if (isset($_GET['logout'])) { $pommo->_auth->logout(); header('Location: ' . $pommo->_http . $pommo->_baseUrl . 'index.php'); } // check if user is already logged in if ($pommo->_auth->isAuthenticated()) { // If user is authenticated (has logged in), redirect to admin.php Pommo::redirect($pommo->_http . $pommo->_baseUrl . 'admin/admin.php'); } elseif (isset($_POST['submit']) && !empty($_POST['username']) && !empty($_POST['password'])) { $auth = PommoAPI::configGet(array('admin_username', 'admin_password')); if ($_POST['username'] == $auth['admin_username'] && md5($_POST['password']) == $auth['admin_password']) { // don't perform maintenance if accessing support area if (!isset($_GET['referer']) || !basename($_GET['referer']) == 'support.php') { // LOGIN SUCCESS -- PERFORM MAINTENANCE, SET AUTH, REDIRECT TO REFERER Pommo::requireOnce($pommo->_baseDir . 'inc/helpers/maintenance.php'); PommoHelperMaintenance::perform(); } $pommo->_auth->login($_POST['username']); Pommo::redirect($pommo->_http . $_POST['referer']); } else { $logger->addMsg(Pommo::_T('Failed login attempt. Try again.')); } } elseif (!empty($_POST['resetPassword'])) { // TODO -- visit this function later // Check if a reset password request has been received // check that captcha matched if (!isset($_POST['captcha'])) { // generate captcha $captcha = substr(md5(rand()), 0, 4); $smarty->assign('captcha', $captcha); } elseif ($_POST['captcha'] == $_POST['realdeal']) {