diff options
Diffstat (limited to 'ratatoeskr/backend')
-rw-r--r-- | ratatoeskr/backend/main.php | 65 |
1 files changed, 61 insertions, 4 deletions
diff --git a/ratatoeskr/backend/main.php b/ratatoeskr/backend/main.php index e0adbdc..cd7bb35 100644 --- a/ratatoeskr/backend/main.php +++ b/ratatoeskr/backend/main.php @@ -9,17 +9,74 @@ * See "ratatoeskr/licenses/ratatoeskr" for more information. */ -require_once(dirname(__FILE__) . "/../sys/"); - - +require_once(dirname(__FILE__) . "/../sys/models.php"); +require_once(dirname(__FILE__) . "/../sys/pwhash.php"); $backend_subactions = url_action_subactions(array( "_default" => url_action_alias(array("login")), + "_prelude" => function(&$data, $url_now, &$url_next) + { + global $ratatoeskr_settings; + /* Check authentification */ + if(isset($_SESSION["uid"])) + { + try + { + $user = User::by_id($_SESSION["uid"]); + if($user->pwhash == $_SESSION["pwhash"]) + { + if(empty($user->language)) + { + $user->language = $ratatoeskr_settings["default_language"]; + $user->save(); + } + load_language($user->language); + + if($url_next[0] == "login") + $url_next = array("content", "write"); + return; /* Authentification successful, continue */ + } + else + unset($_SESSION["uid"]); + } + catch(DoesNotExistError $e) + { + unset($_SESSION["uid"]); + } + } + load_language(); + /* If we are here, user is not logged in... */ + $url_next = array("login"); + }, + "index" => url_action_alias(array("login")), "login" => url_action_simple(function($data) { + global $ste; + if(!empty($_POST["user"])) + { + try + { + $user = User::by_name($_POST["user"]); + if(!PasswordHash::validate($_POST["password"], $user->pwhash)) + throw new Exception(); + $_SESSION["uid"] = $user->get_id(); + $_SESSION["pwhash"] = $user->pwhash; + } + catch(Exception $e) + { + $ste->vars["login_failed"] = True; + } + + /* Login successful. Now redirect... */ + throw new Redirect(array("content", "write")); + } + echo $ste->exectemplate("systemtemplates/backend_login.html"); }), - + "content" => url_action_simple(function($data) + { + print "hi"; + }) )); ?> |