Changeset 1042 for trunk/login.php
- Timestamp:
- 06/23/09 14:27:31 (15 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/login.php
r222 r1042 1 1 <?php 2 //Valida a existencia do cookie, antes de grava-lo 3 if(isset($_COOKIE['contador'])) { 4 $valor_cookie = $_COOKIE['contador']; 5 if($_POST['user'] && $_POST['passwd']) 6 { 7 $valor_cookie = $valor_cookie + 1; 8 setcookie("contador", $valor_cookie,0); 9 } 10 } 11 //Cookie inexistente: tenta gravar um 12 else 13 { 14 if (setcookie("contador", 1,0)) 15 //echo "OK, cookie gravado."; 16 $valor_cookie = 1; 17 else 18 //echo "Nao gravou o cookie"; 19 $valor_cookie = "9999"; // forca captcha 20 } 21 // logout, inicia contador novamente..... 22 if($_GET['cd']=='1' || $_COOKIE['sessionid'] || $_GET['cd'] == 10) 23 { 24 $valor_cookie = 1; 25 setcookie("contador", 1,0); 26 } 27 2 28 /**************************************************************************\ 3 29 * eGroupWare login * … … 90 116 } 91 117 118 $login_include = $GLOBALS['phpgw_info']['server']['template_dir'] . '/login_' . $GLOBALS['phpgw_info']['login_template_set'] . '.php'; 92 119 93 function check_logoutcode($code)120 if(!$login_include || !file_exists($login_include)) 94 121 { 95 switch($code) 96 { 97 case 1: 98 return lang('You have been successfully logged out'); 99 100 case 2: 101 return lang('Sorry, your login has expired'); 102 103 case 4: 104 return lang('Cookies are required to login to this site.'); 105 106 case 5: 107 return '<font color="FF0000">' . lang('Bad login or password') . '</font>'; 108 109 case 6: 110 return '<font color="FF0000">' . lang('Your password has expired, and you do not have access to change it') . '</font>'; 111 112 case 98: 113 return '<font color="FF0000">' . lang('Account is expired') . '</font>'; 114 115 case 99: 116 return '<font color="FF0000">' . lang('Blocked, too many attempts') . '</font>'; 117 118 case 10: 119 $GLOBALS['phpgw']->session->phpgw_setcookie('sessionid'); 120 $GLOBALS['phpgw']->session->phpgw_setcookie('kp3'); 121 $GLOBALS['phpgw']->session->phpgw_setcookie('domain'); 122 123 //fix for bug php4 expired sessions bug 124 if($GLOBALS['phpgw_info']['server']['sessions_type'] == 'php4') 125 { 126 $GLOBALS['phpgw']->session->phpgw_setcookie(PHPGW_PHPSESSID); 127 } 128 129 return '<font color="#FF0000">' . lang('Your session could not be verified.') . '</font>'; 130 131 default: 132 return ' '; 133 } 134 } 135 136 /* Program starts here */ 137 138 if($GLOBALS['phpgw_info']['server']['auth_type'] == 'http' && isset($_SERVER['PHP_AUTH_USER'])) 139 { 140 $submit = True; 141 $login = $_SERVER['PHP_AUTH_USER']; 142 $passwd = $_SERVER['PHP_AUTH_PW']; 143 $passwd_type = 'text'; 144 } 145 else 146 { 147 $passwd = $_POST['passwd']; 148 $passwd_type = $_POST['passwd_type']; 122 $aux = explode('phpgwapi',$GLOBALS['phpgw_info']['server']['template_dir']); 123 $login_include = $aux[0] . 'phpgwapi/templates/default/login_default.php'; 149 124 } 150 125 151 # Apache + mod_ssl style SSL certificate authentication 152 # Certificate (chain) verification occurs inside mod_ssl 153 if($GLOBALS['phpgw_info']['server']['auth_type'] == 'sqlssl' && isset($_SERVER['SSL_CLIENT_S_DN']) && !isset($_GET['cd'])) 154 { 155 # an X.509 subject looks like: 156 # /CN=john.doe/OU=Department/O=Company/C=xx/Email=john@comapy.tld/L=City/ 157 # the username is deliberately lowercase, to ease LDAP integration 158 $sslattribs = explode('/',$_SERVER['SSL_CLIENT_S_DN']); 159 # skip the part in front of the first '/' (nothing) 160 while($sslattrib = next($sslattribs)) 161 { 162 list($key,$val) = explode('=',$sslattrib); 163 $sslattributes[$key] = $val; 164 } 126 include($login_include); 165 127 166 if(isset($sslattributes['Email'])) 167 { 168 $submit = True; 128 ?> 169 129 170 # login will be set here if the user logged out and uses a different username with171 # the same SSL-certificate.172 if(!isset($_POST['login'])&&isset($sslattributes['Email']))173 {174 $login = $sslattributes['Email'];175 # not checked against the database, but delivered to authentication module176 $passwd = $_SERVER['SSL_CLIENT_S_DN'];177 }178 }179 unset($key);180 unset($val);181 unset($sslattributes);182 }183 184 if(isset($passwd_type) || $_POST['submitit_x'] || $_POST['submitit_y'] || $submit)185 {186 ///// Início - Código temporário: Para renomeação de login com organização para sem. //////187 /* $common = CreateObject('phpgwapi.common');188 $ldap_conn = $common->ldapConnect();189 $justthese = array("uid");190 $filter="(&(phpgwAccountType=u)(uid=".