<?php include_once PLX_CORE.'lib/class.plx.token.php'; include(PLX_CORE.'/lang/'.$plxShow->plxMotor->aConf['default_lang'].'/admin.php'); # Control du token du formulaire plxToken::validateFormToken($_POST); # demande de connexion if (!empty($_POST['login']) and !empty($_POST['password'])) { $connected = false; foreach ($plxShow->plxMotor->aUsers as $userid => $user) { if ($_POST['login'] == $user['login'] and sha1($user['salt'] . md5($_POST['password'])) === $user['password'] and $user['active'] and !$user['delete']) { $_SESSION['user'] = $userid; $_SESSION['profil'] = $user['profil']; $_SESSION['hash'] = plxUtils::charAleatoire(10); $_SESSION['domain'] = $session_domain; $_SESSION['admin_lang'] = $user['lang']; $connected = true; break; } } if ($connected) { header('Location: ' .$_SERVER['PHP_SELF']); exit; } else { $css = 'alert red'; echo '<p class="'.$css.'>'.$LANG['L_ERR_WRONG_PASSWORD'].'</p>'; } } # affichage formumaire si non connecter if (!isset($_SESSION['profil']) ) { ?> <main class="main"> <div class="container"> <div class="grid"> <div class="content col sml-12"> <article class="article" > <header> <h2> <?php echo $LANG['L_AUTH_PAGE_TITLE']; ?> </h2> </header> <form method="post" id="form_auth"> <fieldset> <?php echo plxToken::getTokenPostMethod() ?> <div class="grid"> <div class="col sml-12"> <label><?= $LANG['L_AUTH_LOGIN_FIELD'] ?></label> <input id="id_login" name="login" type="text" autofocus class="full-width" placeholder="Login de connexion" size="10" maxlength="255"/> </div> </div> <div class="grid"> <div class="col sml-12"> <label><?= $LANG['L_AUTH_PASSWORD_FIELD'] ?></label> <input id="id_password" name="password" type="password" class="full-width" placeholder="Mot de passe" size="10" maxlength="255"/> </div> </div> <div class="grid"> <div class="col sml-12"> <small><a href="/core/admin/auth.php?action=lostpassword" target="_blank"><?= $LANG['L_LOST_PASSWORD'] ?></a></small> </div> </div> <div class="grid"> <div class="col sml-12 text-center"> <input class="blue" type="submit" value="Valider"/> </div> </div> </fieldset> </form>'; </article> </div> </div> </div> </main> <?php include __DIR__.'/footer.php'; exit; }