security->user && !isset($_GET['auth_key']) ) {
$berta->security->destroy();
header("Location: login.php?" . uniqid());
exit;
}
if ($options['HOSTING_PROFILE']) {
// if key, cURL check if autorized on auth_server
if (isset($_GET['auth_key'])){
$isLoggedIn = $berta->security->isLoggedIn($options['HOSTING_PROFILE'].'?auth_key='.$_GET['auth_key'].'&auth_user='.$options['AUTH_user'], $_GET['auth_key']);
if ($isLoggedIn) {
$_POST['auth_action'] = 'login';
$_REQUEST['auth_browser'] = 'supported';
$_REQUEST['auth_user'] = $options['AUTH_user'];
$_REQUEST['auth_pass'] = $options['AUTH_password'];
}else{
header("Location: login.php?autherror=1");
exit;
}
}
$login_action = $options['HOSTING_PROFILE'];
}else{
$login_action = $ENGINE_ABS_ROOT . 'login.php';
}
$auth_action = isset($_POST["auth_action"]) ? $_POST["auth_action"] : false;
$errStr = "";
$authErr = isset($_GET["autherror"]) ? $_GET["autherror"] : false;
if($authErr)
//$errStr = $berta->security->getError("auth", $authErr);
$errStr = $berta->security->getError("login", 5);
if($auth_action == "login" && !$errStr) {
if(empty($_REQUEST['auth_browser']) || $_REQUEST['auth_browser'] == 'invalid') {
header('Location: ./ie.php');exit;
} else {
if($berta->security->login($_REQUEST['auth_user'], $_REQUEST['auth_pass'], $options['AUTH_user'], $options['AUTH_password'])) {
// update media cache for all sections ...
include 'inc.cleanup_and_update.php';
// redirect to main page ...
header("Location: $ENGINE_ABS_ROOT");
exit;
} else
$errStr = $berta->security->getError("login", $berta->security->errLogin);
}
}
$int_version = $options['int_version'];
?>
<?php echo $berta->settings->get('texts', 'page-title') ?> / login