 KiB
PHP

<?php defined('BLUDIT') or die('Bludit CMS.');
// ============================================================================
// Check role
// ============================================================================
// ============================================================================
// Functions
// ============================================================================
function checkPost($args)
{
global $Security;
global $Login;
global $Language;
if($Security->isBlocked()) {
Alert::set($Language->g('IP address has been blocked').'<br>'.$Language->g('Try again in a few minutes'));
return false;
}
// Verify User sanitize the input
if( $Login->verifyUser($_POST['username'], $_POST['password']) )
{
// Renew the token. This token will be the same inside the session for multiple forms.
$Security->generateToken();
Redirect::page('admin', 'dashboard');
return true;
}
// Bruteforce protection, add IP to blacklist.
$Security->addLoginFail();
Alert::set($Language->g('Username or password incorrect'));
return false;
}
// ============================================================================
// Main before POST
// ============================================================================
// ============================================================================
// POST Method
// ============================================================================
if( $_SERVER['REQUEST_METHOD'] == 'POST' )
{
checkPost($_POST);
}
// ============================================================================
// Main after POST
// ============================================================================