<?phpif (file_exists('auth.php')) { return;}if (isset($_GET['logo

1. <?php
2.  
3. if (file_exists('auth.php')) {
4. return;
5. }
6.  
7. if (isset($_GET['logout'])) {
8. $_SESSION = array();
9.  
10. if (isset($_COOKIE[session_name()])) {
11. setcookie(session_name(), '', time() - 42000, '/');
12. }
13. session_destroy();
14.  
15. loc('/admincp');
16. }
17.  
18. $_core_authentificated = false;
19.  
20. if (!isset($_SESSION['_core_username']) || !isset($_SESSION['_core_password'])) {
21. $_SESSION['_core_username'] = '';
22. $_SESSION['_core_password'] = '';
23. }
24.  
25. if (!empty($_REQUEST['_core_username']) && !empty($_REQUEST['_core_password'])) {
26. $_SESSION['_core_username'] = $_REQUEST['_core_username'];
27. $_SESSION['_core_password'] = $_REQUEST['_core_password'];
28. }
29.  
30. if ((empty($_SESSION['_core_username']) || empty($_SESSION['_core_password'])) && basename(PS) != 'index.php') {
31. loc('/admincp');
32. }
33.  
34. $users = $_config->admincp->toArray();
35.  
36. $username = $_SESSION['_core_username'];
37. $password = $_SESSION['_core_password'];
38.  
39. if (isset($users[$username]) && $users[$username] == $password) {
40. $_core_authentificated = true;
41. } else {
42. if (basename(PS) != 'index.php') {
43. loc('/admincp');
44. }
45. }
46.  
47. ?>
48.  
49. ## loc function
50.  
51. <?php
52.  
53. function loc($uri = true, $params = array()) {
54. if ($uri === true) {
55. header('Location: ' . $_SERVER['HTTP_REFERER']);
56. }
57.  
58. if (count($params) > 0) {
59. $computed = array();
60. foreach ($params as $name => $value) {
61. $computed[] = $name . '=' . rawurlencode($value);
62. }
63.  
64. $uri .= '?' . join('&', $computed);
65. }
66.  
67. header('Location: ' . $uri);
68. exit;
69. }
70.  
71. ?>