Index: trunk/kernel/include/usersession.php
===================================================================
diff -u -r228 -r232
--- trunk/kernel/include/usersession.php	(.../usersession.php)	(revision 228)
+++ trunk/kernel/include/usersession.php	(.../usersession.php)	(revision 232)
@@ -363,9 +363,10 @@
     function Login($userLogin, $userPassword)
     {
 		global $expired, $objConfig;
-
-        if($userLogin=="root")
+		
+        if($userLogin == "root")
         {
+            // logging in "root" (admin only)
             $rootpass = $objConfig->Get("RootPass");            
             if($rootpass!=$userPassword)
             {
@@ -382,6 +383,7 @@
         }
         else
         {        		  
+		  // logging in any user (admin & front)
 		  $pre = GetTablePrefix();
           $sql = "SELECT *,MD5(".$pre."PortalUser.Password) as md5pw FROM ".$pre."PortalUser LEFT JOIN ".$pre."UserGroup USING (PortalUserId) "
         	   ."LEFT JOIN ".$pre."PortalGroup ON (".$pre."UserGroup.GroupId=".$pre."PortalGroup.GroupId)
@@ -451,6 +453,16 @@
         $this->ResetSysPermCache();
         $this->PermCache = array();
         $this->Update();
+        
+        if($userLogin != 'root')
+        {
+        	if( ! $this->HasSystemPermission('LOGIN') )
+        	{ 
+        		$this->Logout();
+        		return false;
+        	}
+        }
+        
         return true;
     }