// Three POST parameters:
// $_POST['name'], $_POST['password'], $_POST['remember']
if (isset($_POST['name']) && isset($_POST['password'])) {
$userdata = $db->getuserdata_login($_POST['name'], $_POST['password']);
if ($userdata != NULL) {
$_SESSION['username'] = $userdata['username'];
$_SESSION['userid'] = generateRandID();
$_SESSION['userlevel'] = $userdata['userlevel'];
$_SESSION['admin'] = $userdata['mod_admin'];
$_SESSION['mod_array'] = $userdata['mod_array'];
$_SESSION['mod_global'] = $userdata['mod_global'];
if ($userdata['mod_global'] || $userdata['mod_array']) {
$_SESSION['moderator'] = true;
}
// Update userid field
$db->updateuser($_POST['name'], $_SESSION['userid']);
} else {
// Login error - show that in the template
$sm->assign("loginerror", 1);
}
}
//This checks to see if end user has even bothered to change the default email. No use giving a link to something that won't work. ~tyamzzz
if (THprofile_emailaddr != "THIS IS NOT AN EMAIL") {
$sm->assign("showreset", 1);
}
if (isset($_SESSION['username'])) {
// Set logged-in vars
$sm->assign("loggedin", 1);
$sm->assign("username", $_SESSION['username']);
}
$sm->display("login.tpl", null);
