1 | <?php
|
---|
2 | //Valida a existencia do cookie, antes de grava-lo
|
---|
3 | if(isset($_COOKIE['contador']))
|
---|
4 | {
|
---|
5 | $valor_cookie = $_COOKIE['contador'];
|
---|
6 | if($_GET['cd']=='5')
|
---|
7 | {
|
---|
8 | $valor_cookie = $valor_cookie + 1;
|
---|
9 | setcookie("contador", $valor_cookie,0);
|
---|
10 | }
|
---|
11 | }
|
---|
12 | //Cookie inexistente: tenta gravar um
|
---|
13 | else
|
---|
14 | {
|
---|
15 | if (setcookie("contador", 1,0))
|
---|
16 | //echo "OK, cookie gravado.";
|
---|
17 | $valor_cookie = 1;
|
---|
18 | else
|
---|
19 | //echo "Nao gravou o cookie";
|
---|
20 | $valor_cookie = "9999"; // forca captcha
|
---|
21 | }
|
---|
22 | // logout, inicia contador novamente.....
|
---|
23 | if($_GET['cd']=='1')
|
---|
24 | {
|
---|
25 | $valor_cookie = 1;
|
---|
26 | setcookie("contador", 1,0);
|
---|
27 | }
|
---|
28 | /**************************************************************************\
|
---|
29 | * eGroupWare login *
|
---|
30 | * http://www.egroupware.org *
|
---|
31 | * Originaly written by Dan Kuykendall <seek3r@phpgroupware.org> *
|
---|
32 | * Joseph Engo <jengo@phpgroupware.org> *
|
---|
33 | * -------------------------------------------- *
|
---|
34 | * This program is free software; you can redistribute it and/or modify it *
|
---|
35 | * under the terms of the GNU General Public License as published by the *
|
---|
36 | * Free Software Foundation; either version 2 of the License, or (at your *
|
---|
37 | * option) any later version. *
|
---|
38 | \**************************************************************************/
|
---|
39 |
|
---|
40 | $phpgw_info = array();
|
---|
41 | $submit = False; // set to some initial value
|
---|
42 | $GLOBALS['phpgw_info']['flags'] = array(
|
---|
43 | 'disable_Template_class' => True,
|
---|
44 | 'login' => True,
|
---|
45 | 'currentapp' => 'login',
|
---|
46 | 'noheader' => True
|
---|
47 | );
|
---|
48 | if(file_exists('./header.inc.php'))
|
---|
49 | {
|
---|
50 | include('./header.inc.php');
|
---|
51 | if ($GLOBALS['phpgw_info']['server']['use_https'] > 0)
|
---|
52 | {
|
---|
53 | if ($_SERVER['HTTPS'] != 'on')
|
---|
54 | {
|
---|
55 | Header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
|
---|
56 | exit;
|
---|
57 | }
|
---|
58 | if($GLOBALS['phpgw_info']['server']['certificado']==1)
|
---|
59 | {
|
---|
60 | require_once('./seguranca/certificado.php');
|
---|
61 | $GLOBALS['certificado'] = new certificado;
|
---|
62 | }
|
---|
63 | }
|
---|
64 | if(function_exists('CreateObject'))
|
---|
65 | {
|
---|
66 | $GLOBALS['phpgw']->session = CreateObject('phpgwapi.sessions');
|
---|
67 | }
|
---|
68 | else
|
---|
69 | {
|
---|
70 | Header('Location: setup/index.php');
|
---|
71 | exit;
|
---|
72 | }
|
---|
73 | }
|
---|
74 | else
|
---|
75 | {
|
---|
76 | Header('Location: setup/index.php');
|
---|
77 | exit;
|
---|
78 | } |
---|
79 | $GLOBALS['phpgw_info']['login_template_set'] = 'serpro';
|
---|
80 | $GLOBALS['phpgw_info']['server']['template_dir'] = PHPGW_SERVER_ROOT . '/phpgwapi/templates/' . $GLOBALS['phpgw_info']['login_template_set'];
|
---|
81 | $tmpl = CreateObject('phpgwapi.Template', $GLOBALS['phpgw_info']['server']['template_dir']);
|
---|
82 | // read the images from the login-template-set, not the (maybe not even set) users template-set
|
---|
83 | $GLOBALS['phpgw_info']['user']['preferences']['common']['template_set'] = $GLOBALS['phpgw_info']['login_template_set'];
|
---|
84 | // This is used for system downtime, to prevent new logins.
|
---|
85 | if($GLOBALS['phpgw_info']['server']['deny_all_logins'])
|
---|
86 | {
|
---|
87 | $deny_msg=lang('Oops! You caught us in the middle of system maintainance.<br/>
|
---|
88 | Please, check back with us shortly.');
|
---|
89 | $tmpl->set_file(array
|
---|
90 | (
|
---|
91 | 'login_form' => 'login_denylogin.tpl'
|
---|
92 | ));
|
---|
93 | $tmpl->set_var('template_set','default');
|
---|
94 | $tmpl->set_var('deny_msg',$deny_msg);
|
---|
95 | $tmpl->pfp('loginout','login_form');
|
---|
96 | exit;
|
---|
97 | }
|
---|
98 | $tmpl->set_file(array('login_form' => 'login.tpl'));
|
---|
99 | // !! NOTE !!
|
---|
100 | // Do NOT and I repeat, do NOT touch ANYTHING to do with lang in this file.
