Switches to using php sessions
This commit is contained in:
parent
f5347c8925
commit
dab96556f4
|
@ -1,11 +1,10 @@
|
|||
<?php $logged_in = $_COOKIE["checkin"] ?? null; ?>
|
||||
|
||||
<?php if ( $logged_in && $logged_in == "waiting for expiry" ): ?>
|
||||
<?php session_start(); ?>
|
||||
<?php if ( isset( $_SESSION["user"] ) ): ?>
|
||||
|
||||
<nav class="admin-bar">
|
||||
<ul>
|
||||
<li><a href="admin.php">Admin Area</a>
|
||||
<li><a href="logout.php">Log Out</a>
|
||||
<li><a href="admin.php?logout=1">Log Out</a>
|
||||
</ul>
|
||||
</nav>
|
||||
|
||||
|
|
|
@ -70,7 +70,7 @@
|
|||
<ul class="inline">
|
||||
<li><a href="/">View Site</a></li>
|
||||
<li><a href="admin.php">Admin Home</a></li>
|
||||
<li><a href="logout.php" class="logout">Log Out</a></li>
|
||||
<li><a href="admin.php?logout=1" class="logout">Log Out</a></li>
|
||||
</ul>
|
||||
</header>
|
||||
<main>
|
||||
|
|
26
blog_log.php
26
blog_log.php
|
@ -1,14 +1,17 @@
|
|||
<?php
|
||||
include "pass_hash.php";
|
||||
const PW_FILE = "pass_hash.php";
|
||||
$invalid = false;
|
||||
$logged_in = $_COOKIE["checkin"] ?? null;
|
||||
if ( $logged_in && $logged_in == "waiting for expiry" ) {
|
||||
header("Location: admin.php");
|
||||
die();
|
||||
}
|
||||
|
||||
session_start();
|
||||
|
||||
$user = $_POST["user"] ?? null;
|
||||
$pass = $_POST["password"] ?? null;
|
||||
|
||||
if ( isset( $_SESSION["user"] ) ) {
|
||||
header("Location: /admin.php");
|
||||
die();
|
||||
}
|
||||
|
||||
if ( $pass && $user ) {
|
||||
$secret = hash( "sha256", $user . $pass );
|
||||
if ( $secret ) {
|
||||
|
@ -16,8 +19,8 @@
|
|||
error_log( $secret );
|
||||
error_log( BLOG_HASH );
|
||||
if ( $secret == BLOG_HASH ) {
|
||||
setcookie("checkin", "waiting for expiry", time()+60*60*24*30, "/", "", false, true);
|
||||
header("Location: admin.php");
|
||||
$_SESSION["user"] = $user;
|
||||
header("Location: /admin.php");
|
||||
die();
|
||||
} else {
|
||||
$invalid = true;
|
||||
|
@ -40,8 +43,8 @@ PHP;
|
|||
}
|
||||
$success = file_put_contents( PW_FILE, sprintf( $template, $secret ) );
|
||||
if ( !$success ) die( "Internal server error" );
|
||||
setcookie("checkin", "waiting for expiry", time()+60*60*24*30, "/", "", false, true);
|
||||
header("Location: admin.php");
|
||||
$_SESSION["user"] = $user;
|
||||
header("Location: /admin.php");
|
||||
die();
|
||||
}
|
||||
}
|
||||
|
@ -67,6 +70,9 @@ PHP;
|
|||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<header>
|
||||
<a href="/">Home</a>
|
||||
</header>
|
||||
<div class="logo">
|
||||
<img src="chickadee.svg">
|
||||
</div>
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
<?php
|
||||
include_once "logcheck.php";
|
||||
|
||||
$file = $_GET["f"] ?? null;
|
||||
$kind = $_GET["k"] ?? null;
|
||||
|
||||
|
|
15
logcheck.php
15
logcheck.php
|
@ -1,12 +1,19 @@
|
|||
<?php
|
||||
|
||||
if ( __FILE__ == $_SERVER['SCRIPT_FILENAME'] ) {
|
||||
header("Location: 404.php");
|
||||
header("Location: /404.php");
|
||||
die();
|
||||
}
|
||||
|
||||
$logged_in = $_COOKIE["checkin"] ?? null;
|
||||
if ( !$logged_in || $logged_in != "waiting for expiry" ) {
|
||||
header("Location: blog_log.php");
|
||||
session_start();
|
||||
|
||||
if ( isset( $_GET["logout"] ) ) {
|
||||
session_destroy();
|
||||
unset( $_SESSION );
|
||||
}
|
||||
|
||||
if ( !isset($_SESSION["user"] ) ) {
|
||||
header("Location: /blog_log.php");
|
||||
die();
|
||||
}
|
||||
|
||||
|
|
|
@ -1,10 +1,6 @@
|
|||
<?php
|
||||
// Bounce if not logged in
|
||||
$logged_in = $_COOKIE["checkin"] ?? null;
|
||||
if ( !$logged_in || $logged_in != "waiting for expiry" ) {
|
||||
header("Location: blog_log.php");
|
||||
die();
|
||||
}
|
||||
include_once( 'logcheck.php' );
|
||||
|
||||
$ts = time();
|
||||
$title = isset( $_POST["post_title"] ) ? trim( $_POST["post_title"] ) : null;
|
||||
|
|
|
@ -1,10 +1,7 @@
|
|||
<?php
|
||||
|
||||
// Bounce if not logged in
|
||||
$logged_in = $_COOKIE["checkin"] ?? null;
|
||||
if ( !$logged_in || $logged_in != "waiting for expiry" ) {
|
||||
header("Location: blog_log.php");
|
||||
die();
|
||||
}
|
||||
include_once( 'logcheck.php' );
|
||||
|
||||
include_once( 'common.php' );
|
||||
include_once( 'config.php' );
|
||||
|
|
Loading…
Reference in New Issue