Move libraries to autoload format

2025-11-26 00:02:19 +01:00 · 2025-11-26 00:02:19 +01:00 · b4f758f0b5
commit b4f758f0b5
parent 7ac0f6c850
8 changed files with 1009 additions and 23 deletions
--- a/modules/admin/controllers/app.php
+++ b/modules/admin/controllers/app.php
@ -86,8 +86,8 @@ class AppController extends TplController{
                            
                            if($num_tries<5) {
                            
-                                $username=trim($_POST['username']);
-                                $password=trim($_POST['password']);
+                                $username=trim($_POST['username'] ?? '');
+                                $password=trim($_POST['password'] ?? '');
                                
                                if($username=='') {
                                    
@ -104,6 +104,7 @@ class AppController extends TplController{
                                        $error=0;
                                        
                                        $_SESSION['admin_login']=1;
+                                        $_SESSION['date_login']=date("Y-m-d H:i:s");
                                        
                                        if($arr_user['double_auth']) {
                                            
@ -253,15 +254,32 @@ class AppController extends TplController{
             
             break;
             
-             case 'double_auth':
+             case 'check_auth':
+                
+                //Session expired. 
+                
+                if($this->check_login()) {
             
-                echo $this->tpl->load_template('check_auth', ['title' => 'Double auth']);
+                    if($_SERVER['REQUEST_METHOD']=='POST') {
+                    
+                        
+                    
+                    }
+                    else {
+                 
+                        echo $this->tpl->load_template('check_auth', ['title' => 'Double auth']);
+                        
+                    }
+             
+                }
             
             break;
             
             case 'logout':
             
                unset($_SESSION['admin_login']);
+                unset($_SESSION['double_auth']);
+                unset($_SESSION['date_login']);
                
                header('Location: '.PhangoApp\PhaRouter\Url::make_url('admin'));
             
--- a/modules/admin/libraries/tplcontroller.php
+++ b/modules/admin/libraries/tplcontroller.php
@ -26,11 +26,24 @@ class TplController extends PhangoApp\PhaRouter\Controller {
        
        if(isset($_SESSION['admin_login'])) {
            
-            if(isset($_SESSION['double_auth'])) {
+            if(isset($_SESSION['double_auth']) && $this->path_info!='/admin/app/check_auth') {
                
-                //header('Location: '.PhangoApp\PhaRouter\Url::make_url('admin', 'app', ['check_auth']));
+                header('Location: '.PhangoApp\PhaRouter\Url::make_url('admin', 'app', ['check_auth']));
                die;
                
+            } else {
+                
+                $now=date("Y-m-d H:i:s");
+             
+                $timestamp_5_min=strtotime($now)-300;
+                $timestamp_last_login=strtotime($_SESSION['date_login']);
+                
+                if($timestamp_5_min>$timestamp_last_login) {
+                    
+                    header('Location: '.PhangoApp\PhaRouter\Url::make_url('admin', 'app', ['logout']));
+                    
+                }
+                
            }
            
            return true;
--- a/modules/admin/templates/check_auth.php
+++ b/modules/admin/templates/check_auth.php
@ -1,8 +1,9 @@
 <?=$this->layout('login_tpl', ['title' => $title])?>
 <?=$this->start('content')?>
 <form method="post" name="auth_submit" id="auth_submit">
+<p style="padding: 0px 10px;">You have 5 minutes for put the code sended to your email.</p>
 <p><label for="auth_code"></label><input type="text" name="auth_code" id="auth_code_form" placeholder="<?=_('Code')?>"/></p>
-<p class="error" id="username_error"></p>
+<p class="error" id="auth_code_error"></p>
 <?=PhangoApp\PhaUtils\Utils::set_csrf_key($name_token='csrf_token', $length_token=80)?>
 <p>
    <input type="submit" id="button_submit" class="button" value="<?=_('Send auth code')?>" />
@ -42,7 +43,7 @@
                    
                    $('#csrf_token').attr('value', data.csrf_token);
                    
-                    $('#username_error').html(data.error_form.username_error);
+                    $('#auth_code_error').html(data.error_form.username_error);
                }
            
            },