|
34 | 34 |
|
35 | 35 | // Basic auth |
36 | 36 | if (isset($_POST['user']) && isset($_POST['password'])) { |
37 | | - $v_user = escapeshellarg($_POST['user']); |
| 37 | + if(isset($_SESSION['token']) && isset($_POST['token']) && $_POST['token'] == $_SESSION['token']) { |
| 38 | + $v_user = escapeshellarg($_POST['user']); |
38 | 39 |
|
39 | | - // Send password via tmp file |
40 | | - $v_password = exec('mktemp -p /tmp'); |
41 | | - $fp = fopen($v_password, "w"); |
42 | | - fwrite($fp, $_POST['password']."\n"); |
43 | | - fclose($fp); |
| 40 | + // Send password via tmp file |
| 41 | + $v_password = exec('mktemp -p /tmp'); |
| 42 | + $fp = fopen($v_password, "w"); |
| 43 | + fwrite($fp, $_POST['password']."\n"); |
| 44 | + fclose($fp); |
44 | 45 |
|
45 | | - // Check user & password |
46 | | - exec(VESTA_CMD ."v-check-user-password ".$v_user." ".$v_password." ".escapeshellarg($_SERVER['REMOTE_ADDR']), $output, $return_var); |
47 | | - unset($output); |
| 46 | + // Check user & password |
| 47 | + exec(VESTA_CMD ."v-check-user-password ".$v_user." ".$v_password." ".escapeshellarg($_SERVER['REMOTE_ADDR']), $output, $return_var); |
| 48 | + unset($output); |
48 | 49 |
|
49 | | - // Remove tmp file |
50 | | - unlink($v_password); |
| 50 | + // Remove tmp file |
| 51 | + unlink($v_password); |
51 | 52 |
|
52 | | - // Check API answer |
53 | | - if ( $return_var > 0 ) { |
54 | | - $ERROR = "<a class=\"error\">".__('Invalid username or password')."</a>"; |
| 53 | + // Check API answer |
| 54 | + if ( $return_var > 0 ) { |
| 55 | + $ERROR = "<a class=\"error\">".__('Invalid username or password')."</a>"; |
55 | 56 |
|
56 | | - } else { |
57 | | - |
58 | | - // Make root admin user |
59 | | - if ($_POST['user'] == 'root') $v_user = 'admin'; |
60 | | - |
61 | | - // Get user speciefic parameters |
62 | | - exec (VESTA_CMD . "v-list-user ".$v_user." json", $output, $return_var); |
63 | | - $data = json_decode(implode('', $output), true); |
64 | | - |
65 | | - // Define session user |
66 | | - $_SESSION['user'] = key($data); |
67 | | - $v_user = $_SESSION['user']; |
68 | | - |
69 | | - // Get user favorites |
70 | | - get_favourites(); |
| 57 | + } else { |
71 | 58 |
|
72 | | - // Define language |
73 | | - $output = ''; |
74 | | - exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var); |
75 | | - $languages = json_decode(implode('', $output), true); |
76 | | - if(in_array($data[$v_user]['LANGUAGE'], $languages)){ |
77 | | - $_SESSION['language'] = $data[$v_user]['LANGUAGE']; |
78 | | - } |
79 | | - else { |
80 | | - $_SESSION['language'] = 'en'; |
81 | | - } |
| 59 | + // Make root admin user |
| 60 | + if ($_POST['user'] == 'root') $v_user = 'admin'; |
82 | 61 |
|
| 62 | + // Get user speciefic parameters |
| 63 | + exec (VESTA_CMD . "v-list-user ".$v_user." json", $output, $return_var); |
| 64 | + $data = json_decode(implode('', $output), true); |
83 | 65 |
|
84 | | - // Redirect request to control panel interface |
85 | | - if (!empty($_SESSION['request_uri'])) { |
86 | | - header("Location: ".$_SESSION['request_uri']); |
87 | | - unset($_SESSION['request_uri']); |
88 | | - exit; |
89 | | - } else { |
90 | | - header("Location: /"); |
91 | | - exit; |
| 66 | + // Define session user |
| 67 | + $_SESSION['user'] = key($data); |
| 68 | + $v_user = $_SESSION['user']; |
| 69 | + |
| 70 | + // Get user favorites |
| 71 | + get_favourites(); |
| 72 | + |
| 73 | + // Define language |
| 74 | + $output = ''; |
| 75 | + exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var); |
| 76 | + $languages = json_decode(implode('', $output), true); |
| 77 | + if(in_array($data[$v_user]['LANGUAGE'], $languages)){ |
| 78 | + $_SESSION['language'] = $data[$v_user]['LANGUAGE']; |
| 79 | + } |
| 80 | + else { |
| 81 | + $_SESSION['language'] = 'en'; |
| 82 | + } |
| 83 | + |
| 84 | + // Regenerate session id to prevent session fixation |
| 85 | + session_regenerate_id(); |
| 86 | + |
| 87 | + // Redirect request to control panel interface |
| 88 | + if (!empty($_SESSION['request_uri'])) { |
| 89 | + header("Location: ".$_SESSION['request_uri']); |
| 90 | + unset($_SESSION['request_uri']); |
| 91 | + exit; |
| 92 | + } else { |
| 93 | + header("Location: /"); |
| 94 | + exit; |
| 95 | + } |
92 | 96 | } |
| 97 | + } else { |
| 98 | + $ERROR = "<a class=\"error\">".__('Invalid or missing token')."</a>"; |
93 | 99 | } |
94 | 100 | } |
95 | 101 |
|
|
119 | 125 | } |
120 | 126 | } |
121 | 127 |
|
| 128 | +// Generate CSRF token |
| 129 | +$_SESSION['token'] = md5(uniqid(mt_rand(), true)); |
| 130 | + |
122 | 131 | require_once($_SERVER['DOCUMENT_ROOT'].'/inc/i18n/'.$_SESSION['language'].'.php'); |
123 | 132 | require_once('../templates/header.html'); |
124 | 133 | require_once('../templates/login.html'); |
0 commit comments