<?php
/*=====================================================================*\
|| ################################################################### ||
|| # BugStrike [#]version[#]
|| # --------------------------------------------------------------- # ||
|| # Copyright Š2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
|| # This file may not be reproduced in any way without permission.  # ||
|| # --------------------------------------------------------------- # ||
|| # User License Agreement at http://www.iris-studios.com/license/  # ||
|| ################################################################### ||
\*=====================================================================*/

$fetchtemplates = array(
	'login'
);

require_once('./global.php');

// ###################################################################

if ($bugsys->userinfo['userid'] AND $_REQUEST['do'] != 'logout' AND $_POST['do'] != 'cplogin' AND $_REQUEST['do'] != 'cplogout')
{
	$message->error('You are already logged in.');
}

// ###################################################################

if (empty($_REQUEST['do']))
{
	eval('$template->flush("' . $template->fetch('login') . '");');
}

// ###################################################################

if ($_POST['do'] == 'login' OR $_POST['do'] == 'cplogin')
{
	$keeplogin = intval($bugsys->in['rememberme']);
	if ($_POST['cplogin'])
	{
		$keeplogin = 0;
	}
	
	if ($_SERVER['HTTP_REFERER'] AND !$_POST['goindex'])
	{
		$url = $_SERVER['HTTP_REFERER'];
	}
	else
	{
		$url = 'index.php';
	}
	
	$userinfo = $db->query_first("SELECT * FROM user WHERE email = '" . $bugsys->in['email'] . "'");
	if (md5(md5($bugsys->in['password']) . md5($userinfo['salt'])) == $userinfo['password'])
	{
		if (!$bugsys->userinfo['userid'])
		{
			$funct->cookie(COOKIE_PREFIX . 'userid', $userinfo['userid'], $keeplogin);
			$funct->cookie(COOKIE_PREFIX . 'authkey', $userinfo['authkey'], $keeplogin);
		}
		
		if ($_POST['do'] == 'cplogin')
		{
			$funct->cookie(COOKIE_PREFIX . 'adminsession', md5(md5($userinfo['authkey']) . md5($userinfo['email']) . md5($userinfo['userid'])), false);
		}
	}
	else
	{
		if (!$bugsys->userinfo['userid'])
		{
			$funct->cookie(COOKIE_PREFIX . 'userid');
			$funct->cookie(COOKIE_PREFIX . 'authkey');
		}
		
		$message->error('Invalid email or password.');
	}
	
	
	echo 'You are now logged in :-)';
	
	header("Location: $url");
}

// ###################################################################

if ($_REQUEST['do'] == 'logout')
{
	if ($bugsys->userinfo['userid'])
	{
		$funct->cookie(COOKIE_PREFIX . 'userid');
		$funct->cookie(COOKIE_PREFIX . 'authkey');
		$funct->cookie(COOKIE_PREFIX . 'adminsession');
	}
	else
	{
		$message->error('You need to be logged in!');
	}
}

// ###################################################################

if ($_REQUEST['do'] == 'cplogout')
{
	if ($_COOKIE[COOKIE_PREFIX . 'adminsession'])
	{
		$funct->cookie(COOKIE_PREFIX . 'adminsession');
		echo 'logged out';
	}
	else
	{
		echo 'you are not logged in';
	}
}

/*=====================================================================*\
|| ###################################################################
|| # $HeadURL$
|| # $Id$
|| ###################################################################
\*=====================================================================*/
?>