login.php

   1 <?php
   2 /*=====================================================================*\
   3 || ###################################################################
   4 || # Bugdar [#]version[#]
   5 || # Copyright 2002-[#]year[#] Blue Static
   6 || #
   7 || # This program is free software; you can redistribute it and/or modify
   8 || # it under the terms of the GNU General Public License as published by
   9 || # the Free Software Foundation; version [#]gpl[#] of the License.
  10 || #
  11 || # This program is distributed in the hope that it will be useful, but
  12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  14 || # more details.
  15 || #
  16 || # You should have received a copy of the GNU General Public License along
  17 || # with this program; if not, write to the Free Software Foundation, Inc.,
  18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  19 || ###################################################################
  20 \*=====================================================================*/
  21
  22 $fetchtemplates = array(
  23         'login'
  24 );
  25
  26 define('SVN', '$Id$');
  27
  28 $focus['user'] = 'focus';
  29
  30 require_once('./global.php');
  31
  32 // ###################################################################
  33
  34 if ($bugsys->userinfo['userid'] AND $_REQUEST['do'] != 'logout' AND $_POST['do'] != 'cplogin' AND $_REQUEST['do'] != 'cplogout')
  35 {
  36         $message->error(_('You are already logged in.'));
  37 }
  38
  39 // ###################################################################
  40
  41 if (empty($_REQUEST['do']))
  42 {
  43         eval('$template->flush("' . $template->fetch('login') . '");');
  44 }
  45
  46 // ###################################################################
  47
  48 if ($_POST['do'] == 'login' OR $_POST['do'] == 'cplogin')
  49 {
  50         $keeplogin = $bugsys->input_clean('rememberme', TYPE_BOOL);
  51         if ($_POST['cplogin'])
  52         {
  53                 $keeplogin = 0;
  54         }
  55
  56         if ($_SERVER['HTTP_REFERER'] AND !$_POST['goindex'])
  57         {
  58                 $url = $_SERVER['HTTP_REFERER'];
  59         }
  60         else
  61         {
  62                 $url = 'index.php';
  63         }
  64
  65         $userinfo = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $bugsys->input_escape('email') . "'");
  66         if (md5(md5($bugsys->in['password']) . md5($userinfo['salt'])) == $userinfo['password'])
  67         {
  68                 if (!$bugsys->userinfo['userid'])
  69                 {
  70                         $funct->cookie(COOKIE_PREFIX . 'userid', $userinfo['userid'], $keeplogin);
  71                         $funct->cookie(COOKIE_PREFIX . 'authkey', $userinfo['authkey'], $keeplogin);
  72                 }
  73
  74                 if ($_POST['do'] == 'cplogin')
  75                 {
  76                         $funct->cookie(COOKIE_PREFIX . 'adminsession', md5(md5($userinfo['authkey']) . md5(gmdate('F j, Y @ H'))), false);
  77                 }
  78         }
  79         else
  80         {
  81                 if (!$bugsys->userinfo['userid'])
  82                 {
  83                         $funct->cookie(COOKIE_PREFIX . 'userid');
  84                         $funct->cookie(COOKIE_PREFIX . 'authkey');
  85                 }
  86
  87                 $message->error(_('Invalid email or password.'));
  88         }
  89
  90         $message->redirect(_('Welcome back! You are now logged in.'), $url);
  91 }
  92
  93 // ###################################################################
  94
  95 if ($_REQUEST['do'] == 'logout')
  96 {
  97         if ($bugsys->userinfo['userid'])
  98         {
  99                 $funct->cookie(COOKIE_PREFIX . 'userid');
 100                 $funct->cookie(COOKIE_PREFIX . 'authkey');
 101                 $funct->cookie(COOKIE_PREFIX . 'adminsession');
 102                 $message->redirect(_('You have been logged out.'), ($_SERVER['HTTP_REFERER'] ? $_SERVER['HTTP_REFERER'] : 'index.php'));
 103         }
 104         else
 105         {
 106                 $message->error(_('You need to be logged in to access this feature.'));
 107         }
 108 }
 109
 110 // ###################################################################
 111
 112 if ($_REQUEST['do'] == 'cplogout')
 113 {
 114         if ($_COOKIE[COOKIE_PREFIX . 'adminsession'])
 115         {
 116                 $funct->cookie(COOKIE_PREFIX . 'adminsession');
 117                 $message->redirect(_('You have been logged out.'), 'admin/');
 118         }
 119         else
 120         {
 121                 $message->error(_('You are not logged in.'));
 122         }
 123 }
 124
 125 /*=====================================================================*\
 126 || ###################################################################
 127 || # $HeadURL$
 128 || # $Id$
 129 || ###################################################################
 130 \*=====================================================================*/
 131 ?>