Context Navigation

source: trunk/login.php @ 219

Revision 219, 15.8 KB checked in by niltonneto, 16 years ago (diff)
Correção para forçar usuário "cair" na página inicial, mesmo que ele tente acessar o /login.php
Property svn:eol-style set to `native` Property svn:executable set to ``*

Line
1	<?php
2	/**************************************************************************\
3	* eGroupWare login *
4	* http://www.egroupware.org *
5	* Originaly written by Dan Kuykendall <seek3r@phpgroupware.org> *
6	* Joseph Engo <jengo@phpgroupware.org> *
7	* Updated by Nilton Emilio Buhrer Neto <niltonneto@celepar.pr.gov.br> *
8	* This program is free software; you can redistribute it and/or modify it *
9	* under the terms of the GNU General Public License as published by the *
10	* Free Software Foundation; either version 2 of the License, or (at your *
11	* option) any later version. *
12	\**************************************************************************/
13
14	$phpgw_info = array();
15	$submit = False; // set to some initial value
16
17	$GLOBALS['phpgw_info']['flags'] = array(
18	'disable_Template_class' => True,
19	'login' => True,
20	'currentapp' => 'login',
21	'noheader' => True
22	);
23
24	if(file_exists('./header.inc.php'))
25	{
26	include('./header.inc.php');
27	// Force location to home, while logged in.
28	if(@$_COOKIE['sessionid'])
29	$GLOBALS['phpgw']->redirect_link('/home.php');
30	if ($GLOBALS['phpgw_info']['server']['use_https'] > 0)
31	{
32	if ($_SERVER['HTTPS'] != 'on')
33	{
34	Header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
35	exit;
36	}
37	}
38
39	if(function_exists('CreateObject'))
40	{
41	$GLOBALS['phpgw']->session = CreateObject('phpgwapi.sessions');
42	}
43	else
44	{
45	Header('Location: setup/index.php');
46	exit;
47	}
48	}
49	else
50	{
51	Header('Location: setup/index.php');
52	exit;
53	}
54
55	$GLOBALS['phpgw_info']['server']['template_dir'] = PHPGW_SERVER_ROOT . '/phpgwapi/templates/' . $GLOBALS['phpgw_info']['login_template_set'];
56	$tmpl = CreateObject('phpgwapi.Template', $GLOBALS['phpgw_info']['server']['template_dir']);
57
58	// read the images from the login-template-set, not the (maybe not even set) users template-set
59	$GLOBALS['phpgw_info']['user']['preferences']['common']['template_set'] = $GLOBALS['phpgw_info']['login_template_set'];
60
61	// This is used for system downtime, to prevent new logins.
62	if($GLOBALS['phpgw_info']['server']['deny_all_logins'])
63	{
64	$deny_msg=lang('Oops! You caught us in the middle of system maintainance.<br/>
65	Please, check back with us shortly.');
66
67	$tmpl->set_file(array
68	(
69	'login_form' => 'login_denylogin.tpl'
70	));
71
72	$tmpl->set_var('template_set','default');
73	$tmpl->set_var('deny_msg',$deny_msg);
74	$tmpl->pfp('loginout','login_form');
75	exit;
76	}
77	$tmpl->set_file(array('login_form' => 'login.tpl'));
78
79	// !! NOTE !!
80	// Do NOT and I repeat, do NOT touch ANYTHING to do with lang in this file.
81	// If there is a problem, tell me and I will fix it. (jengo)
82
83	// whoooo scaring
84
85	// ServerID => Identify the Apache Frontend.
