* @copyright 2007-2011 PrestaShop SA * @version Release: $Revision: 7541 $ * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) * International Registered Trademark & Property of PrestaShop SA */ ob_start(); define('PS_ADMIN_DIR', getcwd()); include(PS_ADMIN_DIR.'/../config/config.inc.php'); include(PS_ADMIN_DIR.'/functions.php'); $clientIsMaintenanceOrLocal = in_array(Tools::getRemoteAddr(), array_merge(array('127.0.0.1'),explode(',', Configuration::get('PS_MAINTENANCE_IP')))); $errors = array(); if ((empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) == 'off') AND Configuration::get('PS_SSL_ENABLED')) { // You can uncomment theses lines if you want to force https even from localhost and automatically redirect // header('HTTP/1.1 301 Moved Permanently'); // header('Location: '.Tools::getShopDomainSsl(true).$_SERVER['REQUEST_URI']); // exit(); // If ssl is enabled, https protocol is required. Exception for maintenance and local (127.0.0.1) IP if ($clientIsMaintenanceOrLocal) $errors[] = translate('SSL is activated. However, your IP is allowed to use unsecure mode (Maintenance or local IP).').'
'; else $warningSslMessage = translate('SSL is activated. Please connect using the following url to log in in secure mode (https).') .'

https://'.Tools::getServerName().$_SERVER['REQUEST_URI'].''; } $cookie = new Cookie('psAdmin', substr($_SERVER['PHP_SELF'], strlen(__PS_BASE_URI__), -10)); if (!isset($cookie->id_lang)) $cookie->id_lang = Configuration::get('PS_LANG_DEFAULT'); $iso = strtolower(Language::getIsoById((int)($cookie->id_lang))); include(_PS_TRANSLATIONS_DIR_.$iso.'/admin.php'); include(_PS_TRANSLATIONS_DIR_.$iso.'/errors.php'); /* Cookie creation and redirection */ if (Tools::isSubmit('Submit')) { /* Check fields validity */ $passwd = trim(Tools::getValue('passwd')); $email = trim(Tools::getValue('email')); if (empty($email)) $errors[] = Tools::displayError('E-mail is empty'); elseif (!Validate::isEmail($email)) $errors[] = Tools::displayError('Invalid e-mail address'); elseif (empty($passwd)) $errors[] = Tools::displayError('Password is blank'); elseif (!Validate::isPasswd($passwd)) $errors[] = Tools::displayError('Invalid password'); else { /* Seeking for employee */ $employee = new Employee(); $employee = $employee->getByemail($email, $passwd); if (!$employee) { $errors[] = Tools::displayError('Employee does not exist or password is incorrect.'); $cookie->logout(); } else { /* Creating cookie */ $cookie->id_employee = $employee->id; $cookie->email = $employee->email; $cookie->profile = $employee->id_profile; $cookie->passwd = $employee->passwd; $cookie->remote_addr = ip2long(Tools::getRemoteAddr()); $cookie->write(); /* Redirect to admin panel */ if (isset($_GET['redirect'])) $url = strval($_GET['redirect'].(isset($_GET['token']) ? ('&token='.$_GET['token']) : '')); else $url = 'index.php'; if (!Validate::isCleanHtml($url)) die(Tools::displayError()); echo '
'.translate('Click here to launch Administration panel').'
'; exit ; } } } echo ' PrestaShop™ - '.translate('Administration panel').''; echo '
'; if ($nbErrors = sizeof($errors)) { echo '

'.($nbErrors > 1 ? translate('There are') : translate('There is')).' '.$nbErrors.' '.($nbErrors > 1 ? translate('errors') : translate('error')).'

    '; foreach ($errors AS $error) echo '
  1. '.$error.'
    2. '; echo '

'; } echo '

'.Tools::htmlentitiesUTF8(Configuration::get('PS_SHOP_NAME')).'

'; $randomNb = rand(100, 999); if (file_exists(PS_ADMIN_DIR.'/../install') OR file_exists(PS_ADMIN_DIR.'/../admin')) { echo ' '.translate('For security reasons, you cannot connect to the Back Office until after you have:').'

- '.translate('deleted the /install folder').'
- '.translate('renamed the /admin folder (eg. ').'/admin'.$randomNb.')

'.translate('Please then access this page by the new url (eg. http://www.domain.tld/admin').$randomNb.')'; } else { // If https enabled, we force it except if you try to log in from maintenance or local ip if ( (empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) == 'off') AND ( Configuration::get('PS_SSL_ENABLED') AND !$clientIsMaintenanceOrLocal) ) echo '
'.$warningSslMessage.'
'; else echo '

'; } ?>

© Copyright by PrestaShop. all rights reserved.

';