Context Navigation

source: trunk/login.php @ 2

Revision 2, 16.0 KB checked in by niltonneto, 17 years ago (diff)
Removida todas as tags usadas pelo CVS ($Id, $Source). Primeira versão no CVS externo.
Property svn:eol-style set to `native` Property svn:executable set to ``*

Line
1	<?php
2	/**************************************************************************\
3	* eGroupWare login *
4	* http://www.egroupware.org *
5	* Originaly written by Dan Kuykendall <seek3r@phpgroupware.org> *
6	* Joseph Engo <jengo@phpgroupware.org> *
7	* -------------------------------------------- *
8	* This program is free software; you can redistribute it and/or modify it *
9	* under the terms of the GNU General Public License as published by the *
10	* Free Software Foundation; either version 2 of the License, or (at your *
11	* option) any later version. *
12	\**************************************************************************/
13
14	$phpgw_info = array();
15	$submit = False; // set to some initial value
16
17	$GLOBALS['phpgw_info']['flags'] = array(
18	'disable_Template_class' => True,
19	'login' => True,
20	'currentapp' => 'login',
21	'noheader' => True
22	);
23
24	if(file_exists('./header.inc.php'))
25	{
26	include('./header.inc.php');
27	if ($GLOBALS['phpgw_info']['server']['use_https'] > 0)
28	{
29	if ($_SERVER['HTTPS'] != 'on')
30	{
31	Header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
32	exit;
33	}
34	}
35
36	if(function_exists('CreateObject'))
37	{
38	$GLOBALS['phpgw']->session = CreateObject('phpgwapi.sessions');
39	}
40	else
41	{
42	Header('Location: setup/index.php');
43	exit;
44	}
45	}
46	else
47	{
48	Header('Location: setup/index.php');
49	exit;
50	}
51
52	$GLOBALS['phpgw_info']['server']['template_dir'] = PHPGW_SERVER_ROOT . '/phpgwapi/templates/' . $GLOBALS['phpgw_info']['login_template_set'];
53	$tmpl = CreateObject('phpgwapi.Template', $GLOBALS['phpgw_info']['server']['template_dir']);
54
55	// read the images from the login-template-set, not the (maybe not even set) users template-set
56	$GLOBALS['phpgw_info']['user']['preferences']['common']['template_set'] = $GLOBALS['phpgw_info']['login_template_set'];
57
58	// This is used for system downtime, to prevent new logins.
59	if($GLOBALS['phpgw_info']['server']['deny_all_logins'])
60	{
61	$deny_msg=lang('Oops! You caught us in the middle of system maintainance.<br/>
62	Please, check back with us shortly.');
63
64	$tmpl->set_file(array
65	(
66	'login_form' => 'login_denylogin.tpl'
67	));
68
69	$tmpl->set_var('template_set','default');
70	$tmpl->set_var('deny_msg',$deny_msg);
71	$tmpl->pfp('loginout','login_form');
72	exit;
73	}
74	$tmpl->set_file(array('login_form' => 'login.tpl'));
75
76	// !! NOTE !!
77	// Do NOT and I repeat, do NOT touch ANYTHING to do with lang in this file.