|
---|
101 | // If there is a problem, tell me and I will fix it. (jengo)
|
---|
102 | // whoooo scaring
|
---|
103 |
|
---|
104 | if($GLOBALS['phpgw_info']['server']['usecookies'] == True)
|
---|
105 | {
|
---|
106 | $GLOBALS['phpgw']->session->phpgw_setcookie('serverID', '1024');
|
---|
107 | //GLOBALS['phpgw']->session->phpgw_setcookie('eGroupWareLoginTime', time());
|
---|
108 | }
|
---|
109 |
|
---|
110 | /*
|
---|
111 | if($_GET['cd'] != 10 && $GLOBALS['phpgw_info']['server']['usecookies'] == False)
|
---|
112 | {
|
---|
113 | $GLOBALS['phpgw']->session->setcookie('sessionid');
|
---|
114 | $GLOBALS['phpgw']->session->setcookie('kp3');
|
---|
115 | $GLOBALS['phpgw']->session->setcookie('domain');
|
---|
116 | }
|
---|
117 | */
|
---|
118 |
|
---|
119 | /* This is not working yet because I need to figure out a way to clear the $cd =1
|
---|
120 | if(isset($_SERVER['PHP_AUTH_USER']) && $_GET['cd'] == '1')
|
---|
121 | {
|
---|
122 | Header('HTTP/1.0 401 Unauthorized');
|
---|
123 | Header('WWW-Authenticate: Basic realm="phpGroupWare"');
|
---|
124 | echo 'You have to re-authentificate yourself';
|
---|
125 | exit;
|
---|
126 | }
|
---|
127 | */
|
---|
128 |
|
---|
129 | function check_logoutcode($code)
|
---|
130 | {
|
---|
131 | switch($code)
|
---|
132 | {
|
---|
133 | case 1:
|
---|
134 | return lang('You have been successfully logged out');
|
---|
135 | break;
|
---|
136 | case 2:
|
---|
137 | return lang('Sorry, your login has expired');
|
---|
138 | break;
|
---|
139 | case 4:
|
---|
140 | return lang('Cookies are required to login to this site.');
|
---|
141 | break;
|
---|
142 | case 5:
|
---|
143 | return '<font color="FF0000">' . lang('Bad login or password') . '</font>';
|
---|
144 | break;
|
---|
145 | case 200:
|
---|
146 | return '<font color="FF0000">' . lang('Invalid code') . '</font>';
|
---|
147 | break;
|
---|
148 | case 202:
|
---|
149 | return '<font color="FF0000">' . lang('Account is expired') . '</font>';
|
---|
150 | break;
|
---|
151 | case 203:
|
---|
152 | return '<font color="FF0000">' . lang('New Password and Confirm Password doesnt are equal') . '</font>';
|
---|
153 | break;
|
---|
154 | case 204:
|
---|
155 | return '<font color="FF0000">' . lang('New Password and Current Password are similar') . '</font>';
|
---|
156 | break;
|
---|
157 | case 205:
|
---|
158 | return '<font color="FF0000">' . lang('Your password must contain %1 or more letters', $GLOBALS['phpgw_info']['server']['num_letters_userpass']) . '</font>';
|
---|
159 | break;
|
---|
160 | case 206:
|
---|
161 | return '<font color="FF0000">' . lang('Your password is very simple, use numbers, uppercase, lowercase and special characters') . '</font>';
|
---|
162 | break;
|
---|
163 | case 207:
|
---|
164 | return '<font color="FF0000">' . lang('Your password contains characters not allowed') . '</font>';
|
---|
165 | break;
|
---|
166 | case 208:
|
---|
167 | return '<font color="FF0000">' . lang('New password with more than three consecutives equals caracteres') . '</font>';
|
---|
168 | break;
|
---|
169 | case 209:
|
---|
170 | return '<font color="0000FF">' . lang('password has been updated') . '</font>';
|
---|
171 | break;
|
---|
172 | case 98:
|
---|
173 | return '<font color="FF0000">' . lang('Account is expired') . '</font>';
|
---|
174 | break;
|
---|
175 | case 99:
|
---|
176 | return '<font color="FF0000">' . lang('Blocked, too many attempts') . '</font>';
|
---|
177 | break;
|
---|
178 | case 10:
|
---|
179 | $GLOBALS['phpgw']->session->phpgw_setcookie('sessionid');
|
---|
180 | $GLOBALS['phpgw']->session->phpgw_setcookie('kp3');
|
---|
181 | $GLOBALS['phpgw']->session->phpgw_setcookie('domain');
|
---|
182 |
|
---|
183 | //fix for bug php4 expired sessions bug
|
---|
184 | if($GLOBALS['phpgw_info']['server']['sessions_type'] == 'php4')
|
---|
185 | {
|
---|
186 | $GLOBALS['phpgw']->session->phpgw_setcookie(PHPGW_PHPSESSID);
|
---|
187 | }
|
---|
188 |
|
---|
189 | return '<font color="#FF0000">' . lang('Your session could not be verified.') . '</font>';
|
---|
190 | break;
|
---|
191 | default:
|
---|
192 | return ' ';
|
---|
193 | }
|
---|
194 | }
|
---|
195 |
|
---|
196 | /* Program starts here */
|
---|
197 |
|
---|
198 |
|
---|
199 | if($GLOBALS['phpgw_info']['server']['auth_type'] == 'http' && isset($_SERVER['PHP_AUTH_USER']))
|
---|
200 | {
|
---|
201 | $submit = True;
|
---|
202 | $login = $_SERVER['PHP_AUTH_USER'];
|
---|
203 | $passwd = $_SERVER['PHP_AUTH_PW'];
|
---|
204 | $passwd_type = 'text';
|
---|
205 | }
|
---|
206 | else
|
---|
207 | {
|
---|
208 | $passwd = $_POST['passwd'];
|
---|
209 | $passwd_type = $_POST['passwd_type'];
|
---|
210 | }
|
---|
211 |
|
---|
212 | # Apache + mod_ssl style SSL certificate authentication
|
---|
213 | # Certificate (chain) verification occurs inside mod_ssl
|
---|
214 | //$GLOBALS['phpgw_info']['server']['auth_type'] = 'sqlssl';
|
---|
215 |
|
---|
216 | if($GLOBALS['phpgw_info']['server']['auth_type'] == 'sqlssl' && isset($_SERVER['SSL_CLIENT_S_DN']) && !isset($_GET['cd']))
|
---|
217 | {
|
---|
218 | # an X.509 subject looks like:
|
---|
219 | # /CN=john.doe/OU=Department/O=Company/C=xx/Email=john@comapy.tld/L=City/
|
---|
220 | # the username is deliberately lowercase, to ease LDAP integration
|
---|
221 | $sslattribs = explode('/',$_SERVER['SSL_CLIENT_S_DN']);
|
---|
222 | # skip the part in front of the first '/' (nothing)
|
---|
223 | //$sslattributes['Email'] = $GLOBALS['certificado']->dados['email'];
|
---|
224 | while($sslattrib = next($sslattribs))
|
---|
225 | {
|
---|
226 | list($key,$val) = explode('=',$sslattrib);
|
---|
227 | $sslattributes[$key] = $val;
|
---|
228 | }
|
---|
229 | if(isset($sslattributes['Email']))
|
---|
230 | {
|
---|
231 | $submit = True;
|
---|
232 | # login will be set here if the user logged out and uses a different username with
|
---|
233 | # the same SSL-certificate.
|
---|
234 | if(!isset($_POST['login'])&&isset($sslattributes['Email']))
|
---|
235 | {
|
---|
236 | $login = $sslattributes['Email'];
|
---|
237 | # not checked against the database, but delivered to authentication module
|
---|
238 | $passwd = $_SERVER['SSL_CLIENT_S_DN'];
|
---|
239 | }
|
---|
240 | }
|
---|
241 | unset($key);
|
---|
242 | unset($val);
|
---|
243 | unset($sslattributes);
|
---|
244 | }
|
---|
245 | $ldap_info="";
|
---|
246 | if(isset($passwd_type) || $_POST['submitit_x'] || $_POST['submitit_y'] || $submit)
|
---|
247 | {
|
---|
248 | // Primeiro testa o captcha....se houver......
