login.php

   1 <?php
   2 /*=====================================================================*\
   3 || ################################################################### ||
   4 || # Bugdar [#]version[#]
   5 || # --------------------------------------------------------------- # ||
   6 || # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
   7 || # This file may not be reproduced in any way without permission.  # ||
   8 || # --------------------------------------------------------------- # ||
   9 || # User License Agreement at http://www.iris-studios.com/license/  # ||
  10 || ################################################################### ||
  11 \*=====================================================================*/
  12
  13 $fetchtemplates = array(
  14         'login'
  15 );
  16
  17 define('SVN', '$Id$');
  18
  19 $focus['user'] = 'focus';
  20
  21 require_once('./global.php');
  22
  23 // ###################################################################
  24
  25 if ($bugsys->userinfo['userid'] AND $_REQUEST['do'] != 'logout' AND $_POST['do'] != 'cplogin' AND $_REQUEST['do'] != 'cplogout')
  26 {
  27         $message->error($lang->string('You are already logged in.'));
  28 }
  29
  30 // ###################################################################
  31
  32 if (empty($_REQUEST['do']))
  33 {
  34         eval('$template->flush("' . $template->fetch('login') . '");');
  35 }
  36
  37 // ###################################################################
  38
  39 if ($_POST['do'] == 'login' OR $_POST['do'] == 'cplogin')
  40 {
  41         $keeplogin = intval($bugsys->in['rememberme']);
  42         if ($_POST['cplogin'])
  43         {
  44                 $keeplogin = 0;
  45         }
  46
  47         if ($_SERVER['HTTP_REFERER'] AND !$_POST['goindex'])
  48         {
  49                 $url = $_SERVER['HTTP_REFERER'];
  50         }
  51         else
  52         {
  53                 $url = 'index.php';
  54         }
  55
  56         $userinfo = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $bugsys->in['email'] . "'");
  57         if (md5(md5($bugsys->in['password']) . md5($userinfo['salt'])) == $userinfo['password'])
  58         {
  59                 if (!$bugsys->userinfo['userid'])
  60                 {
  61                         $funct->cookie(COOKIE_PREFIX . 'userid', $userinfo['userid'], $keeplogin);
  62                         $funct->cookie(COOKIE_PREFIX . 'authkey', $userinfo['authkey'], $keeplogin);
  63                 }
  64
  65                 if ($_POST['do'] == 'cplogin')
  66                 {
  67                         $funct->cookie(COOKIE_PREFIX . 'adminsession', md5(md5($userinfo['authkey']) . md5(gmdate('F j, Y @ H'))), false);
  68                 }
  69         }
  70         else
  71         {
  72                 if (!$bugsys->userinfo['userid'])
  73                 {
  74                         $funct->cookie(COOKIE_PREFIX . 'userid');
  75                         $funct->cookie(COOKIE_PREFIX . 'authkey');
  76                 }
  77
  78                 $message->error($lang->string('Invalid email or password.'));
  79         }
  80
  81         $message->redirect($lang->string('Welcome back! You are now logged in.'), $url);
  82 }
  83
  84 // ###################################################################
  85
  86 if ($_REQUEST['do'] == 'logout')
  87 {
  88         if ($bugsys->userinfo['userid'])
  89         {
  90                 $funct->cookie(COOKIE_PREFIX . 'userid');
  91                 $funct->cookie(COOKIE_PREFIX . 'authkey');
  92                 $funct->cookie(COOKIE_PREFIX . 'adminsession');
  93                 $message->redirect($lang->string('You have been logged out.'), 'index.php');
  94         }
  95         else
  96         {
  97                 $message->error($lang->string('You need to be logged in to access this feature.'));
  98         }
  99 }
 100
 101 // ###################################################################
 102
 103 if ($_REQUEST['do'] == 'cplogout')
 104 {
 105         if ($_COOKIE[COOKIE_PREFIX . 'adminsession'])
 106         {
 107                 $funct->cookie(COOKIE_PREFIX . 'adminsession');
 108                 $message->redirect($lang->string('You have been logged out.'), 'admin/');
 109         }
 110         else
 111         {
 112                 $message->error($lang->string('You are not logged in.'));
 113         }
 114 }
 115
 116 /*=====================================================================*\
 117 || ###################################################################
 118 || # $HeadURL$
 119 || # $Id$
 120 || ###################################################################
 121 \*=====================================================================*/
 122 ?>