header("Location: " . $serendipity['baseURL']); } else { if (IS_installed === true) { /* Check author token to insure session not hijacked */ if (!isset($_SESSION['author_token']) || !isset($serendipity['COOKIE']['author_token']) || $_SESSION['author_token'] !== $serendipity['COOKIE']['author_token']) { $_SESSION['serendipityAuthedUser'] = false; serendipity_session_destroy(); } if (!serendipity_userLoggedIn()) { // Try again to log in, this time with enabled external authentication event hook serendipity_login(true); } } } // If we are inside an iframe, halt the script if (serendipity_is_iframe() !== false) { include_once S9Y_INCLUDE_PATH . 'include/functions_entries_admin.inc.php'; // An iframe may NOT contain <html> and </html> tags, that's why we emit different headers here than on serendipity_admin.php // We need to restore GET/POST variables to that depending plugins inside the iframe // can still fetch all that variables; and we also tighten security by not allowing // to pass any different GET/POST variables to our iframe. $iframe_mode = $serendipity['GET']['iframe_mode']; $serendipity['POST'] =& $_SESSION['save_entry_POST']; $serendipity['GET'] =& $_SESSION['save_entry_POST']; // GET-Vars are the same as POST to ensure compatibility. $serendipity['hidefooter'] = true; ignore_user_abort(true); echo serendipity_iframe($_SESSION['save_entry'], $iframe_mode); return true; } if (isset($serendipity['GET']['no_smarty']) || isset($serendipity['no_smarty'])) {
serendipity_logout(); } else { if (IS_installed === true) { /* Check author token to insure session not hijacked */ if (!isset($_SESSION['author_token']) || !isset($serendipity['COOKIE']['author_token']) || $_SESSION['author_token'] !== $serendipity['COOKIE']['author_token']) { $_SESSION['serendipityAuthedUser'] = false; serendipity_session_destroy(); } if (!serendipity_userLoggedIn()) { // Try again to log in, this time with enabled external authentication event hook serendipity_login(true); } } } // If we are inside an iframe, halt the script if (serendipity_is_iframe()) { return true; } if (isset($serendipity['GET']['no_smarty']) || isset($serendipity['no_smarty'])) { $_SESSION['no_smarty'] = true; } $admin_css_file = serendipity_getTemplateFile('admin/pluginmanager.css'); if (defined('IS_up2date') && IS_up2date === true && IS_installed === true) { $admin_installed = true; } else { $admin_installed = false; } $is_logged_in = serendipity_userLoggedIn(); if ($is_logged_in) { $self_info = sprintf(USER_SELF_INFO, htmlspecialchars($serendipity['serendipityUser']), $serendipity['permissionLevels'][$serendipity['serendipityUserlevel']]); } else {