0 ) { $ERROR = "".__('Invalid username or password').""; } else { // Make root admin user if ($_POST['user'] == 'root') $v_user = 'admin'; // Get user speciefic parameters exec (VESTA_CMD . "v-list-user ".$v_user." json", $output, $return_var); $data = json_decode(implode('', $output), true); // Define session user $_SESSION['user'] = key($data); $v_user = $_SESSION['user']; // Get user favorites get_favourites(); // Define language $output = ''; exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var); $languages = json_decode(implode('', $output), true); if(in_array($data[$v_user]['LANGUAGE'], $languages)){ $_SESSION['language'] = $data[$v_user]['LANGUAGE']; } else { $_SESSION['language'] = 'en'; } // Regenerate session id to prevent session fixation session_regenerate_id(); // Redirect request to control panel interface if (!empty($_SESSION['request_uri'])) { header("Location: ".$_SESSION['request_uri']); unset($_SESSION['request_uri']); exit; } else { header("Location: /"); exit; } } } else { $ERROR = "".__('Invalid or missing token').""; } } // Check system configuration exec (VESTA_CMD . "v-list-sys-config json", $output, $return_var); $data = json_decode(implode('', $output), true); $sys_arr = $data['config']; foreach ($sys_arr as $key => $value) { $_SESSION[$key] = $value; } // Detect language if (empty($_SESSION['language'])) { $output = ''; exec (VESTA_CMD."v-list-sys-config json", $output, $return_var); $config = json_decode(implode('', $output), true); $lang = $config['config']['LANGUAGE']; $output = ''; exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var); $languages = json_decode(implode('', $output), true); if(in_array($lang, $languages)){ $_SESSION['language'] = $lang; } else { $_SESSION['language'] = 'en'; } } // Generate CSRF token $_SESSION['token'] = md5(uniqid(mt_rand(), true)); require_once($_SERVER['DOCUMENT_ROOT'].'/inc/i18n/'.$_SESSION['language'].'.php'); require_once('../templates/header.html'); require_once('../templates/login.html');