True,
'login' => True,
'currentapp' => 'login',
'currentdir' => '/mobile',
'noheader' => True
);
include('../header.inc.php');
$GLOBALS['sessionid'] = @$_GET['sessionid'] ? $_GET['sessionid'] : @$_COOKIE['sessionid'];
if(isset($GLOBALS['sessionid']) && $_GET['cd'] != 10 && $_GET['cd'] != 1)
//$GLOBALS['phpgw']->redirect_link($GLOBALS['phpgw_info']['flags']['currentdir'].'/calendar.php');
//session_start();
$GLOBALS['phpgw']->redirect_link($GLOBALS['phpgw_info']['flags']['currentdir'].'/home.php');
if ($GLOBALS['phpgw_info']['server']['use_https'] > 0) {
if ($_SERVER['HTTPS'] != 'on') {
Header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
}
$GLOBALS['phpgw']->session = CreateObject('phpgwapi.sessions');
//$GLOBALS['phpgw_info']['server']['template_dir'] = PHPGW_SERVER_ROOT.$GLOBALS['phpgw_info']['flags']['currentdir'].'/templates/'.$GLOBALS['phpgw_info']['login_template_set'];
$GLOBALS['phpgw_info']['server']['template_dir'] = PHPGW_SERVER_ROOT.$GLOBALS['phpgw_info']['flags']['currentdir'].'/templates/';
$tmpl = CreateObject('phpgwapi.Template', $GLOBALS['phpgw_info']['server']['template_dir']);
$GLOBALS['phpgw_info']['user']['preferences']['common']['template_set'] = $GLOBALS['phpgw_info']['login_template_set'];
$tmpl->set_file(array('login_form' => 'login.tpl'));
function check_logoutcode($code) {
switch($code) {
case 1:
logout();
return lang('You have been successfully logged out');
case 2:
return lang('Sorry, your login has expired');
case 4:
return lang('Cookies are required to login to this site.');
case 5:
return '' . lang('Bad login or password') . '';
case 6:
return '' . lang('Your password has expired, and you do not have access to change it') . '';
case 98:
return '' . lang('Account expired') . '';
case 99:
return '' . lang('Blocked, too many attempts') . '';
case 10:
$GLOBALS['phpgw']->session->phpgw_setcookie('sessionid');
$GLOBALS['phpgw']->session->phpgw_setcookie('kp3');
$GLOBALS['phpgw']->session->phpgw_setcookie('domain');
if($GLOBALS['phpgw_info']['server']['sessions_type'] == 'php4')
{
$GLOBALS['phpgw']->session->phpgw_setcookie(PHPGW_PHPSESSID);
}
return '' . lang('Your session could not be verified.') . '';
case 11:
return '' . lang('Invalid code') . '';
default:
return ' ';
}
}
if($GLOBALS['phpgw_info']['server']['auth_type'] == 'http' && isset($_SERVER['PHP_AUTH_USER'])) {
$submit = True;
$login = $_SERVER['PHP_AUTH_USER'];
$passwd = $_SERVER['PHP_AUTH_PW'];
$passwd_type = 'text';
}
else {
$passwd = $_POST['passwd'];
$passwd_type = $_POST['passwd_type'];
}
//-------------------------------------------------- Adicionado para o Captcha -----------------------------------------------
if(isset($passwd_type) || $_POST['submitit_x'] || $_POST['submitit_y'] || $submit) {
// Primeiro testa o captcha....se houver......
if( $GLOBALS['phpgw_info']['server']['captcha']==1)
{
if(isset($_POST['codigo']))
{
if ($_SESSION['CAPTCHAString'] != strtoupper($_POST['codigo']))
{
if (isset($_POST['npasswd']))
{
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link($GLOBALS['phpgw_info']['flags']['currentdir'].'/login.php','cd=11&ts=202'));
}
else
{
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link($GLOBALS['phpgw_info']['flags']['currentdir'].'/login.php','cd=11'));
}
}
unset($_SESSION['CAPTCHAString']);
}
}
/*
//VOLTA DO BLOCO ORIGINAL
if(isset($passwd_type) || $_POST['submitit_x'] || $_POST['submitit_y'] || $submit) {
*/
if(getenv('REQUEST_METHOD') != 'POST' && $_SERVER['REQUEST_METHOD'] != 'POST' &&
!isset($_SERVER['PHP_AUTH_USER']) && !isset($_SERVER['SSL_CLIENT_S_DN'])){
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link($GLOBALS['phpgw_info']['flags']['currentdir'].'/login.php','cd=5'));
}
if(!$submit)
$login = $_POST['login'];
$GLOBALS['sessionid'] = $GLOBALS['phpgw']->session->create(strtolower($login),$passwd,$passwd_type,'u');
if(!isset($GLOBALS['sessionid']) || ! $GLOBALS['sessionid']){
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] .$GLOBALS['phpgw_info']['flags']['currentdir'].'/login.php?cd=' . $GLOBALS['phpgw']->session->cd_reason);
}
else{
//$GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] .$GLOBALS['phpgw_info']['flags']['currentdir'].'/calendar.php');
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] .$GLOBALS['phpgw_info']['flags']['currentdir'].'/home.php');
}
/*
}//If do bloco original
>>> Parte usada no Expresso para alteracao de senha no caso de expiracao
//Faz uma busca inicial por atributos no ldap para que os resultados sejam utilizados pelo restante do programa
//Utilizando um diretorio corporativo, o dn do usuario pode estar localizado em qualquer ramo do diretorio
//system('echo "Login: bind em ldap" >> /tmp/controle');
$common = CreateObject('phpgwapi.common');
$ldap_conn = $common->ldapConnect(); //bind como Admin para buscar o atributo de expiracao e o dn do usuario
if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao']))
{
$justthese = array($GLOBALS['phpgw_info']['server']['atributoexpiracao']);
}
else
{
$justthese = array("phpgwaccountexpires");
}
$filter="(&(phpgwAccountType=u)(uid=".$_POST['user']."))";
$ldap_search = ldap_search($ldap_conn, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
$ldap_info = ldap_get_entries($ldap_conn, $ldap_search);
ldap_close($ldap_conn);
// Testa os cpos de troca de senha, se existem
if($_POST['npasswd'] || $_POST['cnpasswd'])
{
// Default number of letters = 8
if (!$GLOBALS['phpgw_info']['server']['num_letters_userpass'])
$GLOBALS['phpgw_info']['server']['num_letters_userpass'] = 8;
// Default number of special letters = 1
if (!$GLOBALS['phpgw_info']['server']['num_special_letters_userpass'])
$GLOBALS['phpgw_info']['server']['num_special_letters_userpass'] = 1;
if(strlen($_POST['npasswd']) < $GLOBALS['phpgw_info']['server']['num_letters_userpass'])
{
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=205&ts=202'));
}
// nova senha e confirma nova senha devem ser iguais ...
if($_POST['npasswd'] != $_POST['cnpasswd'])
{
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=203&ts=202'));
}
if (!(ereg ("(^[a-zA-Z_.\-\!@#$%&*+=|]*)$", $_POST['npasswd'] ) or
ereg ("(^[0-9_.\-\!@#$%&*+=|]*)$", $_POST['npasswd'] ) or
ereg ("(^[a-zA-Z0-9]*)$", $_POST['npasswd'] ) or
ereg ("(^[a-zA-Z0-9_.\-\!@#$%&*+=|]*)$", $_POST['npasswd'] )))
{
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=207&ts=202'));
}
for ($j=0 ; $j<(strlen($_POST['npasswd'])-2); $j++)
{
if ($_POST['npasswd'][$j]==$_POST['npasswd'][$j+1] && $_POST['npasswd'][$j]==$_POST['npasswd'][$j+2])
{
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=208&ts=202'));
break;
}
}
$similar=false;
for ($j=0 ; $j<8; $j++)
{
for ($k=0 ; $k<8; $k++)
{
if (similar_text(substr($_POST['passwd'],$j,3),substr($_POST['npasswd'],$k,3))>2)
{
$similar=true;
}
}
}
// a nova senha e a senha atual nao podem ser "similares" ...
