function pj_autoLogin()
{
global $ccount_settings;
$hash = pj_COOKIE('ccount_hash', false);
// Check password
if ($hash === false || $hash != pj_Pass2Hash($ccount_settings['admin_pass'])) {
setcookie('ccount_hash', '');
return false;
}
// Password OK, generate session data
$_SESSION['LOGGED_IN'] = true;
// Regenerate session ID (security)
pj_session_regenerate_id();
// Renew cookie
setcookie('ccount_hash', "{$hash}", strtotime('+1 year'));
// If we don't need to redirect, just return
return true;
}
setcookie('ccount_hash', '');
// Stop session
pj_session_stop();
// Define a success message
$_SESSION['PJ_MESSAGES']['SUCCESS'] = 'You have logged out successfuly.';
} elseif (pj_isLoggedIn()) {
header('Location: admin.php');
die;
} elseif ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Check password etc
if (stripslashes(pj_input(pj_POST('pass', false))) == $ccount_settings['admin_pass']) {
// Set session variable
$_SESSION['LOGGED_IN'] = true;
// Remember user?
if (pj_POST('remember') == 'yes') {
setcookie('ccount_hash', pj_Pass2Hash($ccount_settings['admin_pass']), strtotime('+1 year'));
}
// Redirect to admin
header('Location: admin.php');
die;
} else {
$_SESSION['PJ_MESSAGES']['ERROR'] = 'Invalid password.';
}
} elseif (isset($_GET['notice'])) {
$_SESSION['PJ_MESSAGES']['INFO'] = 'Session expired, please login again.';
}
// Nothing of above, print the sign in form...
// Get header
include 'admin_header.inc.php';
// Sign in form
?>
