if ($user->canViewACP($user->data()->id)) {
if ($user->isAdmLoggedIn()) {
// Can view
} else {
// Need to re-authenticate. Display login form
require 'core/includes/password.php';
// Require password compat library
// Deal with input
if (Input::exists()) {
if (Token::check(Input::get('token'))) {
// Validate input
$validate = new Validate();
$validation = $validate->check($_POST, array('username' => array('required' => true, 'isbanned' => true, 'isactive' => true), 'password' => array('required' => true)));
if ($validation->passed()) {
$user = new User();
$login = $user->adminLogin(Input::get('username'), Input::get('password'));
if ($login) {
Redirect::to("/admin");
die;
} else {
Session::flash('adm_auth_error', '<div class="alert alert-danger">' . $user_language['incorrect_details'] . '</div>');
}
} else {
Session::flash('adm_auth_error', '<div class="alert alert-danger">' . $user_language['incorrect_details'] . '</div>');
}
} else {
// Invalid token
Session::flash('adm_auth_error', '<div class="alert alert-danger">' . $admin_language['invalid_token'] . '</div>');
}
}
?>
<?php
require_once 'core/init.php';
$user = new User();
$result = array('state' => 'success', 'message' => '');
if (!$user->isLoggedIn()) {
Redirect::to(login . php);
} else {
if (Input::exists('post')) {
$admin_password = Input::get('admin_password');
$flag = $user->adminLogin($user->data()->id, $admin_password);
if ($flag == 'success') {
$result['state'] = 'success';
$result['message'] = "验证成功";
} else {
if ($flag == 'roleFalse') {
$result['state'] = 'failed';
$result['message'] = "验证失败,你不是管理员!";
} else {
if ($flag == "loginFalse") {
$result['state'] = 'failed';
$result['message'] = "验证失败,请确认密码!";
}
}
}
echo json_encode($result);
}
}