78	// If there is a problem, tell me and I will fix it. (jengo)
79
80	// whoooo scaring
81
82	if($GLOBALS['phpgw_info']['server']['usecookies'] == True)
83	{
84	$GLOBALS['phpgw']->session->phpgw_setcookie('serverID', '1024');
85	//GLOBALS['phpgw']->session->phpgw_setcookie('eGroupWareLoginTime', time());
86	}
87
88	/*
89	if($_GET['cd'] != 10 && $GLOBALS['phpgw_info']['server']['usecookies'] == False)
90	{
91	$GLOBALS['phpgw']->session->setcookie('sessionid');
92	$GLOBALS['phpgw']->session->setcookie('kp3');
93	$GLOBALS['phpgw']->session->setcookie('domain');
94	}
95	*/
96
97	/* This is not working yet because I need to figure out a way to clear the $cd =1
98	if(isset($_SERVER['PHP_AUTH_USER']) && $_GET['cd'] == '1')
99	{
100	Header('HTTP/1.0 401 Unauthorized');
101	Header('WWW-Authenticate: Basic realm="phpGroupWare"');
102	echo 'You have to re-authentificate yourself';
103	exit;
104	}
105	*/
106
107	function check_logoutcode($code)
108	{
109	switch($code)
110	{
111	case 1:
112	return lang('You have been successfully logged out');
113	break;
114	case 2:
115	return lang('Sorry, your login has expired');
116	break;
117	case 4:
118	return lang('Cookies are required to login to this site.');
119	break;
120	case 5:
121	return '<font color="FF0000">' . lang('Bad login or password') . '</font>';
122	break;
123	case 98:
124	return '<font color="FF0000">' . lang('Account is expired') . '</font>';
125	break;
126	case 99:
127	return '<font color="FF0000">' . lang('Blocked, too many attempts') . '</font>';
128	break;
129	case 10:
130	$GLOBALS['phpgw']->session->phpgw_setcookie('sessionid');
131	$GLOBALS['phpgw']->session->phpgw_setcookie('kp3');
132	$GLOBALS['phpgw']->session->phpgw_setcookie('domain');
133
134	//fix for bug php4 expired sessions bug
135	if($GLOBALS['phpgw_info']['server']['sessions_type'] == 'php4')
136	{
137	$GLOBALS['phpgw']->session->phpgw_setcookie(PHPGW_PHPSESSID);
138	}
139
140	return '<font color="#FF0000">' . lang('Your session could not be verified.') . '</font>';
141	break;
142	default:
143	return ' ';
144	}
145	}
146
147	/* Program starts here */
148
149	if($GLOBALS['phpgw_info']['server']['auth_type'] == 'http' && isset($_SERVER['PHP_AUTH_USER']))
150	{
151	$submit = True;
152	$login = $_SERVER['PHP_AUTH_USER'];
153	$passwd = $_SERVER['PHP_AUTH_PW'];
154	$passwd_type = 'text';
155	}
156	else
157	{
158	$passwd = $_POST['passwd'];
159	$passwd_type = $_POST['passwd_type'];
160	}
161
162	# Apache + mod_ssl style SSL certificate authentication
163	# Certificate (chain) verification occurs inside mod_ssl
164	if($GLOBALS['phpgw_info']['server']['auth_type'] == 'sqlssl' && isset($_SERVER['SSL_CLIENT_S_DN']) && !isset($_GET['cd']))
165	{
166	# an X.509 subject looks like:
167	# /CN=john.doe/OU=Department/O=Company/C=xx/Email=john@comapy.tld/L=City/
168	# the username is deliberately lowercase, to ease LDAP integration
169	$sslattribs = explode('/',$_SERVER['SSL_CLIENT_S_DN']);
170	# skip the part in front of the first '/' (nothing)
171	while($sslattrib = next($sslattribs))
172	{
173	list($key,$val) = explode('=',$sslattrib);
174	$sslattributes[$key] = $val;
175	}
176
177	if(isset($sslattributes['Email']))
178	{
179	$submit = True;
180
181	# login will be set here if the user logged out and uses a different username with
182	# the same SSL-certificate.
183	if(!isset($_POST['login'])&&isset($sslattributes['Email']))
184	{
185	$login = $sslattributes['Email'];
186	# not checked against the database, but delivered to authentication module
187	$passwd = $_SERVER['SSL_CLIENT_S_DN'];
188	}
189	}
190	unset($key);
191	unset($val);
192	unset($sslattributes);
193	}
194
195	if(isset($passwd_type) \|\| $_POST['submitit_x'] \|\| $_POST['submitit_y'] \|\| $submit)
196	{
197	// TEMPORÁRIO, Login com ou sem organização ////////////////////////////////////////////////////
198	$common = CreateObject('phpgwapi.common');
199	$ldap_conn = $common->ldapConnect();
200	$justthese = array("uid");
201	$filter="(&(phpgwAccountType=u)(uid=".$_POST['user']."))";
202	$ldap_search = ldap_search($ldap_conn, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
203	$ldap_info = ldap_get_entries($ldap_conn, $ldap_search);
204	if ($ldap_info['count'] != 0) //Usuário SEM ORG EXISTE.
