Sindbad~EG File Manager
<?php
require_once 'includes/functions.php';
// Redirect if already logged in
if (isLoggedIn()) {
$user = getCurrentUser();
if ($user['role'] === 'superuser') {
header('Location: ' . BASE_URL . 'admin/index.php');
} else {
header('Location: ' . BASE_URL . 'dashboard.php');
}
exit();
}
$error = '';
$success = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$email = sanitizeInput($_POST['email'] ?? '');
$password = $_POST['password'] ?? '';
if (empty($email) || empty($password)) {
$error = 'Please fill in all fields.';
} else {
$db = new CopMadinaDB();
$conn = $db->getConnection();
// Check login attempts
$ip = $_SERVER['REMOTE_ADDR'];
$stmt = $conn->prepare("SELECT COUNT(*) as attempts FROM audit_logs
WHERE action = 'failed_login' AND ip_address = ?
AND created_at > DATE_SUB(NOW(), INTERVAL 1 HOUR)");
$stmt->execute([$ip]);
$attempts = $stmt->fetch()['attempts'];
if ($attempts >= MAX_LOGIN_ATTEMPTS) {
$error = 'Too many failed login attempts. Please try again later.';
} else {
// Authenticate user
$stmt = $conn->prepare("SELECT id, username, email, password, first_name, last_name, role,
area_id, district_id, assembly_id, status
FROM users WHERE (email = ? OR username = ?) AND status = 'active'");
$stmt->execute([$email, $email]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
// Successful login
$_SESSION['user_id'] = $user['id'];
$_SESSION['user_name'] = $user['first_name'] . ' ' . $user['last_name'];
$_SESSION['user_email'] = $user['email'];
$_SESSION['user_role'] = $user['role'];
$_SESSION['area_id'] = $user['area_id'];
$_SESSION['district_id'] = $user['district_id'];
$_SESSION['assembly_id'] = $user['assembly_id'];
// Update last login
$stmt = $conn->prepare("UPDATE users SET last_login = NOW() WHERE id = ?");
$stmt->execute([$user['id']]);
// Log successful login
logAudit('login', 'users', $user['id']);
// Redirect based on role
if ($user['role'] === 'superuser') {
$redirect = BASE_URL . 'admin/index.php';
} else {
$redirect = BASE_URL . 'dashboard.php';
}
// Override with custom redirect if provided
if (isset($_GET['redirect'])) {
$redirect = urldecode($_GET['redirect']);
}
header('Location: ' . $redirect);
exit();
} else {
// Failed login
$error = 'Invalid email/username or password.';
// Log failed login attempt
$stmt = $conn->prepare("INSERT INTO audit_logs (action, table_name, ip_address, user_agent, created_at)
VALUES ('failed_login', 'users', ?, ?, NOW())");
$stmt->execute([$ip, $_SERVER['HTTP_USER_AGENT'] ?? '']);
}
}
}
}
// Get flash messages
$error = $error ?: getFlashMessage('error');
$success = getFlashMessage('success');
// Get settings for site branding
$settings = getSettings();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login - <?php echo htmlspecialchars($settings['site_name'] ?? 'COP Madina Conference Management'); ?></title>
<script src="https://cdn.tailwindcss.com"></script>
<link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css" rel="stylesheet">
<script>
tailwind.config = {
theme: {
extend: {
colors: {
primary: {
50: '#eff6ff',
100: '#dbeafe',
500: '#3b82f6',
600: '#2563eb',
700: '#1d4ed8',
800: '#1e40af',
900: '#1e3a8a'
}
}
}
}
}
</script>
<style>
.gradient-bg {
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
}
</style>
</head>
<body class="bg-gray-50 min-h-screen flex items-center justify-center py-12 px-4 sm:px-6 lg:px-8">
<div class="max-w-md w-full space-y-8">
<!-- Header -->
<div class="text-center">
<a href="<?php echo BASE_URL; ?>" class="inline-block">
<img src="<?php echo BASE_URL . ($settings['site_logo'] ?? 'assets/images/logo.png'); ?>"
alt="<?php echo htmlspecialchars($settings['site_name'] ?? 'COP Madina'); ?>"
class="mx-auto h-16 w-16 rounded-full object-cover">
</a>
<h2 class="mt-6 text-3xl font-extrabold text-gray-900">Sign in to your account</h2>
<p class="mt-2 text-sm text-gray-600">
Or
<a href="<?php echo BASE_URL; ?>join.php" class="font-medium text-primary-600 hover:text-primary-500">
create a new account
</a>
</p>
</div>
<!-- Login Form -->
<form class="mt-8 space-y-6" method="POST">
<div class="bg-white shadow-lg rounded-lg p-8">
<?php if ($error): ?>
<div class="mb-4 bg-red-50 border border-red-200 text-red-700 px-4 py-3 rounded-lg">