86	if($GLOBALS['phpgw_info']['server']['usecookies'] == True && $GLOBALS['phpgw_info']['server']['use_frontend_id'])
87	{
88	$GLOBALS['phpgw']->session->phpgw_setcookie('serverID', $GLOBALS['phpgw_info']['server']['use_frontend_id']);
89	}
90
91
92	function check_logoutcode($code)
93	{
94	switch($code)
95	{
96	case 1:
97	return lang('You have been successfully logged out');
98
99	case 2:
100	return lang('Sorry, your login has expired');
101
102	case 4:
103	return lang('Cookies are required to login to this site.');
104
105	case 5:
106	return '<font color="FF0000">' . lang('Bad login or password') . '</font>';
107
108	case 6:
109	return '<font color="FF0000">' . lang('Your password has expired, and you do not have access to change it') . '</font>';
110
111	case 98:
112	return '<font color="FF0000">' . lang('Account is expired') . '</font>';
113
114	case 99:
115	return '<font color="FF0000">' . lang('Blocked, too many attempts') . '</font>';
116
117	case 10:
118	$GLOBALS['phpgw']->session->phpgw_setcookie('sessionid');
119	$GLOBALS['phpgw']->session->phpgw_setcookie('kp3');
120	$GLOBALS['phpgw']->session->phpgw_setcookie('domain');
121
122	//fix for bug php4 expired sessions bug
123	if($GLOBALS['phpgw_info']['server']['sessions_type'] == 'php4')
124	{
125	$GLOBALS['phpgw']->session->phpgw_setcookie(PHPGW_PHPSESSID);
126	}
127
128	return '<font color="#FF0000">' . lang('Your session could not be verified.') . '</font>';
129
130	default:
131	return ' ';
132	}
133	}
134
135	/* Program starts here */
136
137	if($GLOBALS['phpgw_info']['server']['auth_type'] == 'http' && isset($_SERVER['PHP_AUTH_USER']))
138	{
139	$submit = True;
140	$login = $_SERVER['PHP_AUTH_USER'];
141	$passwd = $_SERVER['PHP_AUTH_PW'];
142	$passwd_type = 'text';
143	}
144	else
145	{
146	$passwd = $_POST['passwd'];
147	$passwd_type = $_POST['passwd_type'];
148	}
149
150	# Apache + mod_ssl style SSL certificate authentication
151	# Certificate (chain) verification occurs inside mod_ssl
152	if($GLOBALS['phpgw_info']['server']['auth_type'] == 'sqlssl' && isset($_SERVER['SSL_CLIENT_S_DN']) && !isset($_GET['cd']))
153	{
154	# an X.509 subject looks like:
155	# /CN=john.doe/OU=Department/O=Company/C=xx/Email=john@comapy.tld/L=City/
156	# the username is deliberately lowercase, to ease LDAP integration
157	$sslattribs = explode('/',$_SERVER['SSL_CLIENT_S_DN']);
158	# skip the part in front of the first '/' (nothing)
159	while($sslattrib = next($sslattribs))
160	{
161	list($key,$val) = explode('=',$sslattrib);
162	$sslattributes[$key] = $val;
163	}
164
165	if(isset($sslattributes['Email']))
166	{
167	$submit = True;
168
169	# login will be set here if the user logged out and uses a different username with
170	# the same SSL-certificate.
171	if(!isset($_POST['login'])&&isset($sslattributes['Email']))
172	{
173	$login = $sslattributes['Email'];
174	# not checked against the database, but delivered to authentication module
175	$passwd = $_SERVER['SSL_CLIENT_S_DN'];
176	}
177	}
178	unset($key);
179	unset($val);
180	unset($sslattributes);
181	}
182
183	if(isset($passwd_type) \|\| $_POST['submitit_x'] \|\| $_POST['submitit_y'] \|\| $submit)
184	{
185	///// Início - Código temporário: Para renomeação de login com organização para sem. //////
186	/* $common = CreateObject('phpgwapi.common');
187	$ldap_conn = $common->ldapConnect();
188	$justthese = array("uid");
189	$filter="(&(phpgwAccountType=u)(uid=".$_POST['user']."))";
190	$ldap_search = ldap_search($ldap_conn, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
191	$ldap_info = ldap_get_entries($ldap_conn, $ldap_search);
192	if ($ldap_info['count'] != 0) // Verifica se o login existe sem organização.
