| [ PHPXref.com ] | [ Generated: Sun Jul 20 19:41:04 2008 ] | [ phpGroupWare 0.9.16.010 ] |
| [ Index ] [ Variables ] [ Functions ] [ Classes ] [ Constants ] [ Statistics ] | ||
[Summary view] [Print] [Text view]
1 <?php 2 /**************************************************************************\ 3 * phpGroupWare * 4 * http://www.phpgroupware.org * 5 * Written by Dan Kuykendall <seek3r@phpgroupware.org> * 6 * Joseph Engo <jengo@phpgroupware.org> * 7 * -------------------------------------------- * 8 * This program is free software; you can redistribute it and/or modify it * 9 * under the terms of the GNU General Public License as published by the * 10 * Free Software Foundation; either version 2 of the License, or (at your * 11 * option) any later version. * 12 \**************************************************************************/ 13 14 /* $Id: login.php,v 1.76.2.4.2.19 2004/11/06 16:13:46 powerstat Exp $ */ 15 16 $phpgw_info = array(); 17 $GLOBALS['phpgw_info']['flags'] = array( 18 'disable_template_class' => True, 19 'login' => True, 20 'currentapp' => 'login', 21 'noheader' => True 22 ); 23 if(file_exists('./header.inc.php')) 24 { 25 include('./header.inc.php'); 26 $GLOBALS['phpgw']->sessions = createObject('phpgwapi.sessions'); 27 } 28 else 29 { 30 Header('Location: setup/index.php'); 31 exit; 32 } 33 34 $GLOBALS['phpgw_info']['server']['template_dir'] = PHPGW_SERVER_ROOT 35 . '/phpgwapi/templates/' 36 . $GLOBALS['phpgw_info']['login_template_set']; 37 38 $tmpl = CreateObject('phpgwapi.Template', $GLOBALS['phpgw_info']['server']['template_dir']); 39 40 // This is used for system downtime, to prevent new logins. 41 if ($GLOBALS['phpgw_info']['server']['deny_all_logins']) 42 { 43 $tmpl->set_file(array( 44 'login_form' => 'login_denylogin.tpl' 45 )); 46 $tmpl->set_var('template_set','default'); 47 $tmpl->pfp('loginout','login_form'); 48 exit; 49 } 50 51 // !! NOTE !! 52 // Do NOT and I repeat, do NOT touch ANYTHING to do with lang in this file. 53 // If there is a problem, tell me and I will fix it. (jengo) 54 55 /* 56 if ($_GET['cd'] != 10 && $GLOBALS['phpgw_info']['server']['usecookies'] == False) 57 { 58 $GLOBALS['phpgw']->sessions->setcookie('sessionid'); 59 $GLOBALS['phpgw']->sessions->setcookie('kp3'); 60 $GLOBALS['phpgw']->sessions->setcookie('domain'); 61 } 62 */ 63 64 /* This is not working yet because I need to figure out a way to clear the $cd =1 65 if (isset($_SERVER['PHP_AUTH_USER']) && $_GET['cd'] == '1') 66 { 67 Header('HTTP/1.0 401 Unauthorized'); 68 Header('WWW-Authenticate: Basic realm="phpGroupWare"'); 69 echo 'You have to re-authentificate yourself'; 70 exit; 71 } 72 */ 73 74 if (! $deny_login && ! $GLOBALS['phpgw_info']['server']['show_domain_selectbox']) 75 { 76 $tmpl->set_file(array('login_form' => 'login.tpl')); 77 $tmpl->set_var('charset',lang('charset')); 78 } 79 elseif ($GLOBALS['phpgw_info']['server']['show_domain_selectbox']) 80 { 81 $tmpl->set_file(array('login_form' => 'login_selectdomain.tpl')); 82 $tmpl->set_var('charset',lang('charset')); 83 } 84 85 if(@$GLOBALS['phpgw_info']['server']['domain_from_host'] 86 && !