$_POST['user']."))";191 $ldap_search = ldap_search($ldap_conn, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);192 $ldap_info = ldap_get_entries($ldap_conn, $ldap_search);193 if ($ldap_info['count'] != 0) // Verifica se o login existe sem organização.194 {195 $_POST['login'] = $_POST['user'];196 }197 ldap_close($ldap_conn);*/198 /// Fim - Código temporário: Para renomeação de login com organização para sem. //////199 if(getenv('REQUEST_METHOD') != 'POST' && $_SERVER['REQUEST_METHOD'] != 'POST' &&200 !isset($_SERVER['PHP_AUTH_USER']) && !isset($_SERVER['SSL_CLIENT_S_DN']))201 {202 $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=5'));203 }204 205 // don't get login data again when $submit is true206 if($submit == false)207 {208 $login = $_POST['login'];209 }210 211 if(strstr($login,'@') === False && isset($_POST['logindomain']))212 {213 $login .= '@' . $_POST['logindomain'];214 }215 elseif(!isset($GLOBALS['phpgw_domain'][$GLOBALS['phpgw_info']['user']['domain']]))216 {217 $login .= '@'.$GLOBALS['phpgw_info']['server']['default_domain'];218 }219 $GLOBALS['sessionid'] = $GLOBALS['phpgw']->session->create(strtolower($login),$passwd,$passwd_type,'u');220 221 if(!isset($GLOBALS['sessionid']) || ! $GLOBALS['sessionid'])222 {223 $GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php?cd=' . $GLOBALS['phpgw']->session->cd_reason);224 }225 else226 {227 if ($_POST['lang'] && preg_match('/^[a-z]{2}(-[a-z]{2}){0,1}$/',$_POST['lang']) &&228 $_POST['lang'] != $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'])229 {230 $GLOBALS['phpgw']->preferences->add('common','lang',$_POST['lang'],'session');231 }232 233 if(!$GLOBALS['phpgw_info']['server']['disable_autoload_langfiles'])234 {235 $GLOBALS['phpgw']->translation->autoload_changed_langfiles();236 }237 $forward = isset($_GET['phpgw_forward']) ? urldecode($_GET['phpgw_forward']) : @$_POST['phpgw_forward'];238 if (!$forward)239 {240 $extra_vars['cd'] = 'yes';241 $forward = '/home.php';242 }243 else244 {245 list($forward,$extra_vars) = explode('?',$forward,2);246 }247 if ($GLOBALS['phpgw_info']['server']['use_https'] != 2)248 {249 $forward = 'http://'.$_SERVER['HTTP_HOST'].($GLOBALS['phpgw']->link($forward.'?cd=yes'));250 echo "<script language='Javascript1.3'>location.href='".$forward."'</script>";251 }252 else253 {254 $GLOBALS['phpgw']->redirect_link($forward,$extra_vars);255 }256 }257 }258 else259 {260 // !!! DONT CHANGE THESE LINES !!!261 // If there is something wrong with this code TELL ME!262 // Commenting out the code will not fix it. (jengo)263 if(isset($_COOKIE['last_loginid']))264 {265 $accounts = CreateObject('phpgwapi.accounts');266 $prefs = CreateObject('phpgwapi.preferences', $accounts->name2id($_COOKIE['last_loginid']));267 268 if($prefs->account_id)269 {270 $GLOBALS['phpgw_info']['user']['preferences'] = $prefs->read_repository();271 }272 }273 if ($_GET['lang'])274 {275 $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = $_GET['lang'];276 }277 elseif(!isset($_COOKIE['last_loginid']) || !$prefs->account_id)278 {279 // If the lastloginid cookies isn't set, we will default to the first language,280 // the users browser accepts.281 list($lang) = explode(',',$_SERVER['HTTP_ACCEPT_LANGUAGE']);282 /*283 if(strlen($lang) > 2)284 {285 $lang = substr($lang,0,2);286 }287 */288 $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = $lang;289 }290 #print 'LANG:' . $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] . '<br>';291 292 $GLOBALS['phpgw']->translation->init(); // this will set the language according to the (new) set prefs293 $GLOBALS['phpgw']->translation->add_app('login');294 $GLOBALS['phpgw']->translation->add_app('loginscreen');295 if(lang('loginscreen_message') == 'loginscreen_message*')296 {297 $GLOBALS['phpgw']->translation->add_app('loginscreen','en'); // trying the en one298 }299 if(lang('loginscreen_message') != 'loginscreen_message*')300 {301 $tmpl->set_var('lang_message',stripslashes(lang('loginscreen_message')));302 }303 }304 305 if($GLOBALS['phpgw_info']['server']['use_prefix_organization'])306 {307 $organization_select = "<tr><td width=\"66\" class=\"loginLabel\">";308 $organization_select .= lang("organization").":</td>";309 $organization_select .="<td width=\"135\">";310 $organization_select .="<select name=\"organization\">\n";311 312 $obj_organization = CreateObject('phpgwapi.sector_search_ldap');313 $