<?php //promt for a password if there there is no user set if (!isset($_SESSION['AMP_user'])) { //|| (isset($_SESSION['AMP_user']->username) && $_SESSION['AMP_user']->username != $_SERVER['PHP_AUTH_USER'])) { //if we dont have a username/pass prompt for one if (!$username || !$password || !count(getAmpAdminUsers())) { switch (strtolower($amp_conf['AUTHTYPE'])) { case 'database': $no_auth = true; break; case 'webserver': header('HTTP/1.0 401 Unauthorized'); case 'none': break; } } //test credentials switch (strtolower($amp_conf['AUTHTYPE'])) { case 'webserver': // handler for apache doing authentication $_SESSION['AMP_user'] = new ampuser($_SERVER['PHP_AUTH_USER']); if (!empty($_SESSION['AMP_user']->username)) { // admin user, grant full access $_SESSION['AMP_user']->setAdmin(); } else { unset($_SESSION['AMP_user']); $no_auth = true; } break; case 'none':
} //if we have no admin users AND were trying to set one up if (!count(getAmpAdminUsers()) && $action == 'setup_admin' && !$config_vars['obe_error_msg']) { //validate the inputs framework_obe_intialize_admin($config_vars['username'], $config_vars['password'], $config_vars['confirm_password'], $config_vars['email_address'], $config_vars['confirm_email']); } //if we (still) have no admin users if (!count(getAmpAdminUsers())) { $login = $config_vars; $login['amp_conf'] = $amp_conf; $login['errors'] = $config_vars['obe_error_msg']; echo load_view($amp_conf['VIEW_OBE'], $login); unset($_SESSION['AMP_user']); } //prompt for a password if we have users if (count(getAmpAdminUsers())) { //error message $login['errors'] = array(); if ($config_vars['username'] && $action !== 'setup_admin') { $login['errors'][] = _('Invalid Username or Password'); } //show fop option if enabled, probobly doesnt belong on the //login page $login['panel'] = false; if (!empty($amp_conf['FOPWEBROOT']) && is_dir($amp_conf['FOPWEBROOT'])) { $login['panel'] = str_replace($amp_conf['AMPWEBROOT'] . '/admin/', '', $amp_conf['FOPWEBROOT']); } $login['amp_conf'] = $amp_conf; echo load_view($amp_conf['VIEW_LOGIN'], $login); } break;