From 067a3863fe3d801ae6384dd5a904b9ad408dd3cc Mon Sep 17 00:00:00 2001
From: Horus3
Date: Mon, 26 Oct 2015 19:23:30 +0100
Subject: Add login via email.

---
 action.php | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

(limited to 'action.php')

diff --git a/action.php b/action.php
index c045deb..d291fe1 100644
--- a/action.php
+++ b/action.php
@@ -384,6 +384,41 @@ JG Adlershof";
 			redirect("gallery&gallery=".$_GET["gallery"]);
 		}
 		break;
+	case("genHash"):
+		if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){
+			header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed");
+			ob_clean();
+			echo "Method not allowed";
+			exit;
+		}
+		if ( ! $user->setHash($_REQUEST["name"], $c) ) {
+			print_login("password");
+		} else {
+			print_verify_by_email();
+		}
+
+
+	case("verify"):
+		if ( $_SERVER['REQUEST_METHOD'] != 'GET' ){
+			header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed");
+			ob_clean();
+			echo "Method not allowed";
+			exit;
+		}
+		//lredirect( "login");
+		if ( ! isset($_REQUEST["name"]) || $_REQUEST["name"] == "" || ! isset($_REQUEST["hash"]) || $_REQUEST["hash"] == "" ){
+			print_login("missing");
+		} else 	if ( $user->loginByEmail($_REQUEST["name"], $_REQUEST["hash"], $c) ){
+			$goto = preg_replace("/;/", "&", $_GET["goto"]);
+			header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved");
+			header("Location: ".DOMAIN."?page=" . $goto);
+			ob_clean();
+			exit;
+		} else {
+			print_login("password");
+		}
+		break;
+
 	default:
 		print_404();
 		break;
-- 
cgit v1.2.3