193	{
194	$_POST['login'] = $_POST['user'];
195	}
196	ldap_close($ldap_conn);*/
197	/// Fim - Código temporário: Para renomeação de login com organização para sem. //////
198	if(getenv('REQUEST_METHOD') != 'POST' && $_SERVER['REQUEST_METHOD'] != 'POST' &&
199	!isset($_SERVER['PHP_AUTH_USER']) && !isset($_SERVER['SSL_CLIENT_S_DN']))
200	{
201	$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=5'));
202	}
203
204	// don't get login data again when $submit is true
205	if($submit == false)
206	{
207	$login = $_POST['login'];
208	}
209
210	if(strstr($login,'@') === False && isset($_POST['logindomain']))
211	{
212	$login .= '@' . $_POST['logindomain'];
213	}
214	elseif(!isset($GLOBALS['phpgw_domain'][$GLOBALS['phpgw_info']['user']['domain']]))
215	{
216	$login .= '@'.$GLOBALS['phpgw_info']['server']['default_domain'];
217	}
218	$GLOBALS['sessionid'] = $GLOBALS['phpgw']->session->create(strtolower($login),$passwd,$passwd_type,'u');
219
220	if(!isset($GLOBALS['sessionid']) \|\| ! $GLOBALS['sessionid'])
221	{
222	$GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php?cd=' . $GLOBALS['phpgw']->session->cd_reason);
223	}
224	else
225	{
226	if ($_POST['lang'] && preg_match('/^[a-z]{2}(-[a-z]{2}){0,1}$/',$_POST['lang']) &&
227	$_POST['lang'] != $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'])
228	{
229	$GLOBALS['phpgw']->preferences->add('common','lang',$_POST['lang'],'session');
230	}
231
232	if(!$GLOBALS['phpgw_info']['server']['disable_autoload_langfiles'])
233	{
234	$GLOBALS['phpgw']->translation->autoload_changed_langfiles();
235	}
236	$forward = isset($_GET['phpgw_forward']) ? urldecode($_GET['phpgw_forward']) : @$_POST['phpgw_forward'];
237	if (!$forward)
238	{
239	$extra_vars['cd'] = 'yes';
240	$forward = '/home.php';
241	}
242	else
243	{
244	list($forward,$extra_vars) = explode('?',$forward,2);
245	}
246	if ($GLOBALS['phpgw_info']['server']['use_https'] != 2)
247	{
248	$forward = 'http://'.$_SERVER['HTTP_HOST'].($GLOBALS['phpgw']->link($forward.'?cd=yes'));
249	echo "<script language='Javascript1.3'>location.href='".$forward."'</script>";
250	}
251	else
252	{
253	$GLOBALS['phpgw']->redirect_link($forward,$extra_vars);
254	}
255	}
256	}
257	else
258	{
259	// !!! DONT CHANGE THESE LINES !!!
260	// If there is something wrong with this code TELL ME!
261	// Commenting out the code will not fix it. (jengo)
262	if(isset($_COOKIE['last_loginid']))
263	{
264	$accounts = CreateObject('phpgwapi.accounts');
265	$prefs = CreateObject('phpgwapi.preferences', $accounts->name2id($_COOKIE['last_loginid']));
266
267	if($prefs->account_id)
268	{
269	$GLOBALS['phpgw_info']['user']['preferences'] = $prefs->read_repository();
270	}
271	}
272	if ($_GET['lang'])
273	{
274	$GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = $_GET['lang'];
275	}
276	elseif(!isset($_COOKIE['last_loginid']) \|\| !$prefs->account_id)
277	{
278	// If the lastloginid cookies isn't set, we will default to the first language,
279	// the users browser accepts.
