// try to authenticate by IP if ($loginInst->authByIp()) { $HTTP_SESSION_VARS['loginid'] = $loginInst->authByIp(); } elseif (tool::securePost('loginname') && $loginInst->authByPassword(tool::securePost('loginname'), tool::securePost('password'))) { $HTTP_SESSION_VARS['loginid'] = $loginInst->authByPassword(tool::securePost('loginname'), tool::securePost('password')); } if (isset($HTTP_SESSION_VARS['loginid']) && $HTTP_SESSION_VARS['loginid'] != "" && !session_is_registered("loginid")) { $loginid = $HTTP_SESSION_VARS['loginid']; if (!session_register("loginid")) { echo "<b>" . $lang['common_unableToSaveLoginInSession'] . "</b><br>"; // could not save session -> give up exit; } } elseif (!session_is_registered("loginid") && (tool::securePost('loginname') || tool::securePost('password'))) { // show error message only, if username/password was submitted tool::errorStatus($lang['common_userUnknownOrPasswordWrong']); } } // Choose content for page. if (session_is_registered("loginid")) { if (!isset($HTTP_SESSION_VARS['loginid']) || $HTTP_SESSION_VARS['loginid'] == "") { echo "<b>" . $lang['common_unableToFindloginInSession'] . "</b><br>"; // could not save session -> give up exit; } // activate user $loginInst->activate($HTTP_SESSION_VARS['loginid']); // determine actual page if (tool::secureGet("content") && eregi("php\$", tool::secureGet("content")) && !eregi("http", tool::secureGet("content"))) { if (!file_exists(tool::secureGet("content"))) { // given file does not exist