* @copyright PrestaShop * @license http://www.opensource.org/licenses/osl-3.0.php Open-source licence 3.0 * @version 1.3 * */ define('PS_ADMIN_DIR', getcwd()); include(PS_ADMIN_DIR.'/../config/config.inc.php'); include(PS_ADMIN_DIR.'/functions.php'); $errors = array(); // Checking path $pathUser = preg_replace('!^/!', '', str_replace('\\', '/', $_SERVER['PHP_SELF'])); $pathServer = preg_replace('!^/!', '', str_replace('\\', '/', str_replace($_SERVER['DOCUMENT_ROOT'], '', $_SERVER['SCRIPT_FILENAME']))); if ($pathServer != $pathUser) $errors[] = Tools::displayError('Path is not the same between your browser and you server :').'

'. Tools::displayError('- Server:').'
'.htmlentities($pathServer).'

'. Tools::displayError('- Browser:').'
'.htmlentities($pathUser); $cookie = new Cookie('psAdmin', substr($_SERVER['PHP_SELF'], strlen(__PS_BASE_URI__), -10)); if (!isset($cookie->id_lang)) $cookie->id_lang = Configuration::get('PS_LANG_DEFAULT'); $iso = strtolower(Language::getIsoById(intval($cookie->id_lang))); include(_PS_TRANSLATIONS_DIR_.$iso.'/admin.php'); /* Cookie creation and redirection */ if (Tools::isSubmit('Submit')) { /* Check fields validity */ $passwd = trim(Tools::getValue('passwd')); $email = trim(Tools::getValue('email')); if (empty($email)) $errors[] = Tools::displayError('e-mail is empty'); elseif (!Validate::isEmail($email)) $errors[] = Tools::displayError('invalid e-mail address'); elseif (empty($passwd)) $errors[] = Tools::displayError('password is blank'); elseif (!Validate::isPasswd($passwd)) $errors[] = Tools::displayError('invalid password'); else { /* Seeking for employee */ $employee = new Employee(); $employee = $employee->getByemail($email, $passwd); if (!$employee) { $errors[] = Tools::displayError('employee does not exist, or bad password'); $cookie->logout(); } else { /* Creating cookie */ $cookie->id_employee = $employee->id; $cookie->lastname = $employee->lastname; $cookie->firstname = $employee->firstname; $cookie->email = $employee->email; $cookie->profile = $employee->id_profile; $cookie->passwd = $employee->passwd; $cookie->remote_addr = ip2long($_SERVER['REMOTE_ADDR']); $cookie->write(); /* Redirect to admin panel */ if (isset($_GET['redirect'])) $url = strval($_GET['redirect'].(isset($_GET['token']) ? ('&token='.$_GET['token']) : '')); else $url = 'index.php'; if (!Validate::isCleanHtml($url)) die(Tools::displayError()); echo '
'.translate('Click here to launch Administration panel').'
'; exit ; } } } echo ' PrestaShop™ - '.translate('Administration panel').''; echo '
'; if ($nbErrors = sizeof($errors)) { echo '

'.($nbErrors > 1 ? translate('There are') : translate('There is')).' '.$nbErrors.' '.($nbErrors > 1 ? translate('errors') : translate('error')).'

    '; foreach ($errors AS $error) echo '
  1. '.$error.'
    2. '; echo '

'; } echo '
'; $randomNb = rand(100, 999); if(file_exists(PS_ADMIN_DIR.'/../install') OR file_exists(PS_ADMIN_DIR.'/../admin')) { echo ' '.translate('For security reasons, you cannot connect to the Back Office until after you have:').'

- '.translate('deleted the /install folder').'
- '.translate('renamed the /admin folder (eg. ').'/admin'.$randomNb.')

'.translate('Please then access this page by the new url (eg. http://www.domain.tld/admin').$randomNb.')'; } else { echo '

'; } ?>
'; ?>