if ($similar || $_POST['passwd'] == $_POST['npasswd'])
{
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=204&ts=202'));
}
// complexidade da senha
$passcomplex=0;
if (ereg('[a-zA-Z]',$_POST['npasswd'])) {$passcomplex=$passcomplex+1;}
if (ereg('[0-9]',$_POST['npasswd'])) {$passcomplex=$passcomplex+1;}
if (ereg('[^0-9a-zA-Z]',$_POST['npasswd'])) {$passcomplex=$passcomplex+1;}
if ($passcomplex < 2)
{
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=206&ts=202'));
}
//Tentando fazer bind com o dn do usuario
$ldap_conn = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
if (!$ldap_conn)
{
printf("Error: Can't bind to LDAP server!");
die;
}
$dn=$ldap_info[0]['dn'];
//system('echo "'.ldap_errno($ldap_conn).'" >>/tmp/controle');
//Tenta fazer bind no diretorio, se nao conseguir, verifica se a negacao de autenticacao foi por causa de uma expiracao de senhas
//system('echo "Dn para bind: '.$ldap_info[0]['dn'].'" >>/tmp/controle');
if (!ldap_bind($ldap_conn,$ldap_info[0]['dn'],$_POST['passwd']))
{
//Verificando se a negacao de bind foi proveniente de uma expiracao de senha
//system('echo "NAO conseguiu dar bind" >>/tmp/controle');
$now=time();
//Verificando se a senha esta expirada
$expired=false;
if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao']))
{
//system('echo "Atributo de expiracao configurado." >>/tmp/controle');
//system('echo "now: '.$now.'" >>/tmp/controle');
//system('echo "atributo de expiracao: '.strtotime($ldap_info[0][$GLOBALS['phpgw_info']['server']['atributoexpiracao']][0]).'" >>/tmp/controle');
//if (strtotime($ldap_info[0][$GLOBALS['phpgw_info']['server']['atributoexpiracao']][0])<$now)
//system('echo "chegou" >>/tmp/controle');
if (($ldap_info[0]["phpgwaccountexpires"][0]!="-1")&&(strtotime($ldap_info[0]["phpgwaccountexpires"][0])<$now))
{
//system('echo "Encontrou atributo expirado" >>/tmp/controle');
$expired=true;
}
}
else
{
//Se o atributo de expiracao nao estiver configurado pressupoe que eh unixtime (phpgwaccountexpires)
if (($ldap_info[0]["phpgwaccountexpires"][0]!="-1")&&(strtotime($ldap_info[0]["phpgwaccountexpires"][0])<$now))
{
//system('echo "Encontrou atributo expirado - phpgwaccoutexpires" >>/tmp/controle');
$expired=true;
}
}
if ($expired)
{
//A negacao de bind proveio de uma expiracao de senhas.
//Providencia a troca de senhas e, se configurado, também o ajuste do atributo de expiracao.
//system('echo "vai chamar o change_password" >>/tmp/controle');
if($GLOBALS['phpgw']->auth->change_password_user($passwd, $_POST['npasswd'],$dn,true))
{
//A troca de senhas funcionou
//system('echo "Login: troca de senhas OK" >>/tmp/controle');
if($GLOBALS['phpgw_info']['server']['diretorioescravo'])
{
//Tempo necessario para que o slave receba a atualizacao.
sleep(1);
}
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . './logout.php?cd=209');
}
else
{
//Direciona para senha incorreta na tela de troca de senhas
//system('echo "Login: troca de senhas PROBLEMA" >>/tmp/controle');
$GLOBALS['phpgw']->redirect("" . '/login.php?cd=5&ts=202');
}
}
else
{
//A senha digitada estava incorreta
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php?cd=5&ts=202');
}
}
else
{
//Usuario executou autenticacao no diretorio - a expiracao so pode ter vindo de uma politica de expiracao do proprio expresso
//system('echo "SIM conseguiu dar bind" >>/tmp/controle');
if($GLOBALS['phpgw_info']['server']['politicasenhas']=='expresso')
{
//Se a politica de senhas for do Expresso eh necessario verificar se o usuario estah expirado
$now=time();
$common1 = CreateObject('phpgwapi.common');
$ldap_conn1 = $common1->ldapConnect();
if ($GLOBALS['phpgw_info']['server']['num_days_pwd_validate'])
{
$aux=$GLOBALS['phpgw_info']['server']['num_days_pwd_validate'];
}
else
{
$aux=90;
}
//$entry['phpgwaccountexpires'] = $now + ($aux * 86400);
if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao']))
{
if(substr($ldap_info[0][$GLOBALS['phpgw_info']['server']['atributoexpiracao']][0],-1,1) == "Z")
{
if($GLOBALS['phpgw_info']['server']['politicasenhas']=='expresso')
{
//quando a data de expiracao estah no formato yyyymmddhhmmssZ
$entry[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = strftime("%Y%m%d%H%M%SZ", $now + ($aux * 86400));
}
}
else
{
if($GLOBALS['phpgw_info']['server']['politicasenhas']=='expresso')
{
//Outro atributo ldap que, assim como o phpgwaccounttype, tambem contem hora em formato unix
$entry[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = $now + ($aux * 86400);
}
}
}
else
{
//Se a polÃtica for no diretorio nao precisa alterar o atributo de expiracao
if($GLOBALS['phpgw_info']['server']['politicasenhas']=='expresso')
{
$entry['phpgwaccountexpires'] = $now + ($aux * 86400);
}
}
ldap_mod_replace($ldap_conn1,$ldap_info[0]['dn'], $entry);
}
}
Fim da parte usada para alteracao de senha no ExpressoMail
*/
}//Fim do IF do Captcha
//-------------------------------------------------Fim - Adicionado para o Captcha - Fim----------------------------------------------
elseif ($_GET['lang']) {
$GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = $_GET['lang'];
}
elseif(!isset($_COOKIE['last_loginid']) || !$prefs->account_id) {
list($lang) = explode(',',$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = $lang;
}
$tmpl->set_var('cd',check_logoutcode($_GET['cd']));
$tmpl->set_var('charset',$GLOBALS['phpgw']->translation->charset());
$tmpl->set_var('cookie',$last_loginid);
//$tmpl->set_var('lang_username',lang('username'));
$tmpl->set_var('cd',check_logoutcode($_GET['cd']));
$tmpl->set_var('lang_password',lang('password'));
$tmpl->set_var('lang_login',lang('login'));
//---------------------------------Insercao do captcha.php---------------------
if ($_GET['cd'] == '202' || $_GET['cd'] == '98' || $_GET['ts']=='202' || $_GET['cdx']=='202')
{
$tmpl->set_var('cdx','202');
}
// Alterado para utilizar o certificado digital...
// if(!$GLOBALS['certificado']->apresentado)
// {
$tmpl->set_var('lang_username',lang('username'));
$tmpl->set_var('CPF','');
if($GLOBALS['phpgw_info']['server']['captcha'])
{
if ($valor_cookie > $GLOBALS['phpgw_info']['server']['num_badlogin'])
{
$tmpl->set_var('captcha',' | |
'.lang('Code').'-> | |
');
}
}
// }
/* else
{
$tmpl->set_var('nome',''.lang('Certificate owner').': '.$GLOBALS['certificado']->dados['NOME']);
$tmpl->set_var('CPF','');
}*/
//-------------------------Fim da insercao do captcha.php-------------------------
$tmpl->set_var('website_title', $GLOBALS['phpgw_info']['server']['site_title']);
$tmpl->set_var('template_set',$GLOBALS['phpgw_info']['login_template_set']);
$tmpl->set_var('language_select','');
$tmpl->set_var($var);
$tmpl->set_block('login_form','language_select');
$tmpl->pfp('loginout','login_form');
function logout(){
$verified = $GLOBALS['phpgw']->session->verify();
if ($verified)
{
if (file_exists($GLOBALS['phpgw_info']['server']['temp_dir'] . SEP . $GLOBALS['sessionid']))
{
$dh = opendir($GLOBALS['phpgw_info']['server']['temp_dir'] . SEP . $GLOBALS['sessionid']);
while ($file = readdir($dh))
{
if ($file != '.' && $file != '..')
{
unlink($GLOBALS['phpgw_info']['server']['temp_dir'] . SEP . $GLOBALS['sessionid'] . SEP . $file);
}
}
rmdir($GLOBALS['phpgw_info']['server']['temp_dir'] . SEP . $GLOBALS['sessionid']);
}
$GLOBALS['phpgw']->hooks->process('logout');
$GLOBALS['phpgw']->session->destroy($GLOBALS['sessionid'],$GLOBALS['kp3']);
}
}
?>