diff options
Diffstat (limited to 'action.php')
| -rw-r--r-- | action.php | 35 |
1 files changed, 35 insertions, 0 deletions
@@ -384,6 +384,41 @@ JG Adlershof"; redirect("gallery&gallery=".$_GET["gallery"]); } break; + case("genHash"): + if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){ + header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed"); + ob_clean(); + echo "Method not allowed"; + exit; + } + if ( ! $user->setHash($_REQUEST["name"], $c) ) { + print_login("password"); + } else { + print_verify_by_email(); + } + + + case("verify"): + if ( $_SERVER['REQUEST_METHOD'] != 'GET' ){ + header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed"); + ob_clean(); + echo "Method not allowed"; + exit; + } + //lredirect( "login"); + if ( ! isset($_REQUEST["name"]) || $_REQUEST["name"] == "" || ! isset($_REQUEST["hash"]) || $_REQUEST["hash"] == "" ){ + print_login("missing"); + } else if ( $user->loginByEmail($_REQUEST["name"], $_REQUEST["hash"], $c) ){ + $goto = preg_replace("/;/", "&", $_GET["goto"]); + header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved"); + header("Location: ".DOMAIN."?page=" . $goto); + ob_clean(); + exit; + } else { + print_login("password"); + } + break; + default: print_404(); break; |