web-proxy/login.php

429 lines
1.1 MiB
PHP
Raw Normal View History

2019-11-12 16:59:19 +01:00
<?php
###############################################################
# Page Password Protect 1.3
###############################################################
# By Michael R. - swiss
###############################################################
defined('_VALID') or define('_VALID', true);
defined('_ADMIN') or define('_ADMIN', true);
require(__DIR__.'/config.php');
//Access password for using the webproxy
$adminPassword = $config['access-password'];
$LOGIN_INFORMATION = array( $adminPassword );
defined('USE_USERNAME') or define('USE_USERNAME', false);
// time out after NN minutes of inactivity. Set to 0 to not timeout
defined('TIMEOUT_MINUTES') or define('TIMEOUT_MINUTES', 0);
// This parameter is only useful when TIMEOUT_MINUTES is not zero
// true - timeout time from last activity, false - timeout time from login
defined('TIMEOUT_CHECK_ACTIVITY') or define('TIMEOUT_CHECK_ACTIVITY', true);
// timeout in seconds
$timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60);
// logout?
if(isset($_GET['logout'])) {
setcookie("verify", '', $timeout, '/'); // clear password;
header('Location: ' . "/webproxy/");
exit();
}
if(!function_exists('showLoginPasswordProtect')) {
// show login form
function showLoginPasswordProtect($error_msg) {
?>
<!DOCTYPE html>
<html >
<head>
<meta charset="UTF-8">
<title>Please authenticate!</title>
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=yes">
<link rel='stylesheet prefetch' href='//fonts.googleapis.com/css?family=Open+Sans'>
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.0.10/css/all.css" integrity="sha384-+d0P83n9kaQMCwj8F4RJB66tzIwOKmrdb46+porD/OvrJ+37WqIM7UoBtwHO6Nlg" crossorigin="anonymous">
<!-- <link rel="stylesheet" href="css/login.css?random=<?php //echo uniqid(); ?>"> -->
<style>
*, *:before, *:after {
box-sizing: border-box;
margin: 0;
padding: 0;
}
html, body {
font-size: 62.5%;
height: 100%;
overflow: hidden;
}
@media (max-width: 768px) {
html, body {
font-size: 50%;
}
}
svg {
display: inline-block;
width: 2rem;
height: 2rem;
overflow: visible;
}
.svg-icon {
cursor: pointer;
}
.svg-icon path {
stroke: rgba(255, 255, 255, 0.9);
fill: none;
stroke-width: 1;
}
input, button {
outline: none;
border: none;
}
.container {
position: relative;
height: 100%;
background-image: url('data:image/jpeg;base64,/9j/4QnVRXhpZgAATU0AKgAAAAgADAEAAAMAAAABB4AAAAEBAAMAAAABBDgAAAECAAMAAAAEAAAAngEGAAMAAAABAAEAAAESAAMAAAABAAEAAAEVAAMAAAABAAQAAAEaAAUAAAABAAAApgEbAAUAAAABAAAArgEoAAMAAAABAAIAAAExAAIAAAAeAAAAtgEyAAIAAAAUAAAA1IdpAAQAAAABAAAA6AAAASAACAAIAAgACAAAdTAAACcQAAB1MAAAJxBBZG9iZSBQaG90b3Nob3AgQ1M2IChXaW5kb3dzKQAyMDE2OjA3OjA1IDE2OjI1OjE2AAAEkAAABwAAAAQwMjIxoAEAAwAAAAH//wAAoAIABAAAAAEAAAeAoAMABAAAAAEAAATlAAAAAAAAAAYBAwADAAAAAQAGAAABGgAFAAAAAQAAAW4BGwAFAAAAAQAAAXYBKAADAAAAAQACAAACAQAEAAAAAQAAAX4CAgAEAAAAAQAACE8AAAAAAAAASAAAAAEAAABIAAAAAf/Y/+0ADEFkb2JlX0NNAAL/7gAOQWRvYmUAZIAAAAAB/9sAhAAMCAgICQgMCQkMEQsKCxEVDwwMDxUYExMVExMYEQwMDAwMDBEMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMAQ0LCw0ODRAODhAUDg4OFBQODg4OFBEMDAwMDBERDAwMDAwMEQwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAz/wAARCABoAKADASIAAhEBAxEB/90ABAAK/8QBPwAAAQUBAQEBAQEAAAAAAAAAAwABAgQFBgcICQoLAQABBQEBAQEBAQAAAAAAAAABAAIDBAUGBwgJCgsQAAEEAQMCBAIFBwYIBQMMMwEAAhEDBCESMQVBUWETInGBMgYUkaGxQiMkFVLBYjM0coLRQwclklPw4fFjczUWorKDJkSTVGRFwqN0NhfSVeJl8rOEw9N14/NGJ5SkhbSVxNTk9KW1xdXl9VZmdoaWprbG1ub2N0dXZ3eHl6e3x9fn9xEAAgIBAgQEAwQFBgcHBgU1AQACEQMhMRIEQVFhcSITBTKBkRShsUIjwVLR8DMkYuFygpJDUxVjczTxJQYWorKDByY1wtJEk1SjF2RFVTZ0ZeLys4TD03Xj80aUpIW0lcTU5PSltcXV5fVWZnaGlqa2xtbm9ic3R1dnd4eXp7fH/9oADAMBAAIRAxEAPwDzNpaSAOeE3f4R+KZ3skN5jnwUW/S8UlJgJ45Oo84TOHuHwP8A31LUHRImXA+R/K1JTNg9yc/Sd8kzZ3CFJo9ztCRHYSkpYtlkDUTMHSR+cnmXkCAZ5KmANgjw/KogfpD8UlMv8G4+LkzWnaI1O0QETb+jP9ZKoSG+QSUwdG13wI+5Dscwuhs+10GUVwljvCHfkQHOM6gATMxBgJKZMaRYJ/eYUWJJH8gj8VBu71G7/pFzOO0FGLSSWt5LXCfmkpA5pJ157piSY0iOP9ym/uoA+5unY/kSUwjVRJ081M6lQPdJSwiFEjlSamI5SU//0PMXifcBHO5NWNR5ooH3KLRDgOw4SUyj7+YSAO+T3B/K1MJFnlHCn3HwP8ElLiQRH3qY0eRr2BgwogQW/FSGpf8AJJSTbHwgQVBgmwnzU2EuHwSqHvI80lJA0+mT4uChUNJ8kYa1tHn/ABQ6h7PvSUx2fo3D+S7yQrWFzWOHMEf9+Vh8Cpx/kk/gkWDa0dgQPv8Aakpq0tIc09tzQO/DlYf7ST4tcPwn+CjsLXNnncNP7UJ72kiByT/ekpG8e0f69kP84fBGs4H+vZBOjmmP9eElLACdTtgclMWiT4ESCkNeRP8AvSeZ58ElIxG1LSEh3UuWyeUlP//R81URpb81Lv8ANR/PnzSUuBL/AJaqbvpD4H8rVEfS+IhS7j4H8rUlL8xrMIjeXfL+KF4fFFadXH4fxSUyYfaI8f4KdA/SOHgSoNOnzB/BSp+kT3kpKTtnaz4odMenoOQiNdDWDzQ6tGD4JKZWhorcJ0LdD8kxmCD3E/cSmPvpIPgUzrXi2YBa8Bg8mg6u/rJKUTvcXdy5n4KVkgF40LTp+KG2QZ7bm/fKLYCYjxBSUgfOwT8z8kB5+iVYsEwJjU6/eg2bRt7kER/FJTETuI+BUXKTSC4wI8vmoviDKSmI7pvD4J2mCf8AXskDICSn/9LzXlNHvgeKfvr4qLf5xJTIH3fEfxTnkfA/lao6b58lM6EDyP5WpKUIMeI/1/iiDl3y/ioyJbHjqpDl/wAklLsPtU6PpmfEpqxpqVKrV5+KSkgP0P6yHU47QI7c+CM0Da34/wAVCkSz70lLcVOHfVRbYPzGkQS6HDn/AMj++iWT6Lo/dOvyTmA3+qQflqHJKRkgmfFzYHzRHEDU9kN7Ax4aPzXN1+J3f9SnuZuO06Sef84pKYWkSIVd/IR7ILR4HWR8EF2haQkpg2Q8jxSeO3jCccn5T96ZySmAOp+KcTAHgmHdODAhJT//0/Ne/wA03+EnzTlR/P8AmkpkNX/AKR+kPCD+VqiJ3fAJzyPgfytSUyRGjV3nH8UKePl/FEafpeOn8UlM2zGvY6/cp0fzjvCShtOgPhH5FOk+4x4lJSdolrNe6hVOwa6kJwdGfFRqP6MfBJTK1/6NzgJkQR+BS2Q5zRyGbnfAucog/oTPmobXPeHt5LocJ5I7c/R2pKXbrz++38Cp2j2kdyYH4qEQTPO5v5UR4DiJ+P3JKQWABo/17ILwTs8zp+KsPiRInU6fegWP4AECQUlMQIce3xUXd07CS4yZ8PvTPMApKYtEkhKNB8EhyfimH0Qkp//U82AUfzvvSa7hRJ93zKSmY5+X8UiYd/ZP5WqLTwR30TuPu+RH4tSUzGrSOzdR+KmDq/5fxQgSAR4j+IRDMujyKSmTD7Y7yp0Ohzj4EoNZgKVTo3nwlJTYafoDzQ6XEuawHyI8vNOSS0Bpgu0DuIH57/7LUKsxW7a6NwGseEFqSmwTDHgiInT5IQfaYNnBmCdSD9LsoAkVkkyTJP5FPdDQPA/wSUzLxrJ1lv4EIs8QqpMkE6GR98hFcePJJS15iFXd2jUotx9rZ7f3IL+ySmLfpFJ4kwO/ZJjhuJdqfwTEmDJkxqfNJSwME/FPwQPioSTJTlwIBSU//9XzEDQJjJd80FJJSYEjsZB0jsnIMgHw/uQEklNgNcSI7FTk7j21CqJJKbxIDd3DR/cmr+k9p0mQqSSSm/fu9OG6/mkjsP8AzJyi0n0wI12hUkklN6HBh00AKcOLde06KgkkpubiXH4tj5orpd8m7gPgVnJJKb1rpA+P8CoPDpb4cqokkpsbdY7lORCrJJKTt+jCh4oaSSn/2f/tEbxQaG90b3Nob3AgMy4wADhCSU0EBAAAAAAAFxwBWgADGyVHHAFaAAMbJUccAgAAAgABADhCSU0EJQAAAAAAEFgxMU35LUCSAhiGRIvxhQs4QklNBDoAAAAAAOUAAAAQAAAAAQAAAAAAC3ByaW50T3V0cHV0AAAABQAAAABQc3RTYm9vbAEAAAAASW50ZWVudW0AAAAASW50ZQAAAABDbHJtAAAAD3ByaW50U2l4dGVlbkJpdGJvb2wAAAAAC3ByaW50ZXJOYW1lVEVYVAAAAAEAAAAAAA9wcmludFByb29mU2V0dXBPYmpjAAAADABQAHIAbwBvAGYAIABTAGUAdAB1AHAAAAAAAApwcm9vZlNldHVwAAAAAQAAAABCbHRuZW51bQAAAAxidWlsdGluUHJvb2YAAAAJcHJvb2ZDTVlLADhCSU0EOwAAAAACLQAAABAAAAABAAAAAAAScHJpbnRPdXRwdXRPcHRpb25zAAAAFwAAAABDcHRuYm9vbAAAAAAAQ2xicmJvb2wAAAAAAFJnc01ib29sAAAAAABDcm5DYm9vbAAAAAAAQ250Q2Jvb2wAAAAAAExibHNib29sAAAAAABOZ3R2Ym9vbAAAAAAARW1sRGJvb2wAAAAAAEludHJib29sAAAAAABCY2tnT2JqYwAAAAEAAAAAAABSR0
background-size: cover;
overflow: auto;
font-family: "Open Sans", Helvetica, Arial, sans-serif;
}
.row {
position: absolute;
top: 50%;
left: 50%;
margin-left: -15rem;
margin-top: -26.5rem;
width: 30rem;
height: 53rem;
overflow: hidden;
}
.login {
position: relative;
height: 100%;
background: -webkit-linear-gradient(top, rgba(113, 113, 113, 0.8) 0%, rgba(0, 0, 0, 0.6) 100%);
background: linear-gradient(to bottom, rgba(113, 113, 113, 0.8) 0%, rgba(0, 0, 0, 0.6) 100%);
-webkit-transition: opacity 0.1s, -webkit-transform 0.3s cubic-bezier(0.17, -0.65, 0.665, 1.25);
transition: opacity 0.1s, -webkit-transform 0.3s cubic-bezier(0.17, -0.65, 0.665, 1.25);
transition: opacity 0.1s, transform 0.3s cubic-bezier(0.17, -0.65, 0.665, 1.25);
transition: opacity 0.1s, transform 0.3s cubic-bezier(0.17, -0.65, 0.665, 1.25), -webkit-transform 0.3s cubic-bezier(0.17, -0.65, 0.665, 1.25);
-webkit-transform: scale(1);
transform: scale(1);
}
.login.inactive {
opacity: 0;
-webkit-transform: scale(1.1);
transform: scale(1.1);
}
.login__lock {
position: absolute;
top: 8rem;
left: 10rem;
width: 14rem;
height: 2.8rem;
font-size: 120px;
}
/*@media screen and (min-width: 769px) {
.login__lock {
font-size: 152px;
}
}*/
.login__check {
position: absolute;
top: 16rem;
left: 13.5rem;
width: 14rem;
height: 2.8rem;
background: #fff;
-webkit-transform-origin: 0 100%;
transform-origin: 0 100%;
-webkit-transform: rotate(-45deg);
transform: rotate(-45deg);
}
.login__check:before {
content: "";
position: absolute;
left: 0;
bottom: 100%;
width: 2.8rem;
height: 5.2rem;
background: #fff;
box-shadow: inset -0.2rem -2rem 2rem rgba(0, 0, 0, 0.2);
}
.login__form {
position: absolute;
top: 50%;
left: 0;
width: 100%;
height: 50%;
padding: 1.5rem 2.5rem;
text-align: center;
}
.login__row {
height: 5rem;
padding-top: 1rem;
border-bottom: 1px solid rgba(255, 255, 255, 0.2);
}
.login__icon {
margin-bottom: -0.4rem;
margin-right: 0.5rem;
}
.login__icon.name path {
stroke-dasharray: 73.50196075439453;
stroke-dashoffset: 73.50196075439453;
-webkit-animation: animatePath 2s 0.5s forwards;
animation: animatePath 2s 0.5s forwards;
}
.login__icon.pass path {
stroke-dasharray: 92.10662841796875;
