time()-3600,
'path'=>'/',
'httponly'=>true,
'samesite'=>'Strict'
]);
}
/* =====================================================
Redirect Handling
===================================================== */
$redirectTo = validate_local_path($_GET['next'] ?? null);
/* =====================================================
Web Protection Disabled
===================================================== */
if ($nax_WebProtection !== 'true') {
login_user();
safe_redirect(append_hash($redirectTo));
}
/* =====================================================
Logout
===================================================== */
if (($_GET['action'] ?? '') === 'logout') {
logout_user();
safe_redirect('/index.php');
}
/* =====================================================
Login Attempt
===================================================== */
if (!empty($_POST['loginpassword'])) {
$incomingHash = hash('sha256', $_POST['loginpassword']);
if (hash_equals($nax_Password, $incomingHash)) {
login_user();
if (!empty($_POST['PWRemember'])) {
$token = bin2hex(random_bytes(32));
$_SESSION['remember_token'] = hash('sha256',$token);
setcookie(COOKIE_NAME,$token,[
'expires'=>time()+604800,
'path'=>'/',
'secure'=>isset($_SERVER['HTTPS']),
'httponly'=>true,
'samesite'=>'Strict'
]);
}
safe_redirect(append_hash($redirectTo));
}
}
/* =====================================================
Remember Me Validation
===================================================== */
if (!is_authenticated() && !empty($_COOKIE[COOKIE_NAME]) && !empty($_SESSION['remember_token'])) {
if (hash_equals($_SESSION['remember_token'], hash('sha256',$_COOKIE[COOKIE_NAME]))) {
login_user();
safe_redirect(append_hash($redirectTo));
}
}
/* =====================================================
Already Logged In
===================================================== */
if (is_authenticated()) {
safe_redirect(append_hash($redirectTo));
}
/* =====================================================
Login UI Variables
===================================================== */
$login_headline = lang('Login_Toggle_Info_headline');
$login_info = lang('Login_Info');
$login_mode = 'info';
$login_display_mode = 'display:none;';
$login_icon = 'fa-info';
if ($nax_Password === '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92') {
$login_info = lang('Login_Default_PWD');
$login_mode = 'danger';
$login_display_mode = 'display:block;';
$login_headline = lang('Login_Toggle_Alert_headline');
$login_icon = 'fa-ban';
}
?>
NetAlert X | Log in