X-Git-Url: https://git.p6c8.net/jirafeau.git/blobdiff_plain/96707e02b8b24054e0827eaf169cc88504a1e78c..bf4c72d73b6a6403921995e139e24e2320dbca8f:/index.php diff --git a/index.php b/index.php index b8feabd..09b37e4 100644 --- a/index.php +++ b/index.php @@ -34,63 +34,62 @@ if (has_error()) { require(JIRAFEAU_ROOT . 'lib/template/header.php'); /* Check if user is allowed to upload. */ -if (!jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) { - echo '

' . t('Access denied') . '

'; - require(JIRAFEAU_ROOT.'lib/template/footer.php'); - exit; -} +// First check: Challenge by IP +if (true === jirafeau_challenge_upload_ip($cfg['upload_ip'], get_ip_address($cfg))) { + // Is an upload password required? + if (jirafeau_has_upload_password($cfg)) { + session_start(); -/* Ask password if upload password is set. */ -if (jirafeau_has_upload_password($cfg)) { - session_start(); + // Logout action + if (isset($_POST['action']) && (strcmp($_POST['action'], 'logout') == 0)) { + session_unset(); + } - /* Unlog if asked. */ - if (isset($_POST['action']) && (strcmp($_POST['action'], 'logout') == 0)) { - session_unset(); - } + // Challenge by password + // …save successful logins in session + if (isset($_POST['upload_password'])) { + if (jirafeau_challenge_upload_password($cfg, $_POST['upload_password'])) { + $_SESSION['upload_auth'] = true; + $_SESSION['user_upload_password'] = $_POST['upload_password']; + } else { + $_SESSION['admin_auth'] = false; + jirafeau_fatal_error(t('Wrong password.'), $cfg); + } + } - /* Auth. */ - if (isset($_POST['upload_password'])) { - if (jirafeau_challenge_upload_password($cfg, $_POST['upload_password'])) { - $_SESSION['upload_auth'] = true; - $_SESSION['user_upload_password'] = $_POST['upload_password']; - } else { - $_SESSION['admin_auth'] = false; - echo '

' . t('Wrong password.') . '

'; + // Show login form if user session is not authorized yet + if (true === empty($_SESSION['upload_auth'])) { + ?> +
+
+ + + + + + + + + +
+ +
+
+
+ -
-
- - - - - - - - - -
- -
-
-
- @@ -111,7 +110,7 @@ if (jirafeau_has_upload_password($cfg)) {

:

-
@@ -246,7 +245,7 @@ if (jirafeau_has_upload_password($cfg)) { -
+