template_dir=$path_root."templates/".$site_config["SKIN"]; $smarty->compile_dir=$path_root."templates_c"; $smarty->assign("site_config", $site_config); // template - site config $seconds_login_expiry=0; // ### check settings { $message=""; if($security_username==NULL || $security_username==""){ $message="Please enter security_username at config file
"; } if($security_password==NULL || $security_password==""){ $message="Please enter security_password at config file
"; } // calculate seconds for login expiry $seconds_login_expiry=$login_expiry["seconds"]+($login_expiry["minutes"]*60)+($login_expiry["hours"]*3600)+($login_expiry["days"]*3600*24); if($seconds_login_expiry==0){ $message.="Please enter correct value for login expiry periode at config file"; } // -- other cheking can be added here -- if($message!=""){ exit(''.$message.''); } } // ################################### -end- part of header.php ################################### if(isset($_SESSION["sid"]) && isset($_SESSION["login_timestamp"])){ $sid=md5(md5(md5($security_username).$security_password).$_SESSION["login_timestamp"]); if($sid!=$_SESSION["sid"]){ // clear sessions unset($_SESSION["sid"]); unset($_SESSION["login_timestamp"]); $smarty->assign("error",1); }else{ // check for logout if(isset($_GET["logout"])){ unset($_SESSION["sid"]); unset($_SESSION["login_timestamp"]); $smarty->assign("logout",1); }else header("location: ".$site_config["SITE_URL"]."/admin/index.php"); // already login, goto main page } } if(isset($_GET["expire"])){ // clear sessions unset($_SESSION["sid"]); unset($_SESSION["login_timestamp"]); $smarty->assign("expire",1); } if(isset($_GET["error"])){ // clear sessions unset($_SESSION["sid"]); unset($_SESSION["login_timestamp"]); $smarty->assign("error",1); } if($captcha_enable==1) $smarty->assign("captcha_enable",$captcha_enable); // ### check - login { if(isset($_POST["submit"]) && isset($_POST["username"]) && isset($_POST["password"])){ if($captcha_enable==1 && isset($_POST["captchastring"])==false) exit('Error in captcha'); $username=$_POST["username"]; $password=$_POST["password"]; if($captcha_enable==1) $captchastring=$_POST["captchastring"]; $login_failed=false; // check username if($security_username!=$username){ $login_failed=true; if(trim($username)==""){ $smarty->assign("class_username","warning"); $smarty->assign("msg_username","Enter username"); }else{ $smarty->assign("class_username","error"); $smarty->assign("msg_username","Incorrect username"); } } // check password if($security_password!=$password){ $login_failed=true; if(trim($password)==""){ $smarty->assign("class_password","warning"); $smarty->assign("msg_password","Enter password"); }else{ $smarty->assign("class_password","error"); $smarty->assign("msg_password","Incorrect password"); } } // check captcha if($captcha_enable==1 && $_SESSION["CAPTCHAString"]!=$captchastring){ $login_failed=true; if(trim($captchastring)==""){ $smarty->assign("class_keycode","warning"); $smarty->assign("msg_keycode","Enter keycode"); }else{ $smarty->assign("class_keycode","error"); $smarty->assign("msg_keycode","Incorrect keycode"); } } if($login_failed===false){ // create login session $_SESSION["login_timestamp"]=time(); $_SESSION["sid"]=md5(md5(md5($security_username).$security_password).$_SESSION["login_timestamp"]); // goto main page (index.php) header("location: ".$site_config["SITE_URL"]."/admin/index.php"); exit; } } } $smarty->assign("form_action",$site_config["SITE_URL"]."/admin/login.php"); // template - display $smarty->display("admin.login.tpl"); // sql connection - close exit; ?>