<?php
unset($user);
$url = $_REQUEST['url'];
$message = $_REQUEST['message'];
$email = $_POST['email'];
$password = $_POST['password'];
if (isset($_POST['submit'])) {
$user = new AdminUser();
$user->find_by_email($email);
if (!$user->valid()) {
$message = "Invalid email address '{$email}'\n";
} else {
if (!$user->checkpassword($password)) {
$message = "Invalid password for {$email}\n";
} else {
$user->setcookie();
header("Location: http://{$url}");
exit;
}
}
}
page_header("Forum Admin Authentication");
if (isset($message)) {
echo "<font color=#ff0000>{$message}</font><br>\n";
}
?>
<form method="post" action="login.phtml?url=<?php
echo $url;
?>
">