Replace basic auth with PHP session login

This commit is contained in:
hbrain 2026-05-25 22:31:46 +02:00
parent d088eb90cf
commit 2ffb90d17e
4 changed files with 89 additions and 8 deletions

23
login.php Normal file
View file

@ -0,0 +1,23 @@
<?php
require __DIR__ . '/auth.php';
$err = '';
$next = mvlog_safe_next((string)($_GET['next'] ?? $_POST['next'] ?? 'new.php'));
if (mvlog_current_user() !== null) {
header('Location: ' . $next);
exit;
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$user = trim((string)($_POST['user'] ?? ''));
$pass = (string)($_POST['password'] ?? '');
if (mvlog_login($user, $pass)) {
header('Location: ' . $next);
exit;
}
$err = 'Invalid username or password.';
}
function h($s){ return htmlspecialchars((string)$s, ENT_QUOTES, 'UTF-8'); }
?>
<!doctype html><html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>MVLog Login</title><link rel="stylesheet" href="style.css"></head><body>
<header class="site-header"><a class="brand" href="index.php"><h1>MVLog Admin</h1><p>Bubulescu.Org</p></a></header>
<main><section><h2>Log in</h2><?php if($err): ?><div class="err"><?=h($err)?></div><?php endif; ?><form method="post" autocomplete="on"><input type="hidden" name="next" value="<?=h($next)?>"><label>Username<input name="user" autocomplete="username" required autofocus></label><label>Password<input type="password" name="password" autocomplete="current-password" required></label><button type="submit">Log in</button></form></section></main>
</body></html>