280	list($lang) = explode(',',$_SERVER['HTTP_ACCEPT_LANGUAGE']);
281	/*
282	if(strlen($lang) > 2)
283	{
284	$lang = substr($lang,0,2);
285	}
286	*/
287	$GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = $lang;
288	}
289	#print 'LANG:' . $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] . '<br>';
290
291	$GLOBALS['phpgw']->translation->init(); // this will set the language according to the (new) set prefs
292	$GLOBALS['phpgw']->translation->add_app('login');
293	$GLOBALS['phpgw']->translation->add_app('loginscreen');
294	if(lang('loginscreen_message') == 'loginscreen_message*')
295	{
296	$GLOBALS['phpgw']->translation->add_app('loginscreen','en'); // trying the en one
297	}
298	if(lang('loginscreen_message') != 'loginscreen_message*')
299	{
300	$tmpl->set_var('lang_message',stripslashes(lang('loginscreen_message')));
301	}
302	}
303
304	if($GLOBALS['phpgw_info']['server']['use_prefix_organization'])
305	{
306	$organization_select = "<tr><td width=\"66\" class=\"loginLabel\">";
307	$organization_select .= lang("organization").":</td>";
308	$organization_select .="<td width=\"135\">";
309	$organization_select .="<select name=\"organization\">\n";
310
311	$obj_organization = CreateObject('phpgwapi.sector_search_ldap');
312	$organizations = $obj_organization->organization_search($GLOBALS['phpgw_info']['server']['ldap_context']);
313
314	for ($i=0; $i<count($organizations); $i++)
315	{
316	$tmp_array[strtolower($organizations[$i])] = $organizations[$i];
317	}
318
319	$arrayOrganization = $tmp_array;
320	ksort($arrayOrganization);
321
322	foreach($arrayOrganization
323	as $organization_name => $organization_vars)
324	{
325	$organization_select .= '<option value="' . $organization_name . '"';
326
327	if($organization_name == $_COOKIE['last_organization'])
328	{
329	$organization_select .= ' selected';
330	}
331	$organization_select .= '>' . $organization_vars . "</option>\n";
332	}
333	$organization_select .= "</select>\n";
334	$organization_select .="</td><td> </td></tr>";
335	$tmpl->set_var('select_organization',$organization_select);
336	}
337
338	$domain_select = ' ';
339	$last_loginid = $_COOKIE['last_loginid'];
340	if($GLOBALS['phpgw_info']['server']['show_domain_selectbox'])
341	{
342	$domain_select = "<select name=\"logindomain\">\n";
343	foreach($GLOBALS['phpgw_domain'] as $domain_name => $domain_vars)
344	{
345	$domain_select .= '<option value="' . $domain_name . '"';
346
347	if($domain_name == $_COOKIE['last_domain'])
348	{
349	$domain_select .= ' selected';
350	}
351	$domain_select .= '>' . $domain_name . "</option>\n";
352	}
353	$domain_select .= "</select>\n";
354	}
355	elseif($last_loginid !== '')
356	{
357	reset($GLOBALS['phpgw_domain']);
358	list($default_domain) = each($GLOBALS['phpgw_domain']);
359
360	if($_COOKIE['last_domain'] != $default_domain && !empty($_COOKIE['last_domain']))
361	{
362	$last_loginid .= '@' . $_COOKIE['last_domain'];
363	}
364	}
365	$tmpl->set_var('select_domain',$domain_select);
366
367	foreach($_GET as $name => $value)
368	{
369	if(ereg('phpgw_',$name))
370	{
371	$extra_vars .= '&' . $name . '=' . urlencode($value);
372	}
373	}
374
375	if($extra_vars)
376	{
377	$extra_vars = '?' . substr($extra_vars,1);
378	}
379
380	/********************************************************\
381	* Check is the registration app is installed, activated *
382	* And if the register link must be placed *
383	\********************************************************/
384
385	$cnf_reg = createobject('phpgwapi.config','registration');
386	$cnf_reg->read_repository();
