/**
* Outputs an admin login form at /admin if the
* user isn't logged in as an admin. If they are,
* it simply forwards to / where they should see
* the admin toolbar and edit buttons.
*/
$page->id = 'admin';
$page->layout = 'admin';
if (isset($_GET['redirect'])) {
$_POST['redirect'] = $_GET['redirect'];
}
if (!isset($_POST['redirect']) || empty($_POST['redirect']) || !Validator::validate($_POST['redirect'], 'header')) {
$_POST['redirect'] = $appconf['General']['login_redirect'];
}
$redir = parse_url($_POST['redirect']);
if ($redir === false || $_POST['redirect'] !== $redir['path'] && $_POST['redirect'] !== $redir['path'] . '?' . $redir['query']) {
$_POST['redirect'] = $appconf['General']['login_redirect'];
}
if (!User::require_admin()) {
$page->title = sprintf('<img src="%s" alt="%s" style="margin-left: -7px" />', Product::logo_login(), Product::name());
$page->window_title = __('Please log in to continue.');
if (!empty($_POST['username'])) {
echo '<p>' . __('Incorrect email or password, please try again.') . '</p>';
} else {
echo '<p>' . __('Please log in to continue.') . '</p>';
}
echo $tpl->render('admin/index');
return;
}
$this->redirect($_POST['redirect']);
