$Auth = new BasicAuth();
$DB = new Database($config['db_host'], $config['db_user'], $config['db_pass'], $config['db_name']);
$sessionCurrentStatus = false;
/* Handle login request */
if (isset($_POST['login']) and isset($_POST['password'])) {
$providedName = $_POST['login'];
$providedPassword = $_POST['password'];
/* Find if users exists */
$userName = $DB->escapeData($providedName);
$userParameters = $DB->getData("users", "WHERE login='******'");
if (count($userParameters) == 0) {
/* DO SOMETHING IN THAT CASE */
} else {
$Authenticated = $Auth->AuthOnSSHA($providedPassword, $userParameters[0]['password']);
if ($Authenticated) {
$Auth->sessionEstablish($userParameters[0]);
unset($_POST);
header("Location: " . $config['system_root']);
die;
} else {
/* DO SOMETHING IN THAT CASE */
}
}
}
/* If this is not index.php and request was not authorized, cut it loose */
if ($_SESSION['id'] == "" and $_SESSION['key'] == "") {
/* This is surely unauthorized session */
if ($config['system_root'] . "index.php" != $_SERVER['SCRIPT_NAME']) {
header("Location: " . $config['system_root']);
die;
}