userinfo['userid'] AND $_REQUEST['do'] != 'logout' AND $_POST['do'] != 'cplogin' AND $_REQUEST['do'] != 'cplogout') { $message->error(_('You are already logged in.')); } // ################################################################### if (empty($_REQUEST['do'])) { eval('$template->flush("' . $template->fetch('login') . '");'); } // ################################################################### if ($_POST['do'] == 'login' OR $_POST['do'] == 'cplogin') { $keeplogin = $bugsys->input_clean('rememberme', TYPE_BOOL); if ($_POST['cplogin']) { $keeplogin = 0; } if ($_SERVER['HTTP_REFERER'] AND !$_POST['goindex']) { $url = $_SERVER['HTTP_REFERER']; } else { $url = 'index.php'; } $userinfo = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $bugsys->input_escape('email') . "'"); if (md5(md5($bugsys->in['password']) . md5($userinfo['salt'])) == $userinfo['password']) { if (!$bugsys->userinfo['userid']) { $funct->cookie(COOKIE_PREFIX . 'userid', $userinfo['userid'], $keeplogin); $funct->cookie(COOKIE_PREFIX . 'authkey', $userinfo['authkey'], $keeplogin); } if ($_POST['do'] == 'cplogin') { $funct->cookie(COOKIE_PREFIX . 'adminsession', md5(md5($userinfo['authkey']) . md5(gmdate('F j, Y @ H'))), false); } } else { if (!$bugsys->userinfo['userid']) { $funct->cookie(COOKIE_PREFIX . 'userid'); $funct->cookie(COOKIE_PREFIX . 'authkey'); } $message->error(_('Invalid email or password.')); } $message->redirect(_('Welcome back! You are now logged in.'), $url); } // ################################################################### if ($_REQUEST['do'] == 'logout') { if ($bugsys->userinfo['userid']) { $funct->cookie(COOKIE_PREFIX . 'userid'); $funct->cookie(COOKIE_PREFIX . 'authkey'); $funct->cookie(COOKIE_PREFIX . 'adminsession'); $message->redirect(_('You have been logged out.'), ($_SERVER['HTTP_REFERER'] ? $_SERVER['HTTP_REFERER'] : 'index.php')); } else { $message->error(_('You need to be logged in to access this feature.')); } } // ################################################################### if ($_REQUEST['do'] == 'cplogout') { if ($_COOKIE[COOKIE_PREFIX . 'adminsession']) { $funct->cookie(COOKIE_PREFIX . 'adminsession'); $message->redirect(_('You have been logged out.'), 'admin/'); } else { $message->error(_('You are not logged in.')); } } /*=====================================================================*\ || ################################################################### || # $HeadURL$ || # $Id$ || ################################################################### \*=====================================================================*/ ?>