<div class="flex items-center">
<i class="fas fa-exclamation-circle mr-2"></i>
<?php echo htmlspecialchars($error); ?>
</div>
</div>
<?php endif; ?>
<?php if ($success): ?>
<div class="mb-4 bg-green-50 border border-green-200 text-green-700 px-4 py-3 rounded-lg">
<div class="flex items-center">
<i class="fas fa-check-circle mr-2"></i>
<?php echo htmlspecialchars($success); ?>
</div>
</div>
<?php endif; ?>
<div class="space-y-4">
<div>
<label for="email" class="block text-sm font-medium text-gray-700 mb-2">
Email or Username
</label>
<div class="relative">
<div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
<i class="fas fa-envelope text-gray-400"></i>
</div>
<input id="email" name="email" type="text" required autocomplete="username"
class="block w-full pl-10 pr-3 py-3 border border-gray-300 rounded-lg focus:outline-none focus:ring-2 focus:ring-primary-500 focus:border-primary-500"
placeholder="Enter your email or username"
value="<?php echo htmlspecialchars($_POST['email'] ?? ''); ?>">
</div>
</div>
<div>
<label for="password" class="block text-sm font-medium text-gray-700 mb-2">
Password
</label>
<div class="relative">
<div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
<i class="fas fa-lock text-gray-400"></i>
</div>
<input id="password" name="password" type="password" required autocomplete="current-password"
class="block w-full pl-10 pr-10 py-3 border border-gray-300 rounded-lg focus:outline-none focus:ring-2 focus:ring-primary-500 focus:border-primary-500"
placeholder="Enter your password">
<button type="button" onclick="togglePassword()"
class="absolute inset-y-0 right-0 pr-3 flex items-center">
<i id="password-icon" class="fas fa-eye text-gray-400 hover:text-gray-600"></i>
</button>
</div>
</div>
<div class="flex items-center justify-between">
<div class="flex items-center">
<input id="remember" name="remember" type="checkbox"
class="h-4 w-4 text-primary-600 focus:ring-primary-500 border-gray-300 rounded">
<label for="remember" class="ml-2 block text-sm text-gray-700">
Remember me
</label>
</div>
<div class="text-sm">
<a href="<?php echo BASE_URL; ?>forgot-password.php"
class="font-medium text-primary-600 hover:text-primary-500">
Forgot your password?
</a>
</div>
</div>
</div>
<div class="mt-6">
<button type="submit"
class="group relative w-full flex justify-center py-3 px-4 border border-transparent text-sm font-medium rounded-lg text-white gradient-bg hover:opacity-90 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-primary-500 transition-all duration-200">
<span class="absolute left-0 inset-y-0 flex items-center pl-3">
<i class="fas fa-sign-in-alt text-white"></i>
</span>
Sign in
</button>
</div>
<div class="mt-6">
<div class="relative">
<div class="absolute inset-0 flex items-center">
<div class="w-full border-t border-gray-300"></div>
</div>
<div class="relative flex justify-center text-sm">
<span class="px-2 bg-white text-gray-500">Quick Access</span>
</div>
</div>
</div>
</div>
</form>
<!-- Footer Links -->
<div class="text-center">
<div class="flex justify-center space-x-6 text-sm">
<a href="<?php echo BASE_URL; ?>" class="text-gray-600 hover:text-gray-900">
<i class="fas fa-home mr-1"></i>Home
</a>
<a href="<?php echo BASE_URL; ?>contact.php" class="text-gray-600 hover:text-gray-900">
<i class="fas fa-envelope mr-1"></i>Contact
</a>
<a href="<?php echo BASE_URL; ?>help.php" class="text-gray-600 hover:text-gray-900">
<i class="fas fa-question-circle mr-1"></i>Help
</a>
</div>
<p class="mt-4 text-xs text-gray-500">
© <?php echo date('Y'); ?> The Church of Pentecost - Madina Area. All rights reserved.
</p>
</div>
</div>
<script>
function togglePassword() {
const passwordInput = document.getElementById('password');
const passwordIcon = document.getElementById('password-icon');
if (passwordInput.type === 'password') {
passwordInput.type = 'text';
passwordIcon.classList.remove('fa-eye');
passwordIcon.classList.add('fa-eye-slash');
} else {
passwordInput.type = 'password';
passwordIcon.classList.remove('fa-eye-slash');
passwordIcon.classList.add('fa-eye');
}
}
// Auto-focus on email field
document.getElementById('email').focus();
</script>
</body>
</html>
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists