check('interface',$_SERVER['REMOTE_ADDR'],'','5')) { debug_event('access_denied','Access Denied:' . $_SERVER['REMOTE_ADDR'] . ' is not in the Interface Access list','3'); access_denied(); } } // access_control is enabled /* Check for posted username and password */ if ($_POST['username'] && $_POST['password']) { if ($_POST['rememberme']) { $extended = vauth_conf('remember_length'); vauth_conf(array('cookie_life'=>$extended),1); $cookie_name = vauth_conf('session_name') . "_remember"; $cookie_life = time() + $extended; setcookie($cookie_name, '1', $cookie_life,'/',vauth_conf('cookie_domain')); } /* If we are in demo mode let's force auth success */ if (conf('demo_mode')) { $auth['success'] = 1; $auth['info']['username'] = "Admin- DEMO"; $auth['info']['fullname'] = "Administrative User"; $auth['info']['offset_limit'] = 25; } else { $username = scrub_in($_POST['username']); $password = scrub_in($_POST['password']); $auth = authenticate($username, $password); $user = new User($username); if ($user->disabled === '1') { $auth['success'] = false; $auth['error'] = "Error: User Disabled please contact Admin"; } // if user disabled } // if we aren't in demo mode } /* If the authentication was a success */ if ($auth['success']) { // $auth->info are the fields specified in the config file // to retrieve for each user vauth_session_create($auth); // // Not sure if it was me or php tripping out, // but naming this 'user' didn't work at all // $_SESSION['userdata'] = $auth; // // Record the IP of this person! // if (conf('track_user_ip')) { $user = new User($_POST['username']); $user->insert_ip_history(); unset($user); } /* Make sure they are actually trying to get to this site and don't try to redirect them back into * an admin section **/ if (strstr($_POST['referrer'], conf('web_path')) AND !strstr($_POST['referrer'],"install.php") AND !strstr($_POST['referrer'],"login.php") AND !strstr($_POST['referrer'],"update.php") AND !strstr($_POST['referrer'],"activate.php") AND !strstr($_POST['referrer'],"admin")) { header("Location: " . $_POST['referrer']); exit(); } // if we've got a referrer header("Location: " . conf('web_path') . "/index.php"); exit(); } // auth success /* If auth failed then setup the error */ else { $GLOBALS['error']->add_error('general',$auth['error']); } $htmllang = str_replace("_","-",conf('lang')); ?> <?php echo conf('site_title'); ?> \n"; show_box_top(_('Message of the Day')); include conf('prefix') . '/config/motd.php'; show_box_bottom(); echo "\n"; } ?>