1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
<?php
/*
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/*
Login our friendly users
*/
$no_session = true;
require_once("modules/init.php");
set_site_preferences();
//
// So we check for a username and password first
//
if ( $_POST['username'] && $_POST['password'] ) {
if ($_POST['rememberme']) {
setcookie('amp_longsess', '1', time()+3600*24*30*120);
}
/* If we are in demo mode let's force auth success */
if (conf('demo_mode')) {
$auth['success'] = 1;
$auth['info']['username'] = "Admin- DEMO";
$auth['info']['fullname'] = "Administrative User";
$auth['info']['offset_limit'] = 25;
}
else {
$username = trim($_POST['username']);
$password = trim($_POST['password']);
$auth = authenticate($username, $password);
$user = new User($username);
if ($user->access === 'disabled') {
$auth['success'] = false;
$auth['error'] = "Error: User Disabled please contact Admin";
} // if user disabled
} // if we aren't in demo mode
}
//
// If we succeeded in authenticating, create a session
//
if ( ($auth['success'] == 1)) {
// $auth->info are the fields specified in the config file
// to retrieve for each user
make_local_session_only($auth);
//
// Not sure if it was me or php tripping out,
// but naming this 'user' didn't work at all
//
$_SESSION['userdata'] = $auth['info'];
// Make sure they are actually trying to get to this site
if (strstr($_POST['referrer'], conf('web_path')) AND !strstr($_POST['referrer'],"install.php") AND !strstr($_POST['referrer'],"login.php") AND !strstr($_POST['referrer'],"update.php")) {
header("Location: " . $_POST['referrer']);
exit();
} // if we've got a referrer
header("Location: " . conf('web_path') . "/index.php");
exit();
} // auth success
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<html lang="<?php echo conf('lang'); ?>">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo conf('site_charset'); ?>" />
<title> <?php echo conf('site_title'); ?> </title>
<?php show_template('style'); ?>
<script type="text/javascript" language="javascript">
function focus(){ document.login.username.focus(); }
</script>
</head>
<body bgcolor="<?php echo conf('bg_color1'); ?>" onload="focus();">
<?
require(conf('prefix') . "/templates/show_login_form.inc");
if (@is_readable(conf('prefix') . '/config/motd.php')) {
include conf('prefix') . '/config/motd.php';
}
?>
</body>
</html>
|
