$hashedPass = md5(postRequestElement('admin_pass1'));
// Kill maybe existing session variables
- destroyAdminSession(false);
+ destroyAdminSession();
// Do registration
$ret = addAdminAccount(postRequestElement('admin_login'), $hashedPass, getWebmaster());
$done = changeDataInLocalConfigurationFile('ADMIN-SETUP', "setConfigEntry('ADMIN_REGISTERED', '", "');", 'Y', 0);
// Was it successfull?
- if ($done === true) {
+ if ($done === TRUE) {
// Registering is done
redirectToUrl('modules.php?module=admin&register=done');
} else {
$content['error_message'] = '';
// Yet-another notice-fix
- if ((isFormSent()) && (postRequestElement('ok') == '***')) {
+ if ((isFormSent('add_first_admin')) && (postRequestElement('ok') == '***')) {
// Init variables
$loginMessage = '';
$pass1Message = '';
} // END - if
// Output error messages
- $content['login_message'] = loadTemplate('admin_login_msg', true, $loginMessage);
- $content['pass1_message'] = loadTemplate('admin_login_msg', true, $pass1Message);
- $content['pass2_message'] = loadTemplate('admin_login_msg', true, $pass2Message);
- $content['error_message'] = loadTemplate('admin_login_msg', true, $errorMessage);
+ $content['login_message'] = loadTemplate('admin_login_msg', TRUE, $loginMessage);
+ $content['pass1_message'] = loadTemplate('admin_login_msg', TRUE, $pass1Message);
+ $content['pass2_message'] = loadTemplate('admin_login_msg', TRUE, $pass2Message);
+ $content['error_message'] = loadTemplate('admin_login_msg', TRUE, $errorMessage);
} // END - if
// Output message in seperate template
displayMessage('{--ADMIN_ACCOUNT_NOT_REGISTERED_YET--}');
// Load register template
- loadTemplate('admin_reg_form', false, $content);
+ loadTemplate('admin_reg_form', FALSE, $content);
} // END - if
} elseif (isGetRequestElementSet('reset_pass')) {
// Is the form submitted?
displayMessage(sendAdminPasswordResetLink(postRequestElement('email')));
} elseif (isGetRequestElementSet('hash')) {
// Output form for hash validation
- loadTemplate('admin_validate_reset_hash_form', false, getRequestElement('hash'));
+ loadTemplate('admin_validate_reset_hash_form', FALSE, getRequestElement('hash'));
} elseif ((isPostRequestElementSet('validate_hash')) && (isPostRequestElementSet('admin_login')) && (isPostRequestElementSet('hash'))) {
// Validate the login data and hash
$valid = adminResetValidateHashLogin(postRequestElement('hash'), postRequestElement('admin_login'));
// Valid?
- if ($valid === true) {
+ if ($valid === TRUE) {
// Prepare content first
$content = array(
'hash' => postRequestElement('hash'),
);
// Validation okay so display form for final password change
- loadTemplate('admin_reset_password_form', false, $content);
+ loadTemplate('admin_reset_password_form', FALSE, $content);
} else {
// Cannot validate the login data and hash
displayMessage('{--ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED--}');
// Okay, we shall the admin password here. So first revalidate the hash
if (adminResetValidateHashLogin(postRequestElement('hash'), postRequestElement('admin_login'))) {
// Output result
- loadTemplate('admin_reset_password_done', false, doResetAdminPassword(postRequestElement('admin_login'), postRequestElement('admin_pass1')));
+ loadTemplate('admin_reset_password_done', FALSE, doResetAdminPassword(postRequestElement('admin_login'), postRequestElement('admin_pass1')));
} else {
// Validation failed
displayMessage('{--ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED2--}');
case '404': // Administrator login not found
setPostRequestElement('login', $ret);
$ret = '{%message,ADMIN_ACCOUNT_404=' . postRequestElement('admin_login') . '%}';
- destroyAdminSession();
+ destroyAdminSession(TRUE);
break;
case 'password': // Wrong password
setPostRequestElement('login', $ret);
$ret = '{--WRONG_PASS--} [<a href="{%url=modules.php?module=admin&reset_pass=1%}">{--ADMIN_RESET_PASS--}</a>]';
- destroyAdminSession();
+ destroyAdminSession(TRUE);
break;
default: // Others will be logged
// Load message templates if the messages have been set
if (!empty($loginMessage)) {
- $content['login_message'] = loadTemplate('admin_login_msg', true, $loginMessage);
+ $content['login_message'] = loadTemplate('admin_login_msg', TRUE, $loginMessage);
} // END - if
if (!empty($passwdMessage)) {
- $content['pass_message'] = loadTemplate('admin_login_msg', true, $passwdMessage);
+ $content['pass_message'] = loadTemplate('admin_login_msg', TRUE, $passwdMessage);
} // END - if
} // END - if
$content['all_parameter'] = addAllGetRequestParameters();
// Load login form template
- loadTemplate('admin_login_form', false, $content);
+ loadTemplate('admin_login_form', FALSE, $content);
} // END - if
} elseif (isGetRequestElementSet('logout')) {
// Only try to remove cookies
- if (destroyAdminSession()) {
+ if (destroyAdminSession(TRUE)) {
// Load logout template
if (isGetRequestElementSet('register')) {
// Secure input
}
} else {
// Something went wrong here...
- loadTemplate('admin_settings_unsaved', false, '{--ADMIN_LOGOUT_FAILED--}');
+ loadTemplate('admin_settings_unsaved', FALSE, '{--ADMIN_LOGOUT_FAILED--}');
// Add fatal message
addFatalMessage(__FILE__, __LINE__, '{--CANNOT_UNREG_SESS--}');
case '404': // Administrator login not found
setPostRequestElement('login', $ret);
displayMessage('{%message,ADMIN_ACCOUNT_404=' . getCurrentAdminId() . '%}');
- destroyAdminSession();
+ destroyAdminSession(TRUE);
break;
case 'password': // Wrong password
setPostRequestElement('login', $ret);
displayMessage('{--WRONG_PASS--}');
- destroyAdminSession();
+ destroyAdminSession(TRUE);
+ break;
+
+ case 'session': // Invalid admin session
+ setPostRequestElement('login', $ret);
+ displayMessage('{--INVALID_ADMIN_SESSION--}');
+ destroyAdminSession(TRUE);
break;
default: // Others will be logged
projects / mailer.git / blobdiff