Index: trunk/kernel/frontaction.php
===================================================================
diff -u -r408 -r510
--- trunk/kernel/frontaction.php (.../frontaction.php) (revision 408)
+++ trunk/kernel/frontaction.php (.../frontaction.php) (revision 510)
@@ -34,54 +34,61 @@
{
case "m_login":
// if($objSession->ValidSession()) $objSession->Logout();
- //echo $objSession->GetSessionKey()."
\n";
+ //echo $objSession->GetSessionKey()."
\n";
if ($objConfig->Get("CookieSessions") == 1 && $_COOKIE["CookiesTest"] != "1") {
$FormError["login"]["login_user"] = language("lu_cookies_error");
}
- else
+ else
+ {
+ $MissingCount = SetMissingDataErrors("login");
+ if($MissingCount==2)
{
- $MissingCount = SetMissingDataErrors("login");
- if($MissingCount==2)
- {
- $FormError["login"]["login_user"]= language("lu_ferror_loginboth");
- unset($FormError["login"]["login_password"]);
- }
-
- if($MissingCount==0)
- {
- if($_POST["login_user"]=="root")
- {
- $FormError["login"]["login_user"]= language("lu_access_denied");
- }
- else
- {
- if ($objSession->Login($_POST["login_user"], md5($_POST["login_password"])) == FALSE)
- {
- $FormError["login"]["login_password"] = language("lu_incorrect_login");
- }
- else
- {
- if( !headers_sent() && GetVar('usercookie') == 1 )
- {
- $c = $_POST["login_user"]."|";
- $pw = $_POST["login_password"];
- if(strlen($pw) < 31) $pw = md5($pw);
- $c .= $pw;
-
- setcookie("login",$c,time()+2592000);
- }
-
-
- // set new destination template if passed
- $dest = GetVar('dest', true);
- if(!$dest) $dest = GetVar('DestTemplate', true);
- if($dest) $var_list['t'] = $dest;
- //echo "DEST: $dest
";
- }
- }
- }
+ $FormError["login"]["login_user"]= language("lu_ferror_loginboth");
+ unset($FormError["login"]["login_password"]);
}
- break;
+
+ if($MissingCount==0)
+ {
+ if($_POST["login_user"]=="root")
+ {
+ $FormError["login"]["login_user"]= language("lu_access_denied");
+ }
+ else
+ {
+ $LoginCheck = $objSession->Login( $_POST["login_user"], md5($_POST["login_password"]) );
+ if($LoginCheck === true)
+ {
+ if( !headers_sent() && GetVar('usercookie') == 1 )
+ {
+ $c = $_POST["login_user"]."|";
+ $pw = $_POST["login_password"];
+ if(strlen($pw) < 31) $pw = md5($pw);
+ $c .= $pw;
+ setcookie("login",$c,time()+2592000);
+ }
+
+ // set new destination template if passed
+ $dest = GetVar('dest', true);
+ if(!$dest) $dest = GetVar('DestTemplate', true);
+ if($dest) $var_list['t'] = $dest;
+ }
+ else
+ {
+ switch($LoginCheck)
+ {
+ case -1: // user or/and pass wrong
+ $FormError["login"]["login_password"] = language("lu_incorrect_login");
+ break;
+
+ case -2: // user ok, but has no permission
+ $FormError["login"]["login_password"] = language("la_text_nopermissions");
+ break;
+ }
+ }
+ }
+ }
+ }
+ break;
case "m_forgotpw":
$MissingCount = SetMissingDataErrors("forgotpw");