getConfig('https_login_required', 'n'); if ($gBitSystem->isFeatureActive( 'https_login_required' ) && !$https_mode) { $url = $gBitSystem->getConfig( 'https_domain' ); $https_port = $gBitSystem->getConfig('https_port', $https_port); if ($https_port != 443) $url .= ':' . $https_port; $url .= $gBitSystem->getConfig( 'https_prefix' ) . $gBitSystem->getDefaultPage(); if (SID) $url .= '?' . SID; $url = preg_replace('/\/+/', '/', $url); header("Location: https://$url"); exit; } $user = isset($_REQUEST['user']) ? $_REQUEST['user'] : false; $pass = isset($_REQUEST['pass']) ? $_REQUEST['pass'] : false; $challenge = isset($_REQUEST['challenge']) ? $_REQUEST['challenge'] : false; $response = isset($_REQUEST['response']) ? $_REQUEST['response'] : false; // if $referer is set, login() will return the user to whence he came $url = $gBitUser->login( $user, $pass, $challenge, $response ); if (!preg_match('/^\w+:\/{2}/', $url)) { $url = httpPrefix() . $url; } // but if we came from a login page, let's go home (except if we got an error when login in) if( (strpos( $url, 'login.php?' ) || strpos( $url, 'remind_password.php' )) && strpos( $url, 'login.php?error=') == -1) { $url = $gBitSystem->getDefaultPage(); } header('Location: ' . $url); exit; ?>