X-Git-Url: http://git.shiar.nl/minimedit.git/blobdiff_plain/41811556ca2ca3ca29191bee012c35e5f40a3995..f8cfc76a8f02504af15ae89ac6f4896f072ff0a8:/login/index.php

diff --git a/login/index.php b/login/index.php
index 5cfbded..f94984b 100644
--- a/login/index.php
+++ b/login/index.php
@@ -1,4 +1,5 @@
 <?php
+if ($Page->api) return;
 $message = NULL;
 
 if (isset($_POST['mail'])) {
@@ -35,30 +36,40 @@ elseif (isset($_GET['logout'])) {
 	$message = "Je bent uitgelogd. Graag tot ziens!";
 }
 
-if (empty($User)) {
-	ob_clean();
-	require_once 'login/form.inc.php';
-	$Place['warn'] = $message;
-	$Article->title = 'Inloggen';
+if (!$User or !$User->login) {
+	$Page->title = 'Inloggen';
 	if (isset($_REQUEST['goto'])) {
+		if (empty($message)
+		and !preg_match('(^WhatsApp/)', $_SERVER['HTTP_USER_AGENT'])) {
+			http_response_code(403);
+		}
 		$target = ltrim($_REQUEST['goto'], '/');
-		$target = new ArchiveArticle("$target.html");
+		$target = new ArchiveArticle(file_exists("$target/index.html") ? "$target/index.html" : "$target.html");
+		$target->index; # run forbidden handler to determine metadata
+
 		if ($target->title) {
-			$Article->title .= ' voor ' . $target->title;
+			$Page->title .= ' voor ' . $target->title;
 		}
+		$Page->image = $target->image;
+		$Page->teaser = $target->teaser;
 	}
+	ob_start();
+	require_once 'login/form.inc.php';
+	$Page->raw = ob_get_clean();
+	$Page->place['warn'] = $message;
 	return TRUE;
 }
 
 if (isset($_REQUEST['goto'])) {
-	ob_clean();
 	$target = ltrim($_REQUEST['goto'], '/');
-	header("Location: /$target");
-	http_response_code(302);
-	exit;
+	abort("/$target", '303 Return');
 }
 
-if (empty($Args) and $User and $User->admin) {
+if (isset($Page->raw)) {
+	print $Page->raw;
+}
+if (empty($Page->path) and $User->admin) {
 	include_once 'login/admin.html';
 }
 
+return;