isFeatureActive( 'site_https_login_required' ) && !$https_mode) { $url = $gBitSystem->getConfig( 'site_https_domain' ); $site_https_port = $gBitSystem->getConfig('site_https_port', $site_https_port); if ($site_https_port != 443) $url .= ':' . $site_https_port; $url .= $gBitSystem->getConfig( 'site_https_prefix' ) . $gBitSystem->getDefaultPage(); if (SID) $url .= '?' . SID; $url = preg_replace('/\/+/', '/', $url); header("Location: https://$url"); exit; } $user = isset($_REQUEST['user']) ? $_REQUEST['user'] : false; $pass = isset($_REQUEST['pass']) ? $_REQUEST['pass'] : false; $challenge = isset($_REQUEST['challenge']) ? $_REQUEST['challenge'] : false; $response = isset($_REQUEST['response']) ? $_REQUEST['response'] : false; // if $referer is set, login() will return the user to whence he came $url = $gBitUser->login( $user, $pass, $challenge, $response ); if (!preg_match('/^\w+:\/{2}/', $url)) { $url = httpPrefix() . $url; } // but if we came from a login page, let's go home (except if we got an error when login in) if( (strpos( $url, 'login.php?' ) || strpos( $url, 'remind_password.php' )) && strpos( $url, 'login.php?error=') == -1) { $url = $gBitSystem->getDefaultPage(); } header('Location: ' . $url); exit; ?>