X-Git-Url: http://git.joshuawise.com/patchfork.git/blobdiff_plain/964dd0bc22ff252711b1190854923d5cd5382f9f..HEAD:/player/login.php

diff --git a/player/login.php b/player/login.php
index 4ad58e2..84b1122 100644
--- a/player/login.php
+++ b/player/login.php
@@ -19,24 +19,38 @@
 	$error = false;
 	$no_require_login = "true";
 	require_once("../inc/base.php");
-	if(isset($_POST['password'])) {
+	if(isset($_POST['password']) && $_POST['password'] != "") {
 		$pass = get_config("login_pass");
 		if(substr($pass,0, 4)=="sha:") {
 			if(check_hash($pass, trim($_POST['password']))) {
-				$_SESSION['logged_in'] = true;
+				$_SESSION['logged_in'] = "rw";
 				header("Location: index.php");
 				exit(); 
 			}
 			$error = "Login failed";
 		}
 		else if($pass==trim($_POST['password'])) {
-			$_SESSION['logged_in'] = true;
+			$_SESSION['logged_in'] = "rw";
 			header("Location: index.php");
 			exit(); 
 		}
-		else {
+		
+		$pass = get_config("ro_pass");
+		if(substr($pass,0, 4)=="sha:") {
+			if(check_hash($pass, trim($_POST['password']))) {
+				$_SESSION['logged_in'] = "ro";
+				header("Location: index.php");
+				exit(); 
+			}
 			$error = "Login failed";
 		}
+		else if($pass==trim($_POST['password'])) {
+			$_SESSION['logged_in'] = "ro";
+			header("Location: index.php");
+			exit(); 
+		}
+
+		$error = "Login failed";
 	}
 	else if(isset($_GET['logout'])) {
 		session_destroy();