2024-02-16 20:48:53 +01:00
|
|
|
<?php
|
|
|
|
declare(strict_types = 1);
|
|
|
|
namespace Kimendisch\Sbgg_Jetzt;
|
|
|
|
use Flake\Url_Redirect;
|
2024-02-18 21:16:07 +01:00
|
|
|
use Flake\Csrf;
|
2024-02-16 20:48:53 +01:00
|
|
|
|
|
|
|
if(isset($_POST["token"])){
|
2024-02-18 21:16:07 +01:00
|
|
|
// VERIFY CSRF TOKEN //
|
|
|
|
Csrf::check();
|
|
|
|
|
|
|
|
|
2024-02-16 20:48:53 +01:00
|
|
|
// CHECK TOKEN //
|
|
|
|
// collect token from form submit
|
|
|
|
$token = $_POST["token"];
|
|
|
|
|
|
|
|
// load token hash from env
|
|
|
|
$auth_token_hash = Env::ADMIN_AREA["auth_token_hash"];
|
|
|
|
|
|
|
|
// check
|
|
|
|
$token_valid = password_verify($token, $auth_token_hash);
|
|
|
|
|
|
|
|
|
|
|
|
// MAYBE DO LOGIN //
|
|
|
|
if($token_valid){
|
|
|
|
// set session flag
|
|
|
|
$_SESSION[__NAMESPACE__]["admin"]["login"] = true;
|
|
|
|
|
|
|
|
// reload page
|
|
|
|
Url_Redirect::query_modify(remove: ["login_failure"]);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// LOGIN FAILED //
|
|
|
|
// display feedback after reload
|
|
|
|
Url_Redirect::query_modify(remove: ["login_failure"], add: ["login_failure"]);
|
|
|
|
}
|
|
|
|
?>
|