78 lines
2.6 KiB
PHP
78 lines
2.6 KiB
PHP
<?php
|
|
const PW_FILE = "./blog_pass_hash.txt";
|
|
$invalid = false;
|
|
$logged_in = $_COOKIE["checkin"] ?? null;
|
|
if ( $logged_in && $logged_in == "waiting for expiry" ) {
|
|
header("Location: /admin.php");
|
|
die();
|
|
}
|
|
$user = $_POST["user"] ?? null;
|
|
$pass = $_POST["password"] ?? null;
|
|
if ( $pass && $user ) {
|
|
$secret = hash( "sha256", $user . $secret );
|
|
if ( $secret ) {
|
|
$current = file_get_contents( PW_FILE );
|
|
if ( $current) {
|
|
if ( $secret == $current ) {
|
|
setcookie("checkin", "waiting for expiry", time()+60*60*24*30, "/", "", false, true);
|
|
header("Location: /admin.php");
|
|
die();
|
|
} else {
|
|
$invalid = true;
|
|
}
|
|
} else {
|
|
$success = file_put_contents( PW_FILE, $secret );
|
|
if ( !$success ) die( "Internal server error" );
|
|
setcookie("checkin", "waiting for expiry", time()+60*60*24*30, "/", "", false, true);
|
|
header("Location: /admin.php");
|
|
die();
|
|
}
|
|
}
|
|
}
|
|
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<title>A secret opens the door</title>
|
|
<meta charset="utf-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
|
<style>
|
|
form{width:400px;max-width:80%;margin:2em auto}
|
|
.slant{width:500px;max-width:90%;margin:2em auto;border-top:1em solid #333;transform:rotateZ(-2deg)}
|
|
input{width:calc(100% - 8px);border:2px solid #999;border-radius:2px;background:white;color:#333;font-size:1.2em}
|
|
input[type=submit]{width:100%;background:#333;color:white;font-weight:bold;padding:5px 0;border-color:#333}
|
|
input:focus{border-color:#333}
|
|
.logo{width:300px;max-width:60%;margin:3em auto 0em}
|
|
img{width:100%}
|
|
h1{text-align:center;font-size:1.5rem}
|
|
</style>
|
|
</head>
|
|
<body>
|
|
<div class="logo">
|
|
<img src="chickadee.svg">
|
|
</div>
|
|
<div>
|
|
<?php if ( $invalid ): ?>
|
|
<p id="error-message">
|
|
An invalid username or password was given.
|
|
</p>
|
|
<?php endif; ?>
|
|
<div class="slant"></div>
|
|
<form action="/blog_log.php" method="post">
|
|
<h1>Log In</h1>
|
|
<p>
|
|
<label>Username<br><input type="text" required name="user" <?php echo $invalid ? 'aria-describedby="error-message"' : ''; ?>></label>
|
|
</p>
|
|
<p>
|
|
<label>Password<br><input type="password" required name="password" <?php echo $invalid ? 'aria-describedby="error-message"' : ''; ?>></label>
|
|
</p>
|
|
<p>
|
|
<input type="submit" value="Submit">
|
|
</p>
|
|
</form>
|
|
<div class="slant"></div>
|
|
</div>
|
|
</body>
|
|
</html>
|