|
---|
249 | if( $GLOBALS['phpgw_info']['server']['captcha']==1)
|
---|
250 | {
|
---|
251 | if(isset($_POST['codigo']))
|
---|
252 | {
|
---|
253 | if ($_SESSION['CAPTCHAString'] != strtoupper($_POST['codigo']))
|
---|
254 | {
|
---|
255 | if (isset($_POST['npasswd']))
|
---|
256 | {
|
---|
257 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=200&ts=202'));
|
---|
258 | }
|
---|
259 | else
|
---|
260 | {
|
---|
261 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=200'));
|
---|
262 | }
|
---|
263 | }
|
---|
264 | unset($_SESSION['CAPTCHAString']);
|
---|
265 | }
|
---|
266 | }
|
---|
267 | //Faz uma busca inicial por atributos no ldap para que os resultados sejam utilizados pelo restante do programa
|
---|
268 | //Utilizando um diretorio corporativo, o dn do usuario pode estar localizado em qualquer ramo do diretorio
|
---|
269 | //system('echo "Login: bind em ldap" >> /tmp/controle');
|
---|
270 | $common = CreateObject('phpgwapi.common');
|
---|
271 | $ldap_conn = $common->ldapConnect(); //bind como Admin para buscar o atributo de expiracao e o dn do usuario
|
---|
272 | if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao']))
|
---|
273 | {
|
---|
274 | $justthese = array($GLOBALS['phpgw_info']['server']['atributoexpiracao']);
|
---|
275 | }
|
---|
276 | else
|
---|
277 | {
|
---|
278 | $justthese = array("phpgwaccountexpires");
|
---|
279 | }
|
---|
280 | $filter="(&(phpgwAccountType=u)(uid=".$_POST['user']."))";
|
---|
281 | $ldap_search = ldap_search($ldap_conn, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
|
---|
282 | $ldap_info = ldap_get_entries($ldap_conn, $ldap_search);
|
---|
283 | ldap_close($ldap_conn);
|
---|
284 | // Testa os cpos de troca de senha, se existem
|
---|
285 | if($_POST['npasswd'] || $_POST['cnpasswd'])
|
---|
286 | {
|
---|
287 | // Default number of letters = 8
|
---|
288 | if (!$GLOBALS['phpgw_info']['server']['num_letters_userpass'])
|
---|
289 | $GLOBALS['phpgw_info']['server']['num_letters_userpass'] = 8;
|
---|
290 | // Default number of special letters = 1
|
---|
291 | if (!$GLOBALS['phpgw_info']['server']['num_special_letters_userpass'])
|
---|
292 | $GLOBALS['phpgw_info']['server']['num_special_letters_userpass'] = 1;
|
---|
293 | if(strlen($_POST['npasswd']) < $GLOBALS['phpgw_info']['server']['num_letters_userpass'])
|
---|
294 | {
|
---|
295 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=205&ts=202'));
|
---|
296 | }
|
---|
297 | // nova senha e confirma nova senha devem ser iguais ...
|
---|
298 | if($_POST['npasswd'] != $_POST['cnpasswd'])
|
---|
299 | {
|
---|
300 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=203&ts=202'));
|
---|
301 | }
|
---|
302 | if (!(ereg ("(^[a-zA-Z_.\-\!@#$%&*+=|]*)$", $_POST['npasswd'] ) or
|
---|
303 | ereg ("(^[0-9_.\-\!@#$%&*+=|]*)$", $_POST['npasswd'] ) or
|
---|
304 | ereg ("(^[a-zA-Z0-9]*)$", $_POST['npasswd'] ) or
|
---|
305 | ereg ("(^[a-zA-Z0-9_.\-\!@#$%&*+=|]*)$", $_POST['npasswd'] )))
|
---|
306 | {
|
---|
307 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=207&ts=202'));
|
---|
308 | }
|
---|
309 | for ($j=0 ; $j<(strlen($_POST['npasswd'])-2); $j++)
|
---|
310 | {
|
---|
311 | if ($_POST['npasswd'][$j]==$_POST['npasswd'][$j+1] && $_POST['npasswd'][$j]==$_POST['npasswd'][$j+2])
|
---|
312 | {
|
---|
313 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=208&ts=202'));
|
---|
314 | break;
|
---|
315 | }
|
---|
316 | }
|
---|
317 | $similar=false;
|
---|
318 | for ($j=0 ; $j<8; $j++)
|
---|
319 | {
|
---|
320 | for ($k=0 ; $k<8; $k++)
|
---|
321 | {
|
---|
322 | if (similar_text(substr($_POST['passwd'],$j,3),substr($_POST['npasswd'],$k,3))>2)
|
---|
323 | {
|
---|
324 | $similar=true;
|
---|
325 | }
|
---|
326 | }
|
---|
327 | }
|
---|
328 | // a nova senha e a senha atual nao podem ser "similares" ...
|
---|
329 | if ($similar || $_POST['passwd'] == $_POST['npasswd'])
|
---|
330 | {
|
---|
331 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=204&ts=202'));
|
---|
332 | }
|
---|
333 | // complexidade da senha
|
---|
334 | $passcomplex=0;
|
---|
335 | if (ereg('[a-zA-Z]',$_POST['npasswd'])) {$passcomplex=$passcomplex+1;}
|
---|
336 | if (ereg('[0-9]',$_POST['npasswd'])) {$passcomplex=$passcomplex+1;}
|
---|
337 | if (ereg('[^0-9a-zA-Z]',$_POST['npasswd'])) {$passcomplex=$passcomplex+1;}
|
---|
338 | if ($passcomplex < 2)
|
---|
339 | {
|
---|
340 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=206&ts=202'));
|
---|
341 | }
|
---|
342 | //Tentando fazer bind com o dn do usuario
|
---|
343 | $ldap_conn = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
|
---|
344 | if (!$ldap_conn)
|
---|
345 | {
|
---|
346 | printf("<b>Error: Can't bind to LDAP server!");
|
---|
347 | die;
|
---|
348 | }
|
---|
349 | $dn=$ldap_info[0]['dn'];
|
---|
350 | //system('echo "'.ldap_errno($ldap_conn).'" >>/tmp/controle');
|
---|
351 | //Tenta fazer bind no diretorio, se nao conseguir, verifica se a negacao de autenticacao foi por causa de uma expiracao de senhas
|
---|
352 | //system('echo "Dn para bind: '.$ldap_info[0]['dn'].'" >>/tmp/controle');
|
---|
353 | if (!ldap_bind($ldap_conn,$ldap_info[0]['dn'],$_POST['passwd']))
|
---|
354 | {
|
---|
355 | //Verificando se a negacao de bind foi proveniente de uma expiracao de senha
|
---|
356 | //system('echo "NAO conseguiu dar bind" >>/tmp/controle');
|
---|
357 | $now=time();
|
---|
358 | //Verificando se a senha esta expirada
|
---|
359 | $expired=false;
|
---|
360 | if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao']))
|
---|
361 | {
|
---|
362 | //system('echo "Atributo de expiracao configurado." >>/tmp/controle');
|
---|
363 | //system('echo "now: '.$now.'" >>/tmp/controle');
|
---|
364 | //system('echo "atributo de expiracao: '.strtotime($ldap_info[0][$GLOBALS['phpgw_info']['server']['atributoexpiracao']][0]).'" >>/tmp/controle');
|
---|
365 | //if (strtotime($ldap_info[0][$GLOBALS['phpgw_info']['server']['atributoexpiracao']][0])<$now)
|
---|
366 | system('echo "chegou" >>/tmp/controle');
|
---|
367 | if (($ldap_info[0]["phpgwaccountexpires"][0]!="-1")&&(strtotime($ldap_info[0]["phpgwaccountexpires"][0])<$now))
|
---|
368 | {
|
---|
369 | //system('echo "Encontrou atributo expirado" >>/tmp/controle');
|
---|
370 | $expired=true;
|
---|
371 | }
|
---|
372 | }
|
---|
373 | else
|
---|
374 | {
|
---|
375 |
|
---|
376 | //Se o atributo de expiracao nao estiver configurado pressupoe que eh unixtime (phpgwaccountexpires)
|
---|
377 | if (($ldap_info[0]["phpgwaccountexpires"][0]!="-1")&&(strtotime($ldap_info[0]["phpgwaccountexpires"][0])<$now))
|
---|
378 | {
|
---|
379 | //system('echo "Encontrou atributo expirado - phpgwaccoutexpires" >>/tmp/controle');
|
---|
380 | $expired=true;
|
---|
381 | }
|
---|
382 | }
|
---|
383 | if ($expired)
|
---|
384 | {
|
---|
385 | //A negacao de bind proveio de uma expiracao de senhas.
