if ($use_db) {
// == 2. Initialize DB connection: ==
require dirname(__FILE__) . '/_init_db.inc.php';
// == 3. Initialize Modules: ==
// Let the modules load/register what they need:
$Timer->resume('init modules');
modules_call_method('init');
$Timer->pause('init modules');
// == 4. Initialize Plugins: ==
// At this point, the first hook is "SessionLoaded"
// The dnsbl_antispam plugin is an example that uses this to check the user's IP against a list of DNS blacklists.
load_class('plugins/model/_plugins.class.php', 'Plugins');
/**
* @global Plugins The Plugin management object
*/
$Plugins = new Plugins();
// This is the earliest event you can use
$Plugins->trigger_event('AfterPluginsInit');
// == 5. Initialize WWW HIT: ==
if (!$is_cli) {
require dirname(__FILE__) . '/_init_hit.inc.php';
}
$Plugins->trigger_event('AfterMainInit');
}
if (!$is_cli) {
// Move user to suspect group by IP address
antispam_suspect_user_by_IP();
}
$Timer->pause('_MAIN.inc');
// LOG with APM:
$Timer->log_duration('_MAIN.inc');
$action = param('action', 'string', NULL);
// Check if the user needs to be validated, but is not yet:
if (check_user_status('can_be_validated') && $action != 'logout' && $action != 'req_validatemail' && $action != 'validatemail' && $validate_required) {
// we're not in that action already:
$action = 'req_validatemail';
// for login.php
if ($is_admin_page) {
$login_error = T_('In order to access the admin interface, you must first activate your account by clicking on the activation link in the email we sent you. <b>See below:</b>');
}
}
// asimo> If login action is not empty and there was no login error, and action is not logut the we must log in
if (!empty($login_action) && empty($login_error) && $action != 'logout') {
// Trigger plugin event that allows the plugins to re-act on the login event:
// TODO: dh> these events should provide a flag "login_attempt_failed".
if (empty($current_User)) {
$Plugins->trigger_event('AfterLoginAnonymousUser', array());
} else {
$Plugins->trigger_event('AfterLoginRegisteredUser', array());
if (!empty($login_action)) {
// We're coming from the Login form and need to redirect to the requested page:
$redirect_to = param('redirect_to', 'url', $baseurl);
if (empty($redirect_to) || preg_match('#/login.php([&?].*)?$#', $redirect_to) || preg_match('#/register.php([&?].*)?$#', $redirect_to) || preg_match('#disp=(login|register|lostpassword)#', $redirect_to)) {
// avoid redirect back to login/register screen. This shouldn't occur.
$redirect_to = $baseurl;
}
if ($email_login) {
$Messages->add(sprintf(T_('You are now logged in as <b>%s</b>'), $login), $exists_more ? 'error' : 'success');
}
header_redirect($redirect_to);
exit(0);
}
