448 document.forms.loginform.pass.focus(); |
446 document.forms.loginform.pass.focus(); |
449 </script> |
447 </script> |
450 <?php endif; ?> |
448 <?php endif; ?> |
451 <?php |
449 <?php |
452 echo $session->generate_aes_form(); |
450 echo $session->generate_aes_form(); |
|
451 |
|
452 // Any additional parameters that need to be passed back? |
|
453 if ( $p = $paths->getAllParams() ) |
|
454 { |
|
455 // ... only if we have a return_to destination. |
|
456 $get_fwd = $_GET; |
|
457 unset($get_fwd['do']); |
|
458 if ( isset($get_fwd['target_do']) ) |
|
459 { |
|
460 $get_fwd['do'] = $get_fwd['target_do']; |
|
461 unset($get_fwd['target_do']); |
|
462 } |
|
463 if ( isset($get_fwd['level']) ) |
|
464 unset($get_fwd['level']); |
|
465 if ( isset($get_fwd['title']) ) |
|
466 unset($get_fwd['title']); |
|
467 |
|
468 if ( !empty($get_fwd) ) |
|
469 { |
|
470 $get_string = htmlspecialchars(enano_json_encode($get_fwd)); |
|
471 echo '<input type="hidden" name="get_fwd" value="' . $get_string . '" />'; |
|
472 } |
|
473 } |
453 ?> |
474 ?> |
454 </form> |
475 </form> |
455 <?php |
476 <?php |
456 echo $session->aes_javascript('loginform', 'pass'); |
477 echo $session->aes_javascript('loginform', 'pass'); |
457 ?> |
478 ?> |
558 |
579 |
559 if ( !$skip_normal_login ) |
580 if ( !$skip_normal_login ) |
560 { |
581 { |
561 $result = $session->login_without_crypto($_POST['username'], $password, false, intval($_POST['auth_level']), $captcha_hash, $captcha_code, isset($_POST['remember'])); |
582 $result = $session->login_without_crypto($_POST['username'], $password, false, intval($_POST['auth_level']), $captcha_hash, $captcha_code, isset($_POST['remember'])); |
562 } |
583 } |
563 |
584 |
564 if($result['success']) |
585 if($result['success']) |
565 { |
586 { |
566 $session->start(); |
587 $session->start(); |
|
588 |
|
589 $get_add = false; |
|
590 if ( isset($_POST['get_fwd']) ) |
|
591 { |
|
592 try |
|
593 { |
|
594 $get_fwd = enano_json_decode($_POST['get_fwd']); |
|
595 $get_add = ''; |
|
596 foreach ( $get_fwd as $key => $value ) |
|
597 { |
|
598 $get_add .= "&{$key}=" . urlencode($value); |
|
599 } |
|
600 $get_add = ltrim($get_add, '&'); |
|
601 } |
|
602 catch ( Exception $e ) |
|
603 { |
|
604 } |
|
605 } |
567 |
606 |
568 $template->load_theme($session->theme, $session->style); |
607 $template->load_theme($session->theme, $session->style); |
569 if(isset($_POST['return_to'])) |
608 if(isset($_POST['return_to'])) |
570 { |
609 { |
571 $name = ( isPage($_POST['return_to']['name']) ) ? $paths->pages[$_POST['return_to']]['name'] : $_POST['return_to']; |
610 $name = ( isPage($_POST['return_to']['name']) ) ? $paths->pages[$_POST['return_to']]['name'] : $_POST['return_to']; |
572 $subst = array( |
611 $subst = array( |
573 'username' => $session->username, |
612 'username' => $session->username, |
574 'redir_target' => $name |
613 'redir_target' => $name |
575 ); |
614 ); |
576 redirect( makeUrl($_POST['return_to'], false, true), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) ); |
615 redirect( makeUrl($_POST['return_to'], $get_add), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) ); |
577 } |
616 } |
578 else |
617 else |
579 { |
618 { |
580 $subst = array( |
619 $subst = array( |
581 'username' => $session->username, |
620 'username' => $session->username, |
582 'redir_target' => $lang->get('user_login_success_body_mainpage') |
621 'redir_target' => $lang->get('user_login_success_body_mainpage') |
583 ); |
622 ); |
584 redirect( makeUrl(get_main_page(), false, true), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) ); |
623 redirect( makeUrl(get_main_page(), $get_add), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) ); |
585 } |
624 } |
586 } |
625 } |
587 else |
626 else |
588 { |
627 { |
589 if ( $result['error'] === 'valid_reset' ) |
628 if ( $result['error'] === 'valid_reset' ) |