|
---|
386 | //Providencia a troca de senhas e, se configurado, também o ajuste do atributo de expiracao.
|
---|
387 | //system('echo "vai chamar o change_password" >>/tmp/controle');
|
---|
388 | if($GLOBALS['phpgw']->auth->change_password_user($passwd, $_POST['npasswd'],$dn,true))
|
---|
389 | {
|
---|
390 | //A troca de senhas funcionou
|
---|
391 | //system('echo "Login: troca de senhas OK" >>/tmp/controle');
|
---|
392 | if($GLOBALS['phpgw_info']['server']['diretorioescravo'])
|
---|
393 | {
|
---|
394 | //Tempo necessario para que o slave receba a atualizacao.
|
---|
395 | sleep(1);
|
---|
396 | }
|
---|
397 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . '/logout.php?cd=209');
|
---|
398 | }
|
---|
399 | else
|
---|
400 | {
|
---|
401 | //Direciona para senha incorreta na tela de troca de senhas
|
---|
402 | //system('echo "Login: troca de senhas PROBLEMA" >>/tmp/controle');
|
---|
403 | $GLOBALS['phpgw']->redirect("" . '/login.php?cd=5&ts=202');
|
---|
404 | }
|
---|
405 | }
|
---|
406 | else
|
---|
407 | {
|
---|
408 | //A senha digitada estava incorreta
|
---|
409 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php?cd=5&ts=202');
|
---|
410 | }
|
---|
411 | }
|
---|
412 | else
|
---|
413 | {
|
---|
414 | //Usuario executou autenticacao no diretorio - a expiracao so pode ter vindo de uma politica de expiracao do proprio expresso
|
---|
415 | //system('echo "SIM conseguiu dar bind" >>/tmp/controle');
|
---|
416 | if($GLOBALS['phpgw_info']['server']['politicasenhas']=='expresso')
|
---|
417 | {
|
---|
418 | //Se a politica de senhas for do Expresso eh necessario verificar se o usuario estah expirado
|
---|
419 | $now=time();
|
---|
420 | $common1 = CreateObject('phpgwapi.common');
|
---|
421 | $ldap_conn1 = $common1->ldapConnect();
|
---|
422 | if ($GLOBALS['phpgw_info']['server']['num_days_pwd_validate'])
|
---|
423 | {
|
---|
424 | $aux=$GLOBALS['phpgw_info']['server']['num_days_pwd_validate'];
|
---|
425 | }
|
---|
426 | else
|
---|
427 | {
|
---|
428 | $aux=90;
|
---|
429 | }
|
---|
430 | //$entry['phpgwaccountexpires'] = $now + ($aux * 86400);
|
---|
431 | if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao']))
|
---|
432 | {
|
---|
433 | if(substr($ldap_info[0][$GLOBALS['phpgw_info']['server']['atributoexpiracao']][0],-1,1) == "Z")
|
---|
434 | {
|
---|
435 | if($GLOBALS['phpgw_info']['server']['politicasenhas']=='expresso')
|
---|
436 | {
|
---|
437 | //quando a data de expiracao estah no formato yyyymmddhhmmssZ
|
---|
438 | $entry[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = strftime("%Y%m%d%H%M%SZ", $now + ($aux * 86400));
|
---|
439 | }
|
---|
440 | }
|
---|
441 | else
|
---|
442 | {
|
---|
443 | if($GLOBALS['phpgw_info']['server']['politicasenhas']=='expresso')
|
---|
444 | {
|
---|
445 | //Outro atributo ldap que, assim como o phpgwaccounttype, tambem contem hora em formato unix
|
---|
446 | $entry[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = $now + ($aux * 86400);
|
---|
447 | }
|
---|
448 | }
|
---|
449 | }
|
---|
450 | else
|
---|
451 | {
|
---|
452 | //Se a polÃtica for no diretorio nao precisa alterar o atributo de expiracao
|
---|
453 | if($GLOBALS['phpgw_info']['server']['politicasenhas']=='expresso')
|
---|
454 | {
|
---|
455 | $entry['phpgwaccountexpires'] = $now + ($aux * 86400);
|
---|
456 | }
|
---|
457 | }
|
---|
458 | ldap_mod_replace($ldap_conn1,$ldap_info[0]['dn'], $entry);
|
---|
459 | }
|
---|
460 | }
|
---|
461 | }
|
---|
462 |
|
---|
463 | if ($ldap_info['count'] != 0)
|
---|
464 | {
|
---|
465 | $_POST['login'] = $_POST['user'];
|
---|
466 | }
|
---|
467 | ldap_close($ldap_conn);
|
---|
468 | if(getenv('REQUEST_METHOD') != 'POST' && $_SERVER['REQUEST_METHOD'] != 'POST' &&
|
---|
469 | !isset($_SERVER['PHP_AUTH_USER']) && !isset($_SERVER['SSL_CLIENT_S_DN']))
|
---|
470 | {
|
---|
471 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=5'));
|
---|
472 | }
|
---|
473 | if($submit == false)
|
---|
474 | {
|
---|
475 | $login = $_POST['login'];
|
---|
476 | }
|
---|
477 | if(strstr($login,'@') === False && isset($_POST['logindomain']))
|
---|
478 | {
|
---|
479 | $login .= '@' . $_POST['logindomain'];
|
---|
480 | }
|
---|
481 | elseif(!isset($GLOBALS['phpgw_domain'][$GLOBALS['phpgw_info']['user']['domain']]))
|
---|
482 | {
|
---|
483 | $login .= '@'.$GLOBALS['phpgw_info']['server']['default_domain'];
|
---|
484 | }
|
---|
485 | //--------------------------------------------------------------------------------------------------
|
---|
486 | //LOGIN
|
---|
487 | //--------------------------------------------------------------------------------------------------
|
---|
488 | //echo "Usuario ==> ".$login." senha ==> ".$passwd;
|
---|
489 | //system('echo "Login: tentou criar sessao" >> /tmp/controle');
|
---|
490 | //Tantando criar a sessao
|
---|
491 | $GLOBALS['sessionid'] = $GLOBALS['phpgw']->session->create(strtolower($login),$passwd,$passwd_type,'u');
|
---|
492 | if(!isset($GLOBALS['sessionid']) || ! $GLOBALS['sessionid'])
|
---|
493 | {
|
---|
494 | //A sessao nao pode ser criada. Verificando quais os possiveis motivos