@$GLOBALS['phpgw_info']['server']['show_domain_selectbox']) 87 { 88 $tmpl->set_var('logindomain', '@' . $_SERVER['SERVER_NAME'] 89 . '<input type="hidden" name="logindomain" value="' 90 . $_SERVER['SERVER_NAME'] . '">'); 91 } 92 93 94 function check_logoutcode($code) 95 { 96 switch($code) 97 { 98 case 1: 99 return lang('You have been successfully logged out'); 100 break; 101 case 2: 102 return lang('Sorry, your login has expired'); 103 break; 104 case 5: 105 return '<font color="FF0000">' . lang('Bad login or password') . '</font>'; 106 break; 107 case 99: 108 return '<font color="FF0000">' . lang('Blocked, too many attempts') . '</font>'; 109 break; 110 case 10: 111 $GLOBALS['phpgw']->sessions->phpgw_setcookie('sessionid'); 112 $GLOBALS['phpgw']->sessions->phpgw_setcookie('kp3'); 113 $GLOBALS['phpgw']->sessions->phpgw_setcookie('domain'); 114 115 //fix for bug php4 expired sessions bug 116 if($GLOBALS['phpgw_info']['server']['sessions_type'] == 'php4') 117 { 118 $GLOBALS['phpgw']->sessions->phpgw_setcookie(PHPGW_PHPSESSID); 119 } 120 121 return '<font color=#FF0000>' . lang('Your session could not be verified.') . '</font>'; 122 break; 123 default: 124 return ' '; 125 } 126 } 127 128 function check_langs() 129 { 130 //echo "<h1>check_langs()</h1>\n"; 131 if ($GLOBALS['phpgw_info']['server']['lang_ctimes'] && !is_array($GLOBALS['phpgw_info']['server']['lang_ctimes'])) 132 { 133 $GLOBALS['phpgw_info']['server']['lang_ctimes'] = unserialize($GLOBALS['phpgw_info']['server']['lang_ctimes']); 134 } 135 //_debug_array($GLOBALS['phpgw_info']['server']['lang_ctimes']); 136 137 $lang = $GLOBALS['phpgw_info']['user']['preferences']['common']['lang']; 138 $apps = $GLOBALS['phpgw_info']['user']['apps']; 139 $apps['phpgwapi'] = true; // check the api too 140 while (list($app,$data) = each($apps)) 141 { 142 $fname = PHPGW_SERVER_ROOT . "/$app/setup/phpgw_$lang.lang"; 143 144 if (file_exists($fname)) 145 { 146 $ctime = filectime($fname); 147 $ltime = intval($GLOBALS['phpgw_info']['server']['lang_ctimes'][$lang][$app]); 148 //echo "checking lang='$lang', app='$app', ctime='$ctime', ltime='$ltime'<br />\n"; 149 150 if ($ctime != $ltime) 151 { 152 update_langs(); // update all langs 153 break; 154 } 155 } 156 } 157 } 158 159 function update_langs() 160 { 161 $GLOBALS['phpgw_setup'] = CreateObject('phpgwapi.setup'); 162 $GLOBALS['phpgw_setup']->db = $GLOBALS['phpgw']->db; 163 164 $GLOBALS['phpgw_setup']->detection->check_lang(false); // get installed langs 165 $langs = $GLOBALS['phpgw_info']['setup']['installed_langs']; 166 while (list($lang) = @each($langs)) 167 { 168 $langs[$lang] = $lang; 169 } 170 $_POST['submit'] = true; 171 $_POST['lang_selected'] = $langs; 172 $_POST['upgrademethod'] = 'dumpold'; 173 $included = 'from_login'; 174 175 include (PHPGW_SERVER_ROOT . '/setup/lang.php'); 176 } 177 178 /* Program starts here */ 179 180 if ($GLOBALS['phpgw_info']['server']['auth_type'] == 'http' && isset($_SERVER['PHP_AUTH_USER'])) 181 { 182 $submit = True; 183 $login = $_SERVER['PHP_AUTH_USER']; 184 $passwd = $_SERVER['PHP_AUTH_PW']; 185 } 186 187 # Apache + mod_ssl style SSL certificate authentication 188 # Certificate (chain) verification occurs inside mod_ssl 189 if ($GLOBALS['phpgw_info']['server']['auth_type'] == 'sqlssl' && isset($_SERVER['SSL_CLIENT_S_DN']) && !isset($_GET['cd'])) 190 { 191 # an X.509 subject