114 lines
3.8 KiB
PHP
114 lines
3.8 KiB
PHP
<?php
|
|
require_once __DIR__ . '/db/config.php';
|
|
require_once __DIR__ . '/includes/functions.php';
|
|
|
|
init_session();
|
|
|
|
$baseUrl = get_base_url();
|
|
|
|
/**
|
|
* Determine where to redirect the user based on permissions
|
|
*/
|
|
function get_redirect_url($baseUrl) {
|
|
if (has_permission('dashboard_view')) {
|
|
return $baseUrl . 'admin/index.php';
|
|
} elseif (has_permission('pos_view')) {
|
|
return $baseUrl . 'pos.php';
|
|
} elseif (has_permission('kitchen_view')) {
|
|
return $baseUrl . 'kitchen.php';
|
|
}
|
|
// Fallback to admin index if no specific view permission found,
|
|
// the page itself will handle the final access denied
|
|
return $baseUrl . 'admin/index.php';
|
|
}
|
|
|
|
// Redirect if already logged in
|
|
if (get_logged_user()) {
|
|
header('Location: ' . get_redirect_url($baseUrl));
|
|
exit;
|
|
}
|
|
|
|
$error = '';
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$username = $_POST['username'] ?? '';
|
|
$password = $_POST['password'] ?? '';
|
|
|
|
if (login_user($username, $password)) {
|
|
header('Location: ' . get_redirect_url($baseUrl));
|
|
exit;
|
|
} else {
|
|
$error = 'Invalid username or password.';
|
|
}
|
|
}
|
|
|
|
$settings = get_company_settings();
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>Login - <?= htmlspecialchars($settings['company_name']) ?></title>
|
|
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
|
|
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.0/font/bootstrap-icons.css">
|
|
<link rel="stylesheet" href="<?= $baseUrl ?>assets/css/custom.css">
|
|
<style>
|
|
body {
|
|
background: linear-gradient(135deg, #f5f7fa 0%, #c3cfe2 100%);
|
|
height: 100vh;
|
|
display: flex;
|
|
align-items: center;
|
|
justify-content: center;
|
|
}
|
|
.login-card {
|
|
width: 100%;
|
|
max-width: 400px;
|
|
border-radius: 1.5rem;
|
|
box-shadow: 0 1rem 3rem rgba(0,0,0,0.1);
|
|
}
|
|
</style>
|
|
</head>
|
|
<body>
|
|
|
|
<div class="card login-card border-0">
|
|
<div class="card-body p-5">
|
|
<div class="text-center mb-4">
|
|
<h3 class="fw-bold"><?= htmlspecialchars($settings['company_name']) ?></h3>
|
|
<p class="text-muted">Sign in to your account</p>
|
|
</div>
|
|
|
|
<?php if ($error): ?>
|
|
<div class="alert alert-danger small py-2"><?= $error ?></div>
|
|
<?php endif; ?>
|
|
|
|
<?php if (isset($_GET['reset']) && $_GET['reset'] == 'success'): ?>
|
|
<div class="alert alert-success small py-2">Password reset successfully. You can now login.</div>
|
|
<?php endif; ?>
|
|
|
|
<form method="POST">
|
|
<div class="mb-3">
|
|
<label class="form-label small fw-medium">Username</label>
|
|
<div class="input-group">
|
|
<span class="input-group-text bg-light border-0"><i class="bi bi-person"></i></span>
|
|
<input type="text" name="username" class="form-control bg-light border-0" required autofocus>
|
|
</div>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label small fw-medium">Password</label>
|
|
<div class="input-group">
|
|
<span class="input-group-text bg-light border-0"><i class="bi bi-lock"></i></span>
|
|
<input type="password" name="password" class="form-control bg-light border-0" required>
|
|
</div>
|
|
</div>
|
|
<div class="mb-4 d-flex justify-content-end">
|
|
<a href="forgot_password.php" class="small text-decoration-none">Forgot Password?</a>
|
|
</div>
|
|
<button type="submit" class="btn btn-primary w-100 py-2 fw-bold">Login</button>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
|
|
</body>
|
|
</html>
|