stroke-dashoffset: 92.10662841796875;
-webkit-animation: animatePath 2s 0.5s forwards;
animation: animatePath 2s 0.5s forwards;
}
.login__input {
display: inline-block;
width: 22rem;
height: 100%;
padding-left: 1.5rem;
font-size: 1.5rem;
background: transparent;
color: #FDFCFD;
}
.login__submit {
position: relative;
width: 100%;
height: 4rem;
margin: 5rem 0 2.2rem;
color: rgba(255, 255, 255, 0.8);
background: #FF3366;
font-size: 1.5rem;
border-radius: 3rem;
cursor: pointer;
overflow: hidden;
-webkit-transition: width 0.3s 0.15s, font-size 0.1s 0.15s;
transition: width 0.3s 0.15s, font-size 0.1s 0.15s;
}
.login__submit:after {
content: "";
position: absolute;
top: 50%;
left: 50%;
margin-left: -1.5rem;
margin-top: -1.5rem;
width: 3rem;
height: 3rem;
border: 2px dotted #fff;
border-radius: 50%;
border-left: none;
border-bottom: none;
-webkit-transition: opacity 0.1s 0.4s;
transition: opacity 0.1s 0.4s;
opacity: 0;
}
.login__submit.processing {
width: 4rem;
font-size: 0;
}
.login__submit.processing:after {
opacity: 1;
-webkit-animation: rotate 0.5s 0.4s infinite linear;
animation: rotate 0.5s 0.4s infinite linear;
}
.login__submit.success {
-webkit-transition: opacity 0.1s 0.3s, background-color 0.1s 0.3s, -webkit-transform 0.3s 0.1s ease-out;
transition: opacity 0.1s 0.3s, background-color 0.1s 0.3s, -webkit-transform 0.3s 0.1s ease-out;
transition: transform 0.3s 0.1s ease-out, opacity 0.1s 0.3s, background-color 0.1s 0.3s;
transition: transform 0.3s 0.1s ease-out, opacity 0.1s 0.3s, background-color 0.1s 0.3s, -webkit-transform 0.3s 0.1s ease-out;
-webkit-transform: scale(30);
transform: scale(30);
opacity: 0.9;
}
.login__submit.success:after {
-webkit-transition: opacity 0.1s 0s;
transition: opacity 0.1s 0s;
opacity: 0;
-webkit-animation: none;
animation: none;
}
.login__signup {
font-size: 1.2rem;
color: #ABA8AE;
}
.login__signup a {
color: #fff;
cursor: pointer;
}
.ripple {
position: absolute;
width: 15rem;
height: 15rem;
margin-left: -7.5rem;
margin-top: -7.5rem;
background: rgba(0, 0, 0, 0.4);
-webkit-transform: scale(0);
transform: scale(0);
-webkit-animation: animRipple 0.4s;
animation: animRipple 0.4s;
border-radius: 50%;
}
@-webkit-keyframes animRipple {
to {
-webkit-transform: scale(3.5);
transform: scale(3.5);
opacity: 0;
}
}
@keyframes animRipple {
to {
-webkit-transform: scale(3.5);
transform: scale(3.5);
opacity: 0;
}
}
@-webkit-keyframes rotate {
to {
-webkit-transform: rotate(360deg);
transform: rotate(360deg);
}
}
@keyframes rotate {
to {
-webkit-transform: rotate(360deg);
transform: rotate(360deg);
}
}
@-webkit-keyframes animatePath {
to {
stroke-dashoffset: 0;
}
}
@keyframes animatePath {
to {
stroke-dashoffset: 0;
}
}
</style>
</head>
<body onLoad="document.getElementsByTagName('input')[0].focus();"
<div class="container">
<div class="row">
<div class="login">
<!--<div class="login__check"></div>-->
<div class="login__lock"><i class="fa fa-lock" aria-hidden="true"></i></div>
<div class="login__form">
<form method="post">
<div class="login__row">
<svg class="login__icon pass svg-icon" viewBox="0 0 20 20">
<path d="M0,20 20,20 20,8 0,8z M10,13 10,16z M4,8 a6,8 0 0,1 12,0" />
</svg>
<input type="password" name="access_password" class="login__input pass" placeholder="Password"/>
</div>
<button type="submit" value="Submit" class="login__submit">Login</button>
</form>
<p class="login__signup">Don't have an password? &nbsp;<a>Ask M.Reber</a></p>
<font color="red" style="font-size: x-small";><?php echo $error_msg; ?></font>
</div>
</div>
</div>
</div>
<script src='//cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
<script>
$(document).ready(function() {
var animating = false,
submitPhase1 = 1100,
submitPhase2 = 400,
logoutPhase1 = 800,
$login = $(".login"),
$app = $(".app");
function ripple(elem, e) {
$(".ripple").remove();
var elTop = elem.offset().top,
elLeft = elem.offset().left,
x = e.pageX - elLeft,
y = e.pageY - elTop;
var $ripple = $("<div class='ripple'></div>");
$ripple.css({top: y, left: x});
elem.append($ripple);
};
$(document).on("click", ".login__submit", function(e) {
if (animating) return;
animating = true;
var that = this;
ripple($(that), e);
$(that).addClass("processing");
setTimeout(function() {
$(that).addClass("success");
setTimeout(function() {
$app.show();
$app.css("top");
$app.addClass("active");
}, submitPhase2 - 70);
setTimeout(function() {
$login.hide();
$login.addClass("inactive");
animating = false;
$(that).removeClass("success processing");
}, submitPhase2);
}, submitPhase1);
});
});
</script>
</body>
</html>
<?php
// stop at this point
die();
}
}
// user provided password
if (isset($_POST['access_password'])) {
$login = isset($_POST['access_login']) ? $_POST['access_login'] : '';
$pass = $_POST['access_password'];
if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION)
|| (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) )
) {
showLoginPasswordProtect("wrong password!");
}
else {
// set cookie if password was validated
setcookie("verify", md5($login.'%'.$pass), $timeout, '/');
// Some programs (like Form1 Bilder) check $_POST array to see if parameters passed
// So need to clear password protector variables
unset($_POST['access_login']);
unset($_POST['access_password']);
unset($_POST['Submit']);
header('Location: ' . $logoutURL . '/webproxy/');
}
}
else {
// check if password cookie is set
if (!isset($_COOKIE['verify'])) {
showLoginPasswordProtect("");
}
// check if cookie is good
$found = false;
foreach($LOGIN_INFORMATION as $key=>$val) {
$lp = (USE_USERNAME ? $key : '') .'%'.$val;
if ($_COOKIE['verify'] == md5($lp)) {
$found = true;
// prolong timeout
if (TIMEOUT_CHECK_ACTIVITY) {
setcookie("verify", md5($lp), $timeout, '/');
}
break;
}
}
if (!$found) {
showLoginPasswordProtect("");
}
}
?>