|
---|
495 | //system('echo "Nao tem sessao" >> /tmp/controle');
|
---|
496 | if ($GLOBALS['phpgw']->session->cd_reason == 99)
|
---|
497 | {
|
---|
498 | //fazendo o redirecionamento para o caso de bloqueio de por excesso de tentativas erradas
|
---|
499 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php?cd=' . $GLOBALS['phpgw']->session->cd_reason.'&ts=99');
|
---|
500 | }
|
---|
501 | else
|
---|
502 | {
|
---|
503 | //Verifica se o codigo de erro ldap 49, que o session traduz para cd_reason=5, é proveniente de uma expiracao de senhas. Neste caso, mesmo se o usuário digitar a senha errada, devolve-se a informacao de expiracao. O código de erro "5" também é retornado quando não é encontrado o usuário na base ldap
|
---|
504 | if ($GLOBALS['phpgw']->session->cd_reason == 5)
|
---|
505 | {
|
---|
506 | //system('echo "Retornou erro 49" >>/tmp/controle');
|
---|
507 | //Buscando o atributo de expiracao no ldap
|
---|
508 | $lc = $common->ldapConnect();
|
---|
509 | if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao']))
|
---|
510 | {
|
---|
511 | $justthese = array("uid",$GLOBALS['phpgw_info']['server']['atributoexpiracao']);
|
---|
512 | }
|
---|
513 | $filter="(&(phpgwAccountType=u)(uid=".$_POST['user']."))";
|
---|
514 | $ldap_search = ldap_search($lc, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
|
---|
515 | $ldap_info = ldap_get_entries($lc, $ldap_search);
|
---|
516 | ldap_close($lc);
|
---|
517 | //Verificando se a senha está expirada
|
---|
518 | if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao']))
|
---|
519 | {
|
---|
520 | //Analisa a expiracao atraves do tempo da maquina
|
---|
521 | $now=time();
|
---|
522 | //Se o atributo de expiracao nao existir pode ser por causa da nao existencia do usuario no ldap
|
---|
523 | //Verifica o tipo do formato do tempo de expiracao para concluir se a senha está expirada ou não.
|
---|
524 | if (($ldap_info[0][$GLOBALS['phpgw_info']['server']['atributoexpiracao']][0])&&(substr($ldap_info[0][$GLOBALS['phpgw_info']['server']['atributoexpiracao']][0],-1,1) == "Z"))
|
---|
525 | {
|
---|
526 | if (strtotime($ldap_info[0][$GLOBALS['phpgw_info']['server']['atributoexpiracao']][0] < $now))
|
---|
527 | {
|
---|
528 | //Senha do usuario estah expirada, pressupoe-se que colocou a senha certa, pois o erro do ldap eh o mesmo (49)
|
---|
529 | //system('echo "Detectou expiracao de senhas: " >>/tmp/controle');
|
---|
530 | if(isset($GLOBALS['phpgw_info']['server']['webserver_url']))
|
---|
531 | {
|
---|
532 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php?cd=98&ts=98');
|
---|
533 | }
|
---|
534 | else
|
---|
535 | {
|
---|
536 | //Entra aqui em duas ocasioes - quando expirado:
|
---|
537 | //login errado na tela sem troca de senhas
|
---|
538 | //troca de senhas com a senha atual errada
|
---|
539 | if($_POST['npasswd'])
|
---|
540 | {
|
---|
541 | //Nao logou porque o usuario estah com a senha expirada - troca de senhas
|
---|
542 | //Pode ter errado a senha também.
|
---|
543 | //system('echo "NAO Achou a url - tela troca de senhas: " >>/tmp/controle');
|
---|
544 | $GLOBALS['phpgw']->redirect_link("" . '/logout.php?cd=5&ts=5');
|
---|
545 | }
|
---|
546 | else
|
---|
547 | {
|
---|
548 | //Nao logou porque o usuario estah com a senha expirada - tela inicial
|
---|
549 | //Para o caso de usuario que tenta se logar na tela inicial com a senha expirada
|
---|
550 | //system('echo "NAO Achou a url - tela inicial: " >>/tmp/controle'); //funciona
|
---|
551 | $GLOBALS['phpgw']->redirect_link("" . '/login.php?cd=98&ts=98'); //funciona
|
---|
552 | }
|
---|
553 | }
|
---|
554 | }
|
---|
555 | else
|
---|
556 | {
|
---|
557 | //senha do usuario nao estah expirada e, como o ldap deu login invalido, ocorreu erro de senha
|
---|
558 | //system('echo "NAO estah expirado: " >>/tmp/controle');
|
---|
559 | $GLOBALS['phpgw']->redirect_link("" . '/login.php?cd=5&ts=5');
|
---|
560 | }
|
---|
561 | }
|
---|
562 | else
|
---|
563 | {
|
---|
564 | //Caso do atributo de expiracao de senhas estar no formato unixtime
|
---|
565 | if (($ldap_info[0][$GLOBALS['phpgw_info']['server']['atributoexpiracao']][0])&&($ldap_info[0][$GLOBALS['phpgw_info']['server']['atributoexpiracao']][0] < $now)&&($ldap_info[0][$GLOBALS['phpgw_info']['server']['atributoexpiracao']][0]!="-1"))
|
---|
566 | {
|
---|
567 | //Senha do usuario estah expirada, pressupoe-se que colocou a senha certa, pois o erro do ldap eh o mesmo (49)
|
---|
568 | //system('echo "Detectou expiracao de senhas: " >>/tmp/controle');
|
---|
569 | if(isset($GLOBALS['phpgw_info']['server']['webserver_url']))
|
---|
570 | {
|
---|
571 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php?cd=98&ts=98');
|
---|
572 | }
|
---|
573 | else
|
---|
574 | {
|
---|
575 | //Entra aqui em duas ocasioes - quando expirado:
|
---|
576 | //login errado na tela sem troca de senhas
|
---|
577 | //troca de senhas com a senha atual errada
|
---|
578 | if($_POST['npasswd'])
|
---|
579 | {
|
---|
580 | //Nao logou porque o usuario estah com a senha expirada - troca de senhas
|
---|
581 | //Pode ter errado a senha também.