205	{
206	$_POST['login'] = $_POST['user'];
207	}
208	ldap_close($ldap_conn);
209	// TEMPORÁRIO, Login com ou sem organização ////////////////////////////////////////////////////
210
211	if(getenv('REQUEST_METHOD') != 'POST' && $_SERVER['REQUEST_METHOD'] != 'POST' &&
212	!isset($_SERVER['PHP_AUTH_USER']) && !isset($_SERVER['SSL_CLIENT_S_DN']))
213	{
214	$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=5'));
215	}
216	#if(!isset($_COOKIE['eGroupWareLoginTime']))
217	#{
218	# $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=4'));
219	#}
220
221	// don't get login data again when $submit is true
222	if($submit == false)
223	{
224	$login = $_POST['login'];
225	}
226
227	if(strstr($login,'@') === False && isset($_POST['logindomain']))
228	{
229	$login .= '@' . $_POST['logindomain'];
230	}
231	elseif(!isset($GLOBALS['phpgw_domain'][$GLOBALS['phpgw_info']['user']['domain']]))
232	{
233	$login .= '@'.$GLOBALS['phpgw_info']['server']['default_domain'];
234	}
235	$GLOBALS['sessionid'] = $GLOBALS['phpgw']->session->create(strtolower($login),$passwd,$passwd_type,'u');
236
237	if(!isset($GLOBALS['sessionid']) \|\| ! $GLOBALS['sessionid'])
238	{
239	$GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php?cd=' . $GLOBALS['phpgw']->session->cd_reason);
240	}
241	else
242	{
243	if ($_POST['lang'] && preg_match('/^[a-z]{2}(-[a-z]{2}){0,1}$/',$_POST['lang']) &&
244	$_POST['lang'] != $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'])
245	{
246	$GLOBALS['phpgw']->preferences->add('common','lang',$_POST['lang'],'session');
247	}
248
249	if(!$GLOBALS['phpgw_info']['server']['disable_autoload_langfiles'])
250	{
251	$GLOBALS['phpgw']->translation->autoload_changed_langfiles();
252	}
253	$forward = isset($_GET['phpgw_forward']) ? urldecode($_GET['phpgw_forward']) : @$_POST['phpgw_forward'];
254	if (!$forward)
255	{
256	$extra_vars['cd'] = 'yes';
257	$forward = '/home.php';
258	}
259	else
260	{
261	list($forward,$extra_vars) = explode('?',$forward,2);
262	}
263	if ($GLOBALS['phpgw_info']['server']['use_https'] != 2)
264	{
265	$forward = 'http://'.$_SERVER['HTTP_HOST'].($GLOBALS['phpgw']->link($forward.'?cd=yes'));
266	echo "<script language='Javascript1.3'>location.href='".$forward."'</script>";
267	}
268	else
269	{
270	$GLOBALS['phpgw']->redirect_link($forward,$extra_vars);
271	}
272	}
273	}
274	else
275	{
276	// !!! DONT CHANGE THESE LINES !!!
277	// If there is something wrong with this code TELL ME!
278	// Commenting out the code will not fix it. (jengo)
279	if(isset($_COOKIE['last_loginid']))
280	{
281	$accounts = CreateObject('phpgwapi.accounts');
282	$prefs = CreateObject('phpgwapi.preferences', $accounts->name2id($_COOKIE['last_loginid']));
283
284	if($prefs->account_id)
285	{
286	$GLOBALS['phpgw_info']['user']['preferences'] = $prefs->read_repository();
287	}
288	}
289	if ($_GET['lang'])
290	{
291	$GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = $_GET['lang'];
292	}
293	elseif(!isset($_COOKIE['last_loginid']) \|\| !$prefs->account_id)
294	{
295	// If the lastloginid cookies isn't set, we will default to the first language,
296	// the users browser accepts.
