projects/usbcheck.it
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0834e1f733542a4ba0fe8474c2c4ffdaaf651571
usbcheck.it/public/login.php
Lars Gebhardt-Kusche 0834e1f733 com
2025-11-19 00:49:53 +01:00

147 lines
5.8 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
// public/login.php
declare(strict_types=1);
require __DIR__ . '/../src/auth.php'; // lädt auch config/db.php
$lang = auth_get_lang();
$errors = [];
$globalError = '';
// Optional: Redirect-Ziel (z. B. ?redirect=/account.php)
$redirect = '/account.php';
if (!empty($_GET['redirect']) && is_string($_GET['redirect'])) {
// Nur interne Pfade erlauben, keine kompletten URLs
if (strpos($_GET['redirect'], '/') === 0) {
$redirect = $_GET['redirect'];
}
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// CSRF prüfen
if (!auth_verify_csrf($_POST['csrf_token'] ?? null)) {
$globalError = 'Sicherheitsfehler. Bitte die Seite neu laden und erneut versuchen.';
} else {
$identifier = trim((string)($_POST['identifier'] ?? ''));
$password = (string)($_POST['password'] ?? '');
$result = auth_login($identifier, $password);
if ($result['success'] === true) {
header('Location: ' . $redirect);
exit;
} else {
$errors = $result['errors'] ?? [];
}
}
}
$csrfToken = auth_csrf_token();
?>
<!DOCTYPE html>
<html lang="<?php echo htmlspecialchars($lang, ENT_QUOTES, 'UTF-8'); ?>">
<head>
<meta charset="UTF-8">
<title>Login usbcheck.it</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- Fonts: Montserrat + Inter -->
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500&family=Montserrat:wght@600;700&display=swap" rel="stylesheet">
<!-- Haupt-CSS -->
<link rel="stylesheet" href="/assets/css/main.css?v=1">
</head>
<body>
<?php include __DIR__ . '/partials/header.php'; ?>
<main>
<section class="section">
<div class="container">
<div style="max-width: 480px; margin: 0 auto;">
<h1 class="section-title" style="font-size: 1.6rem; text-align: center; margin-bottom: 1.5rem;">
Anmelden bei usbcheck.it
</h1>
<p class="section-lead" style="text-align: center; margin-bottom: 2rem;">
Melde dich mit deiner E-Mail-Adresse oder deinem Benutzernamen an, um deine USB-Tests und Geräte zu verwalten.
</p>
<?php if ($globalError !== ''): ?>
<div style="margin-bottom: 1rem; padding: 0.75rem 1rem; border-radius: 12px; background: #ffe6e8; color: #a4001f; font-size: 0.9rem;">
<?php echo htmlspecialchars($globalError, ENT_QUOTES, 'UTF-8'); ?>
</div>
<?php endif; ?>
<?php if (!empty($errors['login'])): ?>
<div style="margin-bottom: 1rem; padding: 0.75rem 1rem; border-radius: 12px; background: #ffe6e8; color: #a4001f; font-size: 0.9rem;">
<?php echo htmlspecialchars($errors['login'], ENT_QUOTES, 'UTF-8'); ?>
</div>
<?php endif; ?>
<form method="post" class="step-card">
<div style="margin-bottom: 1rem;">
<label for="identifier" style="display:block; font-size:0.9rem; margin-bottom:0.25rem;">
E-Mail oder Benutzername
</label>
<input
type="text"
id="identifier"
name="identifier"
required
style="
width: 100%;
border-radius: 10px;
border: 1px solid var(--silver);
padding: 0.55rem 0.75rem;
font-size: 0.95rem;
font-family: 'Inter', system-ui, sans-serif;
"
value="<?php echo htmlspecialchars($_POST['identifier'] ?? '', ENT_QUOTES, 'UTF-8'); ?>"
>
</div>
<div style="margin-bottom: 1rem;">
<label for="password" style="display:block; font-size:0.9rem; margin-bottom:0.25rem;">
Passwort
</label>
<input
type="password"
id="password"
name="password"
required
style="
width: 100%;
border-radius: 10px;
border: 1px solid var(--silver);
padding: 0.55rem 0.75rem;
font-size: 0.95rem;
font-family: 'Inter', system-ui, sans-serif;
"
>
</div>
<input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($csrfToken, ENT_QUOTES, 'UTF-8'); ?>">
<div style="margin-top: 1.5rem; display:flex; flex-direction:column; gap:0.5rem;">
<button type="submit" class="btn btn-primary" style="width: 100%; justify-content: center;">
Login
</button>
<a href="/register.php" class="btn btn-ghost" style="width: 100%; justify-content: center;">
Noch kein Konto? Jetzt registrieren
</a>
</div>
</form>
</div>
</div>
</section>
</main>
<?php include __DIR__ . '/partials/footer.php'; ?>
<script src="/assets/js/lang.js?v=1"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink