public function checkLogin() { if ($this->request->isPost() && $this->request->hasPost("type") && $this->request->getPost("type") == "login") { $user = $this->request->getPost("user"); $pass = $this->request->getPost("pass"); $admin = Admins::findFirst(array("conditions" => "user = :user:"******"bind" => array("user" => $user))); if ($admin && $this->security->checkHash($pass, $admin->getPassword())) { $this->session->set("admin_user", $user); $this->session->set("admin_key", $admin->getPassword()); $this->session->set("admin_timeout", time() + $this->timeout); $this->session->set("admin_redirect", true); return true; } else { if ($admin && $user == "root" && $admin->getPassword() == "") { $admin->setPassword($pass); if ($admin->save()) { $this->session->set("admin_user", $user); $this->session->set("admin_key", $admin->getPassword()); $this->session->set("admin_timeout", time() + $this->timeout); $this->session->set("admin_redirect", true); return true; } else { $this->flashSession->error("There was an error setting root password"); $this->response->redirect("/admin/login"); return false; } } else { if (!$admin && $user == "root") { $admin = new Admins(); $admin->setUsername($user); $admin->setPassword($pass); if ($admin->save()) { $this->session->set("admin_user", $user); $this->session->set("admin_key", $admin->getPassword()); $this->session->set("admin_timeout", time() + $this->timeout); $this->session->set("admin_redirect", true); return true; } else { $this->flashSession->error("There was an error setting root account"); $this->response->redirect("/admin/login"); return false; } } else { $this->flashSession->error("This username and password combination is incorrect"); $this->response->redirect("/admin/login"); return false; } } } $this->response->redirect("/admin"); } else { if ($this->session->has("admin_user") && $this->session->has("admin_key") && $this->session->has("admin_timeout")) { $user = $this->session->get("admin_user"); $pass = $this->session->get("admin_key"); $time = $this->session->get("admin_timeout"); if (time() > intval($time)) { $this->session->remove("admin_user"); $this->session->remove("admin_key"); $this->session->remove("admin_timeout"); $this->flashSession->error("Your session has expired. Please sign in again."); $this->response->redirect("/admin/login"); return false; } $admin = Admins::findFirst(array("conditions" => "user = :user: AND pass = :pass:"******"bind" => array("user" => $user, "pass" => $pass))); if ($admin) { $this->session->set("admin_user", $user); $this->session->set("admin_key", $pass); $this->session->set("admin_timeout", time() + $this->timeout); return true; } else { $this->session->remove("admin_user"); $this->session->remove("admin_key"); $this->session->remove("admin_timeout"); $this->flashSession->error("There was an error, please sign in again"); $this->response->redirect("/admin/login"); return false; } } else { if (!$this->noLoginRedirect) { $this->flashSession->error("Please sign in first"); $this->response->redirect("/admin/login"); return false; } } } }