387	$config_reg = $cnf_reg->config_data;
388
389	if($config_reg[enable_registration]=='True' && $config_reg[register_link]=='True')
390	{
391	$reg_link=' <a href="registration/">'.lang('Not a user yet? Register now').'</a><br/>';
392	}
393
394	$GLOBALS['phpgw_info']['server']['template_set'] = $GLOBALS['phpgw_info']['login_template_set'];
395
396	$tmpl->set_var('register_link',$reg_link);
397	$tmpl->set_var('charset',$GLOBALS['phpgw']->translation->charset());
398	$tmpl->set_var('login_url', $GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php' . $extra_vars);
399	$tmpl->set_var('registration_url',$GLOBALS['phpgw_info']['server']['webserver_url'] . '/registration/');
400	$tmpl->set_var('version',$GLOBALS['phpgw_info']['server']['versions']['phpgwapi']);
401	$tmpl->set_var('cd',check_logoutcode($_GET['cd']));
402	$tmpl->set_var('cookie',$last_loginid);
403
404	$tmpl->set_var('lang_username',lang('username'));
405	$tmpl->set_var('lang_password',lang('password'));
406	$tmpl->set_var('lang_login',lang('login'));
407
408	$tmpl->set_var('website_title', $GLOBALS['phpgw_info']['server']['site_title']);
409	$tmpl->set_var('template_set',$GLOBALS['phpgw_info']['login_template_set']);
410	$tmpl->set_var('bg_color',($GLOBALS['phpgw_info']['server']['login_bg_color']?$GLOBALS['phpgw_info']['server']['login_bg_color']:'FFFFFF'));
411	$tmpl->set_var('bg_color_title',($GLOBALS['phpgw_info']['server']['login_bg_color_title']?$GLOBALS['phpgw_info']['server']['login_bg_color_title']:'486591'));
412
413	if($GLOBALS['phpgw_info']['server']['use_frontend_name'])
414	$tmpl->set_var('frontend_name', " - ".$GLOBALS['phpgw_info']['server']['use_frontend_name']);
415
416	if (substr($GLOBALS['phpgw_info']['server']['login_logo_file'],0,4) == 'http')
417	{
418	$var['logo_file'] = $GLOBALS['phpgw_info']['server']['login_logo_file'];
419	}
420	else
421	{
422	$var['logo_file'] = $GLOBALS['phpgw']->common->image('phpgwapi',$GLOBALS['phpgw_info']['server']['login_logo_file']?$GLOBALS['phpgw_info']['server']['login_logo_file']:'logo');
423	}
424	$var['logo_url'] = $GLOBALS['phpgw_info']['server']['login_logo_url']?$GLOBALS['phpgw_info']['server']['login_logo_url']:'http://www.eGroupWare.org';
425	if (substr($var['logo_url'],0,4) != 'http')
426	{
427	$var['logo_url'] = 'http://'.$var['logo_url'];
428	}
429	$var['logo_title'] = $GLOBALS['phpgw_info']['server']['login_logo_title']?$GLOBALS['phpgw_info']['server']['login_logo_title']:'www.eGroupWare.org';
430	$tmpl->set_var($var);
431
432	if (@$GLOBALS['phpgw_info']['server']['login_show_language_selection'])
433	{
434	$select_lang = '<select name="lang" onchange="'."location.href=location.href+(location.search?'&':'?')+'lang='+this.value".'">';
435	$langs = $GLOBALS['phpgw']->translation->get_installed_langs();
436	uasort($langs,'strcasecmp');
437	foreach ($langs as $key => $name) // if we have a translation use it
438	{
439	$select_lang .= "\n\t".'<option value="'.$key.'"'.($key == $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] ? ' selected="1"' : '').'>'.$name.'</option>';
440	}
441	$select_lang .= "\n</select>\n";
442	$tmpl->set_var(array(
443	'lang_language' => lang('Language'),
444	'select_language' => $select_lang,
445	));
446	}
447	else
448	{
449	$tmpl->set_block('login_form','language_select');
450	$tmpl->set_var('language_select','');
451	}
452
453	$tmpl->set_var('autocomplete', ($GLOBALS['phpgw_info']['server']['autocomplete_login'] ? 'autocomplete="off"' : ''));
454
455	$tmpl->pfp('loginout','login_form');
456	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: