query("SELECT password,perms FROM ".C_REG_TBL." WHERE username='$AUTH_USERNAME' LIMIT 1"); if ($DbLink4Login->num_rows() != 0) { list($PWD_Hash, $perms) = $DbLink4Login->next_record(); if ($PWD_Hash == md5($AUTH_PASSWORD) || $PWD_Hash == $AUTH_PASSWORD) { // Ensure the one who lauch the admin.php3 script is really admin if (isset($MUST_BE_ADMIN) && $perms != "admin") { $Error = L_ERR_USR_11; } else { $do_not_login = true; } } } $DbLink4Login->clean_results(); $DbLink4Login->close(); } // If no login yet entered if (!isset($do_not_login)) { // Special cache instructions for IE5+ $CachePlus = ""; if (ereg("MSIE [56789]", (isset($HTTP_USER_AGENT)) ? $HTTP_USER_AGENT : getenv("HTTP_USER_AGENT"))) $CachePlus = ", pre-check=0, post-check=0, max-age=0"; $now = gmdate('D, d M Y H:i:s') . ' GMT'; header("Expires: $now"); header("Last-Modified: $now"); header("Cache-Control: no-cache, must-revalidate".$CachePlus); header("Pragma: no-cache"); header("Content-Type: text/html; charset=${Charset}"); // avoid server configuration for magic quotes set_magic_quotes_runtime(0); if (isset($AUTH_PASSWORD)) { if (!isset($Error)) $Error = L_ERR_USR_10; } // If this script is lauch by a profile command, put focus to the password field $Focus = (isset($LIMIT) && $LIMIT == 1 ) ? "AUTH_PASSWORD" : "AUTH_USERNAME"; // For translations with an explicit charset (not the 'x-user-defined' one) if (!isset($FontName)) $FontName = ""; ?> ">