/* If no action parameter is set let's force visitor to login */ if (empty($_REQUEST['action'])) { if (isset($_SESSION['logged']) && $_SESSION['logged'] == "Y") { pj_session_regenerate_id(); mainpage(); } else { login(); } } else { $action = htmlspecialchars($_REQUEST['action']); } /* Do the action that is set in $action variable */ if ($action == 'login') { checkpassword(); $_SESSION['logged'] = 'Y'; pj_session_regenerate_id(); mainpage(); } elseif ($action == 'save') { checklogin(); savelink(); } elseif ($action == 'edit') { checklogin(); editlink(); } elseif ($action == 'backup') { checklogin(); sendbackup(); } elseif ($action == 'remove') { checklogin(); removelink(); } elseif ($action == 'reset') { checklogin();
function pj_autoLogin() { global $ccount_settings; $hash = pj_COOKIE('ccount_hash', false); // Check password if ($hash === false || $hash != pj_Pass2Hash($ccount_settings['admin_pass'])) { setcookie('ccount_hash', ''); return false; } // Password OK, generate session data $_SESSION['LOGGED_IN'] = true; // Regenerate session ID (security) pj_session_regenerate_id(); // Renew cookie setcookie('ccount_hash', "{$hash}", strtotime('+1 year')); // If we don't need to redirect, just return return true; }