PluXml - <?php echo L_AUTH_PAGE

plxPlugins->callHook('AdminAuthPrepend')); # Initialisation variable erreur $error = ''; $msg = ''; # Control et filtrage du parametre $_GET['p'] $redirect=$plxAdmin->aConf['racine'].'core/admin/'; if(!empty($_GET['p'])) { $racine = parse_url($plxAdmin->aConf['racine']); $get_p = parse_url(urldecode($_GET['p'])); $error = (!$get_p OR (isset($get_p['host']) AND $racine['host']!=$get_p['host'])); if(!$error AND !empty($get_p['path']) AND file_exists(PLX_ROOT.'core/admin/'.basename($get_p['path']))) { # filtrage des parametres de l'url $query=''; if(isset($get_p['query'])) { $query=strtok($get_p['query'],'='); $query=($query[0]!='d'?'?'.$get_p['query']:''); } # url de redirection $redirect=$get_p['path'].$query; } } # Déconnexion if(!empty($_GET['d']) AND $_GET['d']==1) { $_SESSION = array(); session_destroy(); header('Location: auth.php'); exit; $formtoken = $_SESSION['formtoken']; # sauvegarde du token du formulaire $_SESSION = array(); session_destroy(); session_start(); $msg = L_LOGOUT_SUCCESSFUL; $_GET['p']=''; $_SESSION['formtoken']=$formtoken; # restauration du token du formulaire unset($formtoken); } # Authentification if(!empty($_POST['login']) AND !empty($_POST['password'])) { $connected = false; foreach($plxAdmin->aUsers as $userid => $user) { if ($_POST['login']==$user['login'] AND sha1($user['salt'].md5($_POST['password']))===$user['password'] AND $user['active'] AND !$user['delete']) { $_SESSION['user'] = $userid; $_SESSION['profil'] = $user['profil']; $_SESSION['hash'] = plxUtils::charAleatoire(10); $_SESSION['domain'] = $session_domain; $_SESSION['lang'] = $user['lang']; $connected = true; break; } } if($connected) { header('Location: '.htmlentities($redirect)); exit; } else { $msg = L_ERR_WRONG_PASSWORD; $error = 'error'; } } plxUtils::cleanHeaders(); ?> PluXml - <?php echo L_AUTH_PAGE_TITLE ?> plxPlugins->callHook('AdminAuthEndHead')) ?>

plxPlugins->callHook('AdminAuthTop')) ?>

plxPlugins->callHook('AdminAuthEndBody')) ?>