|
---|
582 | //system('echo "NAO Achou a url - tela troca de senhas: " >>/tmp/controle');
|
---|
583 | $GLOBALS['phpgw']->redirect_link("" . '/logout.php?cd=5&ts=5');
|
---|
584 | }
|
---|
585 | else
|
---|
586 | {
|
---|
587 | //Nao logou porque o usuario estah com a senha expirada - tela inicial
|
---|
588 | //Para o caso de usuario que tenta se logar na tela inicial com a senha expirada
|
---|
589 | //system('echo "NAO Achou a url - tela inicial: " >>/tmp/controle'); //funciona
|
---|
590 | $GLOBALS['phpgw']->redirect_link("" . '/login.php?cd=98&ts=98'); //funciona
|
---|
591 | }
|
---|
592 | }
|
---|
593 | }
|
---|
594 | else
|
---|
595 | {
|
---|
596 | //senha do usuario nao estah expirada e, como o ldap deu login invalido, ocorreu erro de senha
|
---|
597 | //system('echo "NAO estah expirado: " >>/tmp/controle');
|
---|
598 | $GLOBALS['phpgw']->redirect_link("" . '/login.php?cd=5&ts=5');
|
---|
599 | }
|
---|
600 | }
|
---|
601 | }
|
---|
602 | }
|
---|
603 | else
|
---|
604 | {
|
---|
605 | if ($GLOBALS['phpgw']->session->cd_reason == 99)
|
---|
606 | {
|
---|
607 | //fazendo o redirecionamento para o caso de bloqueio de por excesso de tentativas erradas
|
---|
608 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php?cd=' . $GLOBALS['phpgw']->session->cd_reason.'&ts=99');
|
---|
609 | }
|
---|
610 | else
|
---|
611 | {
|
---|
612 | // trocasenha soh vai existir qdo o form for gerado via chamada anterior com com "cd=202"
|
---|
613 | if($_POST['cdx']=='202' )
|
---|
614 | {
|
---|
615 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php?cd=' . $GLOBALS['phpgw']->session->cd_reason.'&ts=202');
|
---|
616 | }
|
---|
617 | else
|
---|
618 | {
|
---|
619 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php?cd=' . $GLOBALS['phpgw']->session->cd_reason);
|
---|
620 | }
|
---|
621 | }
|
---|
622 | }
|
---|
623 | }
|
---|
624 | }
|
---|
625 | else
|
---|
626 | {
|
---|
627 | //Realiza a troca de senhas caso a polÃtica seja local, ou seja, caso o diretorio continue autenticando o usuario com a senha expirada.
|
---|
628 | //system('echo "Encontrou número de sessao" >> /tmp/controle');
|
---|
629 | // Atencao: se existir o cpo "npasswd" providencia a troca da senha do usuario....
|
---|
630 | if($_POST['npasswd'])
|
---|
631 | {
|
---|
632 | //system('echo "entrou no change" >> /tmp/controle');
|
---|
633 | //$GLOBALS['phpgw']->auth->change_password($passwd, $_POST['npasswd']);
|
---|
634 | if($GLOBALS['phpgw_info']['server']['politicasenhas']=='expresso')
|
---|
635 | {
|
---|
636 | $GLOBALS['phpgw']->auth->change_password_user($passwd, $_POST['npasswd'],$dn,false);
|
---|
637 | }
|
---|
638 | else
|
---|
639 | {
|
---|
640 | $GLOBALS['phpgw']->auth->change_password_user($passwd, $_POST['npasswd'],$dn,true);
|
---|
641 | }
|
---|
642 | $GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . '/logout.php?cd=209');
|
---|
643 | }
|
---|
644 | if ($_POST['lang'] && preg_match('/^[a-z]{2}(-[a-z]{2}){0,1}$/',$_POST['lang']) &&
|
---|
645 | $_POST['lang'] != $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'])
|
---|
646 | {
|
---|
647 | $GLOBALS['phpgw']->preferences->add('common','lang',$_POST['lang'],'session');
|
---|
648 | }
|
---|
649 | if(!$GLOBALS['phpgw_info']['server']['disable_autoload_langfiles'])
|
---|
650 | {
|
---|
651 | $GLOBALS['phpgw']->translation->autoload_changed_langfiles();
|
---|
652 | }
|
---|
653 | $forward = isset($_GET['phpgw_forward']) ? urldecode($_GET['phpgw_forward']) : @$_POST['phpgw_forward'];
|
---|
654 | if (!$forward)
|
---|
655 | {
|
---|
656 | $extra_vars['cd'] = 'yes';
|
---|
657 | $forward = '/home.php';
|
---|
658 | }
|
---|
659 | else
|
---|
660 | {
|
---|
661 | list($forward,$extra_vars) = explode('?',$forward,2);
|
---|
662 | }
|
---|
663 | if ($GLOBALS['phpgw_info']['server']['use_https'] != 2)
|
---|
664 | {
|
---|
665 | $forward = 'http://'.$_SERVER['HTTP_HOST'].($GLOBALS['phpgw']->link($forward.'?cd=yes'));
|
---|
666 | echo "<script language='Javascript1.3'>location.href='".$forward."'</script>";
|
---|
667 | }
|
---|
668 | else
|
---|
669 | {
|
---|
670 | $GLOBALS['phpgw']->redirect_link($forward,$extra_vars);
|
---|
671 | }
|
---|
672 | }
|
---|
673 | }
|
---|
674 | else
|
---|
675 | {
|
---|
676 | // !!! DONT CHANGE THESE LINES !!!
|
---|
677 | // If there is something wrong with this code TELL ME!
|
---|
678 | // Commenting out the code will not fix it. (jengo)
|
---|
679 | if(isset($_COOKIE['last_loginid']))
|
---|
680 | {
|
---|
681 | $accounts = CreateObject('phpgwapi.accounts');
|
---|
682 | $prefs = CreateObject('phpgwapi.preferences', $accounts->name2id($_COOKIE['last_loginid']));
|
---|
683 |
|
---|
684 | if($prefs->account_id)
|
---|
685 | {
|
---|
686 | $GLOBALS['phpgw_info']['user']['preferences'] = $prefs->read_repository();
|
---|
687 | }
|
---|
688 | }
|
---|
689 | if ($_GET['lang'])
|
---|
690 | {
|
---|
691 | $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = $_GET['lang'];
|
---|
692 | }
|
---|
693 | elseif(!isset($_COOKIE['last_loginid']) || !$prefs->account_id)
|
---|
694 | {
|
---|
695 | // If the lastloginid cookies isn't set, we will default to the first language,
|
---|
696 | // the users browser accepts.
