Example #1
0
if (isset($_GET['logout'])) {
    $pommo->_auth->logout();
    header('Location: ' . $pommo->_http . $pommo->_baseUrl . 'index.php');
}
// check if user is already logged in
if ($pommo->_auth->isAuthenticated()) {
    // If user is authenticated (has logged in), redirect to admin.php
    Pommo::redirect($pommo->_http . $pommo->_baseUrl . 'admin/admin.php');
} elseif (isset($_POST['submit']) && !empty($_POST['username']) && !empty($_POST['password'])) {
    $auth = PommoAPI::configGet(array('admin_username', 'admin_password'));
    if ($_POST['username'] == $auth['admin_username'] && md5($_POST['password']) == $auth['admin_password']) {
        // don't perform maintenance if accessing support area
        if (!isset($_GET['referer']) || !basename($_GET['referer']) == 'support.php') {
            // LOGIN SUCCESS -- PERFORM MAINTENANCE, SET AUTH, REDIRECT TO REFERER
            Pommo::requireOnce($pommo->_baseDir . 'inc/helpers/maintenance.php');
            PommoHelperMaintenance::perform();
        }
        $pommo->_auth->login($_POST['username']);
        Pommo::redirect($pommo->_http . $_POST['referer']);
    } else {
        $logger->addMsg(Pommo::_T('Failed login attempt. Try again.'));
    }
} elseif (!empty($_POST['resetPassword'])) {
    // TODO -- visit this function later
    // Check if a reset password request has been received
    // check that captcha matched
    if (!isset($_POST['captcha'])) {
        // generate captcha
        $captcha = substr(md5(rand()), 0, 4);
        $smarty->assign('captcha', $captcha);
    } elseif ($_POST['captcha'] == $_POST['realdeal']) {