// try to authenticate by IP
if ($loginInst->authByIp()) {
$HTTP_SESSION_VARS['loginid'] = $loginInst->authByIp();
} elseif (tool::securePost('loginname') && $loginInst->authByPassword(tool::securePost('loginname'), tool::securePost('password'))) {
$HTTP_SESSION_VARS['loginid'] = $loginInst->authByPassword(tool::securePost('loginname'), tool::securePost('password'));
}
if (isset($HTTP_SESSION_VARS['loginid']) && $HTTP_SESSION_VARS['loginid'] != "" && !session_is_registered("loginid")) {
$loginid = $HTTP_SESSION_VARS['loginid'];
if (!session_register("loginid")) {
echo "<b>" . $lang['common_unableToSaveLoginInSession'] . "</b><br>";
// could not save session -> give up
exit;
}
} elseif (!session_is_registered("loginid") && (tool::securePost('loginname') || tool::securePost('password'))) {
// show error message only, if username/password was submitted
tool::errorStatus($lang['common_userUnknownOrPasswordWrong']);
}
}
// Choose content for page.
if (session_is_registered("loginid")) {
if (!isset($HTTP_SESSION_VARS['loginid']) || $HTTP_SESSION_VARS['loginid'] == "") {
echo "<b>" . $lang['common_unableToFindloginInSession'] . "</b><br>";
// could not save session -> give up
exit;
}
// activate user
$loginInst->activate($HTTP_SESSION_VARS['loginid']);
// determine actual page
if (tool::secureGet("content") && eregi("php\$", tool::secureGet("content")) && !eregi("http", tool::secureGet("content"))) {
if (!file_exists(tool::secureGet("content"))) {
// given file does not exist