|
---|
697 | list($lang) = explode(',',$_SERVER['HTTP_ACCEPT_LANGUAGE']);
|
---|
698 | /*
|
---|
699 | if(strlen($lang) > 2)
|
---|
700 | {
|
---|
701 | $lang = substr($lang,0,2);
|
---|
702 |
|
---|
703 | }
|
---|
704 | */
|
---|
705 | $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = $lang;
|
---|
706 | }
|
---|
707 | #print 'LANG:' . $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] . '<br>';
|
---|
708 | $GLOBALS['phpgw']->translation->init(); // this will set the language according to the (new) set prefs
|
---|
709 | $GLOBALS['phpgw']->translation->add_app('login');
|
---|
710 | $GLOBALS['phpgw']->translation->add_app('loginscreen');
|
---|
711 | if(lang('loginscreen_message') == 'loginscreen_message*')
|
---|
712 | {
|
---|
713 | $GLOBALS['phpgw']->translation->add_app('loginscreen','en'); // trying the en one
|
---|
714 | }
|
---|
715 | if(lang('loginscreen_message') != 'loginscreen_message*')
|
---|
716 | {
|
---|
717 | $tmpl->set_var('lang_message',stripslashes(lang('loginscreen_message')));
|
---|
718 | }
|
---|
719 | }
|
---|
720 | if($GLOBALS['phpgw_info']['server']['use_prefix_organization'])
|
---|
721 | {
|
---|
722 | $organization_select = "<tr><td width=\"66\" class=\"loginLabel\">";
|
---|
723 | $organization_select .= lang("organization").":</td>";
|
---|
724 | $organization_select .="<td width=\"135\">";
|
---|
725 | $organization_select .="<select name=\"organization\">\n";
|
---|
726 | $obj_organization = CreateObject('phpgwapi.sector_search_ldap');
|
---|
727 | $organizations = $obj_organization->organization_search($GLOBALS['phpgw_info']['server']['ldap_context']);
|
---|
728 | for ($i=0; $i<count($organizations); $i++)
|
---|
729 | {
|
---|
730 | $tmp_array[strtolower($organizations[$i])] = $organizations[$i];
|
---|
731 | }
|
---|
732 | $arrayOrganization = $tmp_array;
|
---|
733 | ksort($arrayOrganization);
|
---|
734 | foreach($arrayOrganization as $organization_name => $organization_vars)
|
---|
735 | {
|
---|
736 | $organization_select .= '<option value="' . $organization_name . '"';
|
---|
737 | if($organization_name == $_COOKIE['last_organization'])
|
---|
738 | {
|
---|
739 | $organization_select .= ' selected';
|
---|
740 | }
|
---|
741 | $organization_select .= '>' . $organization_vars . "</option>\n";
|
---|
742 | }
|
---|
743 | $organization_select .= "</select>\n";
|
---|
744 | $organization_select .="</td><td> </td></tr>";
|
---|
745 | $tmpl->set_var('select_organization',$organization_select);
|
---|
746 | }
|
---|
747 | $domain_select = ' ';
|
---|
748 | $last_loginid = $_COOKIE['last_loginid'];
|
---|
749 | if($GLOBALS['phpgw_info']['server']['show_domain_selectbox'])
|
---|
750 | {
|
---|
751 | $domain_select = "<select name=\"logindomain\">\n";
|
---|
752 | foreach($GLOBALS['phpgw_domain'] as $domain_name => $domain_vars)
|
---|
753 | {
|
---|
754 | $domain_select .= '<option value="' . $domain_name . '"';
|
---|
755 | if($domain_name == $_COOKIE['last_domain'])
|
---|
756 | {
|
---|
757 | $domain_select .= ' selected';
|
---|
758 | }
|
---|
759 | $domain_select .= '>' . $domain_name . "</option>\n";
|
---|
760 | }
|
---|
761 | $domain_select .= "</select>\n";
|
---|
762 | }
|
---|
763 | elseif($last_loginid !== '')
|
---|
764 | {
|
---|
765 | reset($GLOBALS['phpgw_domain']);
|
---|
766 | list($default_domain) = each($GLOBALS['phpgw_domain']);
|
---|
767 | if($_COOKIE['last_domain'] != $default_domain && !empty($_COOKIE['last_domain']))
|
---|
768 | {
|
---|
769 | $last_loginid .= '@' . $_COOKIE['last_domain'];
|
---|
770 | }
|
---|
771 | }
|
---|
772 | $tmpl->set_var('select_domain',$domain_select);
|
---|
773 | foreach($_GET as $name => $value)
|
---|
774 | {
|
---|
775 | if(ereg('phpgw_',$name))
|
---|
776 | {
|
---|
777 | $extra_vars .= '&' . $name . '=' . urlencode($value);
|
---|
778 | }
|
---|
779 | }
|
---|
780 | if($extra_vars)
|
---|
781 | {
|
---|
782 | $extra_vars = '?' . substr($extra_vars,1);
|
---|
783 | }
|
---|
784 |
|
---|
785 | /********************************************************\
|
---|
786 | * Check is the registration app is installed, activated *
|
---|
787 | * And if the register link must be placed *
|
---|
788 | \********************************************************/
|
---|
789 |
|
---|
790 | $cnf_reg = createobject('phpgwapi.config','registration');
|
---|
791 | $cnf_reg->read_repository();
|
---|
792 | $config_reg = $cnf_reg->config_data;
|
---|
793 |
|
---|
794 | if($config_reg[enable_registration]=='True' && $config_reg[register_link]=='True')
|
---|
795 | {
|
---|
796 | $reg_link=' <a href="registration/">'.lang('Not a user yet? Register now').'</a><br/>';
|
---|
797 | }
|
---|
798 | |
---|
799 | $GLOBALS['phpgw_info']['server']['template_set'] = $GLOBALS['phpgw_info']['login_template_set'];
|
---|
800 | $tmpl->set_var('register_link',$reg_link);
|
---|
801 | $tmpl->set_var('charset',$GLOBALS['phpgw']->translation->charset());
|
---|
802 | $tmpl->set_var('login_url', $GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php' . $extra_vars);
|
---|
803 | $tmpl->set_var('registration_url',$GLOBALS['phpgw_info']['server']['webserver_url'] . '/registration/');
|
---|
804 | $tmpl->set_var('version',$GLOBALS['phpgw_info']['server']['versions']['phpgwapi']);
|
---|
805 | $tmpl->set_var('cd',check_logoutcode($_GET['cd']));
|
---|
806 | $tmpl->set_var('cookie',$last_loginid);
|
---|
807 | $tmpl->set_var('lang_password',lang('password'));
|
---|
808 | $tmpl->set_var('lang_login',lang('login'));
|
---|
809 | if ($_GET['cd'] == '202' || $_GET['cd'] == '98' || $_GET['ts']=='202' || $_GET['cdx']=='202')
|
---|
810 | {
|
---|
811 | $tmpl->set_var('cdx','202');
|
---|
812 | }
|
---|
813 | // Alterado para utilizar o certificado digital...
|
---|
814 | if(!$GLOBALS['certificado']->apresentado)
|
---|
815 | {
|
---|
816 | $tmpl->set_var('lang_username',lang('username'));
|
---|
817 | $tmpl->set_var('CPF','<input name="user" size="18">');
|
---|
818 | if($GLOBALS['phpgw_info']['server']['captcha'])
|
---|
819 | {
|
---|
820 | if($valor_cookie > $GLOBALS['phpgw_info']['server']['num_badlogin'])
|
---|
821 | {
|
---|
822 | $tmpl->set_var('captcha','<tr border="1"><td nowrap width="155" class="codigoLabel" ><img src="./seguranca/captcha.php" title="'.lang('Security code').'" alt="'.lang('Security code').'" width="75" ><b> ---------></b></td> <td width="105"><input name="codigo" type="text" size="18" title="'.lang('Type the security code').'"></td> </tr>');
|
---|
823 | }
|
---|
824 | }
|
---|
825 | }
|
---|
826 | else
|
---|
827 | {
|
---|
828 | $tmpl->set_var('nome','<b>'.lang('Certificate owner').':</b> '.$GLOBALS['certificado']->dados['NOME']);
|
---|
829 | $tmpl->set_var('CPF','<input type="hidden" name="user" size="18" value="'.$GLOBALS['certificado']->dados['CPF'].'" READONLY>');
|
---|
830 | }
|
---|
831 | if ($_GET['cd'] == '202' || $_GET['cd'] == '98' || $_GET['ts']=='202' || $_GET['cdx']=='202')
|
---|
832 | {
|
---|
833 | $tmpl->set_var('trocasenha','<tr>
|
---|
834 | <td width="140" class="loginLabel" >'.lang('New Password').'</td>
|
---|
835 | <td width="105"><input name="npasswd" type="password" size="18" ><br></td>
|
---|
836 | </tr>
|
---|
837 | <tr>
|
---|
838 | <td width="155" class="loginLabel" >'.lang('Confirm New Password').'</td>
|
---|
839 | <td width="105"><input name="cnpasswd" type="password" size="18" ><br></td>
|
---|
840 | </tr>');
|
---|
841 | }
|
---|
842 | $tmpl->set_var('website_title', $GLOBALS['phpgw_info']['server']['site_title']);
|
---|
843 | $tmpl->set_var('template_set',$GLOBALS['phpgw_info']['login_template_set']);
|
---|
844 | $tmpl->set_var('bg_color',($GLOBALS['phpgw_info']['server']['login_bg_color']?$GLOBALS['phpgw_info']['server']['login_bg_color']:'FFFFFF'));
|
---|
845 | $tmpl->set_var('login_caixa_bg_color',($GLOBALS['phpgw_info']['server']['login_caixa_bg_color']?$GLOBALS['phpgw_info']['server']['login_caixa_bg_color']:'FFFFFF'));
|
---|
846 | $tmpl->set_var('bg_color_title',($GLOBALS['phpgw_info']['server']['login_bg_color_title']?$GLOBALS['phpgw_info']['server']['login_bg_color_title']:'486591'));
|
---|
847 | if (substr($GLOBALS['phpgw_info']['server']['login_logo_file'],0,4) == 'http')
|
---|
848 | {
|
---|
849 | $var['logo_file'] = $GLOBALS['phpgw_info']['server']['login_logo_file'];
|
---|
850 | }
|
---|
851 | else
|
---|
852 | {
|
---|
853 | $var['logo_file'] = $GLOBALS['phpgw']->common->image('phpgwapi',$GLOBALS['phpgw_info']['server']['login_logo_file']?$GLOBALS['phpgw_info']['server']['login_logo_file']:'');
|
---|
854 | }
|
---|
855 |
|
---|
856 | if (substr($GLOBALS['phpgw_info']['server']['imagem_de_fundo'],0,4) == 'http')
|
---|
857 | {
|
---|
858 | $var['imagem_de_fundo'] = $GLOBALS['phpgw_info']['server']['imagem_de_fundo'];
|
---|
859 | }
|
---|
860 | else
|
---|
861 | {
|
---|
862 | #$var['imagem_de_fundo'] = $GLOBALS['phpgw']->common->image('phpgwapi',$GLOBALS['phpgw_info']['server']['imagem_de_fundo']?$GLOBALS['phpgw_info']['server']['imagem_de_fundo']:'back.jpg');
|
---|
863 | $var['imagem_de_fundo'] = $GLOBALS['phpgw']->common->image('phpgwapi',$GLOBALS['phpgw_info']['server']['imagem_de_fundo']);
|
---|
864 | }
|
---|
865 | $var['imagem_de_fundo_exibicao'] = ($GLOBALS['phpgw_info']['server']['imagem_de_fundo_exibicao'] != ''?$GLOBALS['phpgw_info']['server']['imagem_de_fundo_exibicao']:"background-repeat:repeat-x; overflow:auto;overflow-x:hidden;");
|
---|
866 | $var['logo_url'] = $GLOBALS['phpgw_info']['server']['login_logo_url']?$GLOBALS['phpgw_info']['server']['login_logo_url']:'http://www.eGroupWare.org';
|
---|
867 | if (substr($var['logo_url'],0,4) != 'http')
|
---|
868 | {
|
---|
869 | $var['logo_url'] = 'http://'.$var['logo_url'];
|
---|
870 | }
|
---|
871 | $var['logo_title'] = $GLOBALS['phpgw_info']['server']['login_logo_title']?$GLOBALS['phpgw_info']['server']['login_logo_title']:'www.eGroupWare.org';
|
---|
872 |
|
---|
873 | // {logo_imagem} |
---|
874 | // <a href="{logo_url}" title="{logo_title}" style="text-decoration: none;" target="_blank"><img src="{logo_file}" border="0" style="margin-top: 5px; witdh: 300px; height: 200px;"/></a>
|
---|
875 | if($var['logo_file'] == '')
|
---|
876 | {
|
---|
877 | $var['logo_imagem'] = '';
|
---|
878 | }
|
---|
879 | else
|
---|
880 | {
|
---|
881 | $var['logo_imagem'] = '<a href="'.$var['logo_url'].'" title="'.$var['logo_title'].'" style="text-decoration: none;" target="_blank"><img src="'.$var['logo_file'].'" border="0" style="margin-top: 5px; witdh: 300px; height: 200px;"/></a>';
|
---|
882 | }
|
---|
883 | $tmpl->set_var($var);
|
---|
884 | if (@$GLOBALS['phpgw_info']['server']['login_show_language_selection'])
|
---|
885 | {
|
---|
886 | $select_lang = '<select name="lang" onchange="'."location.href=location.href+(location.search?'&':'?')+'lang='+this.value".'">';
|
---|
887 | $langs = $GLOBALS['phpgw']->translation->get_installed_langs();
|
---|
888 | uasort($langs,'strcasecmp');
|
---|
889 | foreach ($langs as $key => $name) // if we have a translation use it
|
---|
890 | {
|
---|
891 | $select_lang .= "\n\t".'<option value="'.$key.'"'.($key == $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] ? ' selected="1"' : '').'>'.$name.'</option>';
|
---|
892 | }
|
---|
893 | $select_lang .= "\n</select>\n";
|
---|
894 | $tmpl->set_var(array(
|
---|
895 | 'lang_language' => lang('Language'),
|
---|
896 | 'select_language' => $select_lang,
|
---|
897 | ));
|
---|
898 | }
|
---|
899 | else
|
---|
900 | {
|
---|
901 | $tmpl->set_block('login_form','language_select');
|
---|
902 | $tmpl->set_var('language_select','');
|
---|
903 | }
|
---|
904 | $tmpl->set_var('autocomplete', ($GLOBALS['phpgw_info']['server']['autocomplete_login'] ? 'autocomplete="off"' : ''));
|
---|
905 | $tmpl->set_var('vserpro','<font color="#9a9a9a" face="Verdana, Arial, Helvetica, sans-serif" size="1">V - '.$GLOBALS['phpgw_info']['server']['versions']['header'].'-'.$GLOBALS['phpgw_info']['server']['versao-Serpro'].'</font>');
|
---|
906 | $tmpl->pfp('loginout','login_form');
|
---|
907 | ?>
|
---|