include dirname(__FILE__).'/inc/config.php';
-# initialize session
myTool::initPhp();
-Session::init();
+
# XSRF protection with token
if (!empty($_POST)) {
if (!Session::isToken($_POST['token'])) {
if (!empty($_POST['login']) && !empty($_POST['password'])) {
if (Session::login('poche', 'poche', $_POST['login'], $_POST['password'])) {
logm('login successful');
+ $msg->add('s', 'welcome in your pocket!');
if (!empty($_POST['longlastingsession'])) {
$_SESSION['longlastingsession'] = 31536000;
$_SESSION['expires_on'] = time() + $_SESSION['longlastingsession'];