" . htmlentities ( $login ) . "" ); } if ( user_valid_login ( $login, $password ) ) { user_load_variables ( $login, "" ); // set login to expire in 365 days srand((double) microtime() * 1000000); $salt = chr( rand(ord('A'), ord('z'))) . chr( rand(ord('A'), ord('z'))); $encoded_login = encode_string ( $login . "|" . crypt($password, $salt) ); if ( ! empty ( $settings['session'] ) && $settings['session'] = 'php' ) { $_SESSION['webcalendar_session'] = $encoded_login; } else { if ( ! empty ( $remember ) && $remember == "yes" ) { SetCookie ( "webcalendar_session", $encoded_login, time() + ( 24 * 3600 * 365 ), $cookie_path ); } else { SetCookie ( "webcalendar_session", $encoded_login, 0, $cookie_path ); } } load_user_preferences (); // The cookie "webcalendar_login" is provided as a convenience to // other apps that may wish to find out what the last calendar // login was, so they can use week_ssi.php as a server-side include. // As such, it's not a security risk to have it un-encoded since it // is not used to allow logins within this app. It is used to // load user preferences on the login page (before anyone has // logged in) if $remember_last_login is set to "Y" (in admin.php). if ( ! empty ( $remember ) && $remember == "yes" ) { SetCookie ( "webcalendar_login", $login, time() + ( 24 * 3600 * 365 ), $cookie_path ); } else { SetCookie ( "webcalendar_login", $login, 0, $cookie_path ); } do_redirect ( $url ); } else { // Invalid login if ( empty ( $error ) || ! $showLoginFailureReason ) { $error = translate("Invalid login" ); } } } ?>