public function index() { if ($this->client->can_edit($this->site_id)) { url::redirect(); } $view = new View('admin/wrapper'); $view->linkCSS("/_assets/css/wrapper.css"); $view->admin_linkJS('get/js/live?v=1.0'); # is this website claimed? if (FALSE === strpos($this->claimed, '@')) { # full login. $view->primary = new View('admin/login'); $values = array('username' => '', 'password' => ''); } else { # email only login. if (isset($_POST['email']) or isset($_GET['email'])) { $email = isset($_POST['email']) ? trim($_POST['email']) : trim($_GET['email']); if ($this->claimed === $email) { # grant access $_SESSION['unclaimed'] = $this->claimed; url::redirect(); } else { die('invalid email'); } } $view->primary = new View('admin/email_only'); $values = array('username' => '', 'password' => ''); } if ($_POST) { $post = new Validation($_POST); $post->pre_filter('trim'); $post->add_rules('username', 'required', 'valid::alpha_numeric'); $post->add_rules('password', 'required', 'valid::alpha_dash'); $values = array('username' => '', 'password' => ''); $values = arr::overwrite($values, $post->as_array()); if (!$post->validate()) { # $view->error = arr::overwrite($values, $post->errors('form_error_messages')); $view->error = 'Invalid Username or Password.'; $view->primary->values = $_POST; die($view); } # atttempt to log user in to the root site accounts. if ($this->account_user->login($_POST['username'], (int) ROOTSITEID, $_POST['password'], FALSE)) { $plusjade_user = $this->account_user->get_user(); # can this user edit the site? if ($plusjade_user->has(ORM::factory('site', $this->site_id))) { # setup credentials via the auth library $this->client->force_login($plusjade_user); url::redirect(); } $view->primary->values = $_POST; $view->error = 'Cannot edit this site.'; die($view); } $view->primary->values = $_POST; $view->error = 'Invalid username or password'; die($view); } $view->primary->values = $values; die($view); }