// ################################### -start- part of header.php ###################################
session_start();
// create root path
$file=__FILE__;
if(!isset($file) || strlen($file)<=0) $file=$_SERVER["PATH_TRANSLATED"];
$path_root_admin=substr(str_replace("\\", "/", $file), 0, strpos(str_replace("\\", "/", $file), "/login.php")+1);
if(substr($path_root_admin,strlen($path_root_admin)-1,1)!="/") $path_root_admin.="/";
$idx = strpos(strrev($path_root_admin),"/",1);
$path_root = substr($path_root_admin,0,strlen($path_root_admin)-$idx);
/// path to smarty
define("SMARTYPATH", $path_root."includes/smarty/");
require_once($path_root."config.php");
require_once($path_root."includes/db_flatfile.php");
require_once(SMARTYPATH."Smarty.class.php");
// smarty
$smarty=new Smarty;
$smarty->template_dir=$path_root."templates/".$site_config["SKIN"];
$smarty->compile_dir=$path_root."templates_c";
$smarty->assign("site_config", $site_config); // template - site config
$seconds_login_expiry=0;
// ### check settings
{
$message="";
if($security_username==NULL || $security_username==""){ $message="Please enter security_username at config file
"; }
if($security_password==NULL || $security_password==""){ $message="Please enter security_password at config file
"; }
// calculate seconds for login expiry
$seconds_login_expiry=$login_expiry["seconds"]+($login_expiry["minutes"]*60)+($login_expiry["hours"]*3600)+($login_expiry["days"]*3600*24);
if($seconds_login_expiry==0){ $message.="Please enter correct value for login expiry periode at config file"; }
// -- other cheking can be added here --
if($message!=""){ exit(''.$message.''); }
}
// ################################### -end- part of header.php ###################################
if(isset($_SESSION["sid"]) && isset($_SESSION["login_timestamp"])){
$sid=md5(md5(md5($security_username).$security_password).$_SESSION["login_timestamp"]);
if($sid!=$_SESSION["sid"]){
// clear sessions
unset($_SESSION["sid"]);
unset($_SESSION["login_timestamp"]);
$smarty->assign("error",1);
}else{
// check for logout
if(isset($_GET["logout"])){
unset($_SESSION["sid"]);
unset($_SESSION["login_timestamp"]);
$smarty->assign("logout",1);
}else
header("location: ".$site_config["SITE_URL"]."/admin/index.php"); // already login, goto main page
}
}
if(isset($_GET["expire"])){
// clear sessions
unset($_SESSION["sid"]);
unset($_SESSION["login_timestamp"]);
$smarty->assign("expire",1);
}
if(isset($_GET["error"])){
// clear sessions
unset($_SESSION["sid"]);
unset($_SESSION["login_timestamp"]);
$smarty->assign("error",1);
}
if($captcha_enable==1) $smarty->assign("captcha_enable",$captcha_enable);
// ### check - login
{
if(isset($_POST["submit"]) && isset($_POST["username"]) && isset($_POST["password"])){
if($captcha_enable==1 && isset($_POST["captchastring"])==false) exit('Error in captcha');
$username=$_POST["username"];
$password=$_POST["password"];
if($captcha_enable==1) $captchastring=$_POST["captchastring"];
$login_failed=false;
// check username
if($security_username!=$username){
$login_failed=true;
if(trim($username)==""){
$smarty->assign("class_username","warning");
$smarty->assign("msg_username","Enter username");
}else{
$smarty->assign("class_username","error");
$smarty->assign("msg_username","Incorrect username");
}
}
// check password
if($security_password!=$password){
$login_failed=true;
if(trim($password)==""){
$smarty->assign("class_password","warning");
$smarty->assign("msg_password","Enter password");
}else{
$smarty->assign("class_password","error");
$smarty->assign("msg_password","Incorrect password");
}
}
// check captcha
if($captcha_enable==1 && $_SESSION["CAPTCHAString"]!=$captchastring){
$login_failed=true;
if(trim($captchastring)==""){
$smarty->assign("class_keycode","warning");
$smarty->assign("msg_keycode","Enter keycode");
}else{
$smarty->assign("class_keycode","error");
$smarty->assign("msg_keycode","Incorrect keycode");
}
}
if($login_failed===false){
// create login session
$_SESSION["login_timestamp"]=time();
$_SESSION["sid"]=md5(md5(md5($security_username).$security_password).$_SESSION["login_timestamp"]);
// goto main page (index.php)
header("location: ".$site_config["SITE_URL"]."/admin/index.php");
exit;
}
}
}
$smarty->assign("form_action",$site_config["SITE_URL"]."/admin/login.php");
// template - display
$smarty->display("admin.login.tpl");
// sql connection - close
exit;
?>