looks like: 192 # /CN=john.doe/OU=Department/O=Company/C=xx/Email=john@comapy.tld/L=City/ 193 # the username is deliberately lowercase, to ease LDAP integration 194 $sslattribs = explode('/',$_SERVER['SSL_CLIENT_S_DN']); 195 # skip the part in front of the first '/' (nothing) 196 while ($sslattrib = next($sslattribs)) 197 { 198 list($key,$val) = explode('=',$sslattrib); 199 $sslattributes[$key] = $val; 200 } 201 202 if (isset($sslattributes['Email'])) 203 { 204 $submit = True; 205 206 # login will be set here if the user logged out and uses a different username with 207 # the same SSL-certificate. 208 if (!isset($_POST['login'])&&isset($sslattributes['Email'])) { 209 $login = $sslattributes['Email']; 210 # not checked against the database, but delivered to authentication module 211 $passwd = $_SERVER['SSL_CLIENT_S_DN']; 212 } 213 } 214 unset($key); 215 unset($val); 216 unset($sslattributes); 217 } 218 219 if (isset($_POST['passwd_type']) || $_POST['submit'] || $_POST['submit_x'] || $_POST['submit_y']) 220 { 221 if (getenv(REQUEST_METHOD) != 'POST' && $_SERVER['REQUEST_METHOD'] != 'POST' 222 && !isset($_SERVER['PHP_AUTH_USER']) && !isset($_SERVER['SSL_CLIENT_S_DN'])) 223 { 224 $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','code=5')); 225 } 226 $login = $_POST['login']; 227 if (strstr($login,'@') === False && isset($_POST['logindomain'])) 228 { 229 $login .= '@' . $_POST['logindomain']; 230 } 231 $GLOBALS['sessionid'] = $GLOBALS['phpgw']->session->create($login,$_POST['passwd'],$_POST['passwd_type']); 232 233 if (! isset($GLOBALS['sessionid']) || ! $GLOBALS['sessionid']) 234 { 235 $GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php?cd=' . $GLOBALS['phpgw']->session->cd_reason); 236 } 237 else 238 { 239 $forward = get_var('phpgw_forward', array('GET', 'POST'), 0); 240 if($forward) 241 { 242 $extra_vars['phpgw_forward'] = $forward; 243 foreach($_GET as $name => $value) 244 { 245 if (ereg('phpgw_',$name)) 246 { 247 $extra_vars[$name] = $value; 248 } 249 } 250 } 251 if (!$GLOBALS['phpgw_info']['server']['disable_autoload_langfiles']) 252 { 253 check_langs(); 254 } 255 $extra_vars['cd'] = 'yes'; 256 257 $GLOBALS['phpgw']->hooks->process('login'); 258 $GLOBALS['phpgw']->redirect_link('/home.php', $extra_vars); 259 } 260 } 261 else 262 { 263 // !!! DONT CHANGE THESE LINES !!! 264 // If there is something wrong with this code TELL ME! 265 // Commenting out the code will not fix it. (jengo) 266 if (isset($_COOKIE['last_loginid'])) 267 { 268 $accounts = CreateObject('phpgwapi.accounts'); 269 $prefs = CreateObject('phpgwapi.preferences', $accounts->name2id($_COOKIE['last_loginid'])); 270 271 if (! $prefs->account_id) 272 { 273 $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = 'en'; 274 } 275 else 276 { 277 $GLOBALS['phpgw_info']['user']['preferences'] = $prefs->read_repository(); 278 } 279 #print 'LANG:' . $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] . '<br />'; 280 } 281 else 282 { 283 // If the lastloginid cookies isn't set, we will default to english. 284 // Change this if you need. 285 $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = 'en'; 286 } 287 $GLOBALS['phpgw']->translation->add_app('login'); 288 $GLOBALS['phpgw']->translation->add_app('loginscreen'); 289 if (lang('loginscreen_message') != 'loginscreen_message*') 290 { 291 $tmpl->set_var('lang_message',stripslashes(lang('loginscreen_message'))); 292 } 293 } 294 295 if( (!@$GLOBALS['phpgw_info']['server']['usecookies']) && @is_array($_COOKIE) ) 296 { 297 unset($_COOKIE['last_loginid']); 298 unset($_COOKIE['last_domain']); 299 } 300 301 $last_loginid = $_COOKIE['last_loginid']; 302 if ($GLOBALS['phpgw_info']['server']['show_domain_selectbox']) 303 { 304 $domain_select = ''; // For security ... just in case 305 foreach($GLOBALS['phpgw_domain'] as $domain_name => $domain_vars) 306 { 307 $domain_select .= '<option value="' . $domain_name . '"'; 308 309 if ($domain_name == $_COOKIE['last_domain']) 310 { 311 $domain_select .= ' selected'; 312 } 313 $domain_select .= '>' . $domain_name . '</option>'; 314 } 315 $tmpl->set_var('select_domain',$domain_select); 316 } 317 elseif ($last_loginid !== '') 318 { 319 reset($GLOBALS['phpgw_domain']); 320 list($default_domain) = each($GLOBALS['phpgw_domain']); 321 322 if ($_COOKIE['last_domain'] != $default_domain && !empty($_COOKIE['last_domain'])) 323 { 324 $last_loginid .= '@' . $_COOKIE['last_domain']; 325 } 326 } 327 328 foreach($_GET as $name => $value) 329 { 330 if (ereg('phpgw_',$name)) 331 { 332 $extra_vars .= '&' . $name . '=' . urlencode($value); 333 } 334 } 335 336 if ($extra_vars) 337 { 338 $extra_vars = '?' . substr($extra_vars,1,strlen($extra_vars)); 339 } 340 341 $tmpl->set_var('login_url', $GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php' . $extra_vars); 342 $tmpl->set_var('registration_url',$GLOBALS['phpgw_info']['server']['webserver_url'] . '/registration/'); 343 $tmpl->set_var('version',$GLOBALS['phpgw_info']['server']['versions']['phpgwapi']); 344 $tmpl->set_var('cd',check_logoutcode($_GET['cd'])); 345 $tmpl->set_var('cookie',$last_loginid); 346 347 $tmpl->set_var('lang_username',lang('username')); 348 $tmpl->set_var('lang_password',lang('password')); 349 $tmpl->set_var('lang_login',lang('login')); 350 351 $tmpl->set_var('website_title', $GLOBALS['phpgw_info']['server']['site_title']); 352 $tmpl->set_var('template_set',$GLOBALS['phpgw_info']['login_template_set']); 353 $tmpl->set_var('bg_color',($GLOBALS['phpgw_info']['server']['login_bg_color']?$GLOBALS['phpgw_info']['server']['login_bg_color']:'FFFFFF')); 354 $tmpl->set_var('bg_color_title',($GLOBALS['phpgw_info']['server']['login_bg_color_title']?$GLOBALS['phpgw_info']['server']['login_bg_color_title']:'486591')); 355 $tmpl->set_var('logo_url',($GLOBALS['phpgw_info']['server']['login_logo_url']?$GLOBALS['phpgw_info']['server']['login_logo_url']:'www.phpgroupware.org')); 356 $tmpl->set_var('logo_file',($GLOBALS['phpgw_info']['server']['login_logo_file']?$GLOBALS['phpgw_info']['server']['login_logo_file']:'logo.gif')); 357 $tmpl->set_var('logo_title',($GLOBALS['phpgw_info']['server']['login_logo_title']?$GLOBALS['phpgw_info']['server']['login_logo_title']:'phpGroupWare --> home')); 358 $tmpl->set_var('autocomplete', ($GLOBALS['phpgw_info']['server']['autocomplete_login'] ? 'autocomplete="off"' : '')); 359 360 $tmpl->pfp('loginout','login_form'); 361 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| [ Powered by PHPXref - Served by Debian GNU/Linux ] |