297	list($lang) = explode(',',$_SERVER['HTTP_ACCEPT_LANGUAGE']);
298	if(strlen($lang) > 2)
299	{
300	$lang = substr($lang,0,2);
301	}
302	$GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = $lang;
303	}
304	#print 'LANG:' . $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] . '<br>';
305
306	$GLOBALS['phpgw']->translation->init(); // this will set the language according to the (new) set prefs
307	$GLOBALS['phpgw']->translation->add_app('login');
308	$GLOBALS['phpgw']->translation->add_app('loginscreen');
309	if(lang('loginscreen_message') == 'loginscreen_message*')
310	{
311	$GLOBALS['phpgw']->translation->add_app('loginscreen','en'); // trying the en one
312	}
313	if(lang('loginscreen_message') != 'loginscreen_message*')
314	{
315	$tmpl->set_var('lang_message',stripslashes(lang('loginscreen_message')));
316	}
317	}
318
319	if($GLOBALS['phpgw_info']['server']['use_prefix_organization'])
320	{
321	$organization_select = "<tr><td width=\"66\" class=\"loginLabel\">";
322	$organization_select .= lang("organization").":</td>";
323	$organization_select .="<td width=\"135\">";
324	$organization_select .="<select name=\"organization\">\n";
325
326	$obj_organization = CreateObject('phpgwapi.sector_search_ldap');
327	$organizations = $obj_organization->organization_search($GLOBALS['phpgw_info']['server']['ldap_context']);
328
329	for ($i=0; $i<count($organizations); $i++)
330	{
331	$tmp_array[strtolower($organizations[$i])] = $organizations[$i];
332	}
333
334	$arrayOrganization = $tmp_array;
335	ksort($arrayOrganization);
336
337	foreach($arrayOrganization
338	as $organization_name => $organization_vars)
339	{
340	$organization_select .= '<option value="' . $organization_name . '"';
341
342	if($organization_name == $_COOKIE['last_organization'])
343	{
344	$organization_select .= ' selected';
345	}
346	$organization_select .= '>' . $organization_vars . "</option>\n";
347	}
348	$organization_select .= "</select>\n";
349	$organization_select .="</td><td> </td></tr>";
350	$tmpl->set_var('select_organization',$organization_select);
351	}
352
353	$domain_select = ' ';
354	$last_loginid = $_COOKIE['last_loginid'];
355	if($GLOBALS['phpgw_info']['server']['show_domain_selectbox'])
356	{
357	$domain_select = "<select name=\"logindomain\">\n";
358	foreach($GLOBALS['phpgw_domain'] as $domain_name => $domain_vars)
359	{
360	$domain_select .= '<option value="' . $domain_name . '"';
361
362	if($domain_name == $_COOKIE['last_domain'])
363	{
364	$domain_select .= ' selected';
365	}
366	$domain_select .= '>' . $domain_name . "</option>\n";
367	}
368	$domain_select .= "</select>\n";
369	}
370	elseif($last_loginid !== '')
371	{
372	reset($GLOBALS['phpgw_domain']);
373	list($default_domain) = each($GLOBALS['phpgw_domain']);
374
375	if($_COOKIE['last_domain'] != $default_domain && !empty($_COOKIE['last_domain']))
376	{
377	$last_loginid .= '@' . $_COOKIE['last_domain'];
378	}
379	}
380	$tmpl->set_var('select_domain',$domain_select);
381
382	foreach($_GET as $name => $value)
383	{
384	if(ereg('phpgw_',$name))
385	{
386	$extra_vars .= '&' . $name . '=' . urlencode($value);
387	}
388	}
389
390	if($extra_vars)
391	{
392	$extra_vars = '?' . substr($extra_vars,1);
393	}
394
395	/********************************************************\
396	* Check is the registration app is installed, activated *
397	* And if the register link must be placed *
398	\********************************************************/
399
400	$cnf_reg = createobject('phpgwapi.config','registration');
401	$cnf_reg->read_repository();
402	$config_reg = $cnf_reg->config_data;
403
404	if($config_reg[enable_registration]=='True' && $config_reg[register_link]=='True')
405	{
406	$reg_link=' <a href="registration/">'.lang('Not a user yet? Register now').'</a><br/>';
407	}
408
409	$GLOBALS['phpgw_info']['server']['template_set'] = $GLOBALS['phpgw_info']['login_template_set'];
410
411	$tmpl->set_var('register_link',$reg_link);
412	$tmpl->set_var('charset',$GLOBALS['phpgw']->translation->charset());
413	$tmpl->set_var('login_url', $GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php' . $extra_vars);
414	$tmpl->set_var('registration_url',$GLOBALS['phpgw_info']['server']['webserver_url'] . '/registration/');
415	$tmpl->set_var('version',$GLOBALS['phpgw_info']['server']['versions']['phpgwapi']);
416	$tmpl->set_var('cd',check_logoutcode($_GET['cd']));
417	$tmpl->set_var('cookie',$last_loginid);
418
419	$tmpl->set_var('lang_username',lang('username'));
420	$tmpl->set_var('lang_password',lang('password'));
421	$tmpl->set_var('lang_login',lang('login'));
422
423	$tmpl->set_var('website_title', $GLOBALS['phpgw_info']['server']['site_title']);
424	$tmpl->set_var('template_set',$GLOBALS['phpgw_info']['login_template_set']);
425	$tmpl->set_var('bg_color',($GLOBALS['phpgw_info']['server']['login_bg_color']?$GLOBALS['phpgw_info']['server']['login_bg_color']:'FFFFFF'));
426	$tmpl->set_var('bg_color_title',($GLOBALS['phpgw_info']['server']['login_bg_color_title']?$GLOBALS['phpgw_info']['server']['login_bg_color_title']:'486591'));
427
428	if (substr($GLOBALS['phpgw_info']['server']['login_logo_file'],0,4) == 'http')
429	{
430	$var['logo_file'] = $GLOBALS['phpgw_info']['server']['login_logo_file'];
431	}
432	else
433	{
434	$var['logo_file'] = $GLOBALS['phpgw']->common->image('phpgwapi',$GLOBALS['phpgw_info']['server']['login_logo_file']?$GLOBALS['phpgw_info']['server']['login_logo_file']:'logo');
435	}
436	$var['logo_url'] = $GLOBALS['phpgw_info']['server']['login_logo_url']?$GLOBALS['phpgw_info']['server']['login_logo_url']:'http://www.eGroupWare.org';
437	if (substr($var['logo_url'],0,4) != 'http')
438	{
439	$var['logo_url'] = 'http://'.$var['logo_url'];
440	}
441	$var['logo_title'] = $GLOBALS['phpgw_info']['server']['login_logo_title']?$GLOBALS['phpgw_info']['server']['login_logo_title']:'www.eGroupWare.org';
442	$tmpl->set_var($var);
443
444	if (@$GLOBALS['phpgw_info']['server']['login_show_language_selection'])
445	{
446	$select_lang = '<select name="lang" onchange="'."location.href=location.href+(location.search?'&':'?')+'lang='+this.value".'">';
447	$langs = $GLOBALS['phpgw']->translation->get_installed_langs();
448	uasort($langs,'strcasecmp');
449	foreach ($langs as $key => $name) // if we have a translation use it
450	{
451	$select_lang .= "\n\t".'<option value="'.$key.'"'.($key == $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] ? ' selected="1"' : '').'>'.$name.'</option>';
452	}
453	$select_lang .= "\n</select>\n";
454	$tmpl->set_var(array(
455	'lang_language' => lang('Language'),
456	'select_language' => $select_lang,
457	));
458	}
459	else
460	{
461	$tmpl->set_block('login_form','language_select');
462	$tmpl->set_var('language_select','');
463	}
464
465	$tmpl->set_var('autocomplete', ($GLOBALS['phpgw_info']['server']['autocomplete_login'] ? 'autocomplete="off"' : ''));
466
467	$tmpl->pfp('loginout','login_form');
468	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: