* * Joseph Engo * * Updated by Nilton Emilio Buhrer Neto * * This program is free software; you can redistribute it and/or modify it * * under the terms of the GNU General Public License as published by the * * Free Software Foundation; either version 2 of the License, or (at your * * option) any later version. * \**************************************************************************/ function check_logoutcode($code) { switch($code) { case 1: return lang('You have been successfully logged out'); case 2: return lang('Sorry, your login has expired'); case 4: return lang('Cookies are required to login to this site.'); case 5: return '' . lang('Bad login or password') . ''; case 6: return '' . lang('Your password has expired, and you do not have access to change it') . ''; case 98: return '' . lang('Account is expired') . ''; case 99: return '' . lang('Blocked, too many attempts(%1)! Retry in %2 minute(s)',$GLOBALS['phpgw_info']['server']['num_unsuccessful_id'],$GLOBALS['phpgw_info']['server']['block_time']) . ''; case 200: //return '' . lang('Invalid code') . ''; return '' . lang('Bad login or password') . ''; break; case 10: $GLOBALS['phpgw']->session->phpgw_setcookie('sessionid'); $GLOBALS['phpgw']->session->phpgw_setcookie('kp3'); $GLOBALS['phpgw']->session->phpgw_setcookie('domain'); //fix for bug php4 expired sessions bug if($GLOBALS['phpgw_info']['server']['sessions_type'] == 'php4') { $GLOBALS['phpgw']->session->phpgw_setcookie(PHPGW_PHPSESSID); } return '' . lang('Your session could not be verified.') . ''; default: return ''; } } $ifMobile = false; $browser = CreateObject('phpgwapi.browser'); switch ( $browser->get_platform() ) { case browser::PLATFORM_IPHONE: case browser::PLATFORM_IPOD: case browser::PLATFORM_IPAD: case browser::PLATFORM_BLACKBERRY: case browser::PLATFORM_NOKIA: case browser::PLATFORM_ANDROID: $ifMobile = true; break; } if( $ifMobile && $_GET['dont_redirect_if_moble'] != 1 ) { $GLOBALS['phpgw']->redirect_link('/mobile/login.php'); } else { /* Program starts here */ if($GLOBALS['phpgw_info']['server']['auth_type'] == 'http' && isset($_SERVER['PHP_AUTH_USER'])) { $submit = True; $login = $_SERVER['PHP_AUTH_USER']; $passwd = $_SERVER['PHP_AUTH_PW']; $passwd_type = 'text'; } else { $passwd = $_POST['passwd']; $passwd_type = $_POST['passwd_type']; } # Apache + mod_ssl style SSL certificate authentication # Certificate (chain) verification occurs inside mod_ssl if($GLOBALS['phpgw_info']['server']['auth_type'] == 'sqlssl' && isset($_SERVER['SSL_CLIENT_S_DN']) && !isset($_GET['cd'])) { # an X.509 subject looks like: # /CN=john.doe/OU=Department/O=Company/C=xx/Email=john@comapy.tld/L=City/ # the username is deliberately lowercase, to ease LDAP integration $sslattribs = explode('/',$_SERVER['SSL_CLIENT_S_DN']); # skip the part in front of the first '/' (nothing) while($sslattrib = next($sslattribs)) { list($key,$val) = explode('=',$sslattrib); $sslattributes[$key] = $val; } if(isset($sslattributes['Email'])) { $submit = True; # login will be set here if the user logged out and uses a different username with # the same SSL-certificate. if(!isset($_POST['login'])&&isset($sslattributes['Email'])) { $login = $sslattributes['Email']; # not checked against the database, but delivered to authentication module $passwd = $_SERVER['SSL_CLIENT_S_DN']; } } unset($key); unset($val); unset($sslattributes); } if( isset( $_GET[ 'cd' ] ) && ( $_GET['cd']=='1' || $_GET['cd'] == 10 ) ) { $_SESSION['contador'] = 0; } if(isset($passwd_type) || $_POST['submitit_x'] || $_POST['submitit_y'] || $submit) { // Primeiro testa o captcha....se houver...... if($GLOBALS['phpgw_info']['server']['captcha']==1) { if($_SESSION['contador'] > $GLOBALS['phpgw_info']['server']['num_badlogin']) { if ($_SESSION['CAPTCHAString'] != trim(strtoupper($_POST['codigo']))) { if(!$_GET['cd']) { $_GET['cd'] = '200'; } } unset($_SESSION['CAPTCHAString']); } } if($_POST['user']) { if($GLOBALS['phpgw_info']['server']['use_prefix_organization']) { $common = CreateObject('phpgwapi.common'); $ldap_conn = $common->ldapConnect(); $justthese = array("uid"); $filter="(&(phpgwAccountType=u)(uid=".$_POST['user']."))"; $ldap_search = ldap_search($ldap_conn, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese); $ldap_info = ldap_get_entries($ldap_conn, $ldap_search); ldap_close($ldap_conn); if ($ldap_info['count'] != 0) { $_POST['login'] = $_POST['user']; } } else $_POST['login'] = $_POST['user']; } if(getenv('REQUEST_METHOD') != 'POST' && $_SERVER['REQUEST_METHOD'] != 'POST' && !isset($_SERVER['PHP_AUTH_USER']) && !isset($_SERVER['SSL_CLIENT_S_DN'])) { if(!$_GET['cd']) { $_GET['cd'] = '5'; } } // don't get login data again when $submit is true if($submit == false) { $login = $_POST['login']; } if(strstr($login,'@') === False && isset($_POST['logindomain'])) { $login .= '@' . $_POST['logindomain']; } elseif(!isset($GLOBALS['phpgw_domain'][$GLOBALS['phpgw_info']['user']['domain']])) { $login .= '@'.$GLOBALS['phpgw_info']['server']['default_domain']; } If(!$_GET['cd']) $GLOBALS['sessionid'] = $GLOBALS['phpgw']->session->create(strtolower($login),$passwd,$passwd_type,'u'); if(!isset($GLOBALS['sessionid']) || ! $GLOBALS['sessionid']) { If(!$_GET['cd']) $_GET['cd'] = $GLOBALS['phpgw']->session->cd_reason; } else { if ($_POST['lang'] && preg_match('/^[a-z]{2}(-[a-z]{2}){0,1}$/',$_POST['lang']) && $_POST['lang'] != $GLOBALS['phpgw_info']['user']['preferences']['common']['lang']) { $GLOBALS['phpgw']->preferences->add('common','lang',$_POST['lang'],'session'); } if(!$GLOBALS['phpgw_info']['server']['disable_autoload_langfiles']) { $GLOBALS['phpgw']->translation->autoload_changed_langfiles(); } $forward = isset($_GET['phpgw_forward']) ? urldecode($_GET['phpgw_forward']) : @$_POST['phpgw_forward']; if (!$forward) { $extra_vars['cd'] = 'yes'; $forward = '/home.php'; } else { list($forward,$extra_vars) = explode('?',$forward,2); } if ($GLOBALS['phpgw_info']['server']['use_https'] != 2) { //Modificacao feita para que o Expresso redirecione para o primeiro proxy caso haja um encadeamento de mais de um proxy. //$forward = 'http://'.$_SERVER['HTTP_HOST'].($GLOBALS['phpgw']->link($forward.'?cd=yes')); $forward = 'http://' . nearest_to_me() . $GLOBALS['phpgw']->link($forward.'?cd=yes'); echo ""; } else { $GLOBALS['phpgw']->redirect_link($forward,$extra_vars); } } } //else // ================================================================================= //{ $valor_contador = $_SESSION['contador']; $valor_contador = $valor_contador + 1; $_SESSION['contador'] = $valor_contador; // !!! DONT CHANGE THESE LINES !!! // If there is something wrong with this code TELL ME! // Commenting out the code will not fix it. (jengo) if(isset($_COOKIE['last_loginid'])) { $accounts = CreateObject('phpgwapi.accounts'); $prefs = CreateObject('phpgwapi.preferences', $accounts->name2id($_COOKIE['last_loginid'])); if($prefs->account_id) { $GLOBALS['phpgw_info']['user']['preferences'] = $prefs->read_repository(); } } $_GET['lang'] = addslashes($_GET['lang']); if ($_GET['lang']) { $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = $_GET['lang']; } elseif(!isset($_COOKIE['last_loginid']) || !$prefs->account_id) { // If the lastloginid cookies isn't set, we will default to the first language, // the users browser accepts. list($lang) = explode(',',$_SERVER['HTTP_ACCEPT_LANGUAGE']); /* if(strlen($lang) > 2) { $lang = substr($lang,0,2); } */ $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = $lang; } #print 'LANG:' . $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] . '
'; $GLOBALS['phpgw']->translation->init(); // this will set the language according to the (new) set prefs $GLOBALS['phpgw']->translation->add_app('login'); $GLOBALS['phpgw']->translation->add_app('loginscreen'); if(lang('loginscreen_message') == 'loginscreen_message*') { $GLOBALS['phpgw']->translation->add_app('loginscreen','en'); // trying the en one } if(lang('loginscreen_message') != 'loginscreen_message*') { $tmpl->set_var('lang_message',stripslashes(lang('loginscreen_message'))); } //} if($GLOBALS['phpgw_info']['server']['use_prefix_organization']) { $obj_organization = CreateObject('phpgwapi.sector_search_ldap'); $organizations = $obj_organization->organization_search($GLOBALS['phpgw_info']['server']['ldap_context']); for ($i=0; $i $organization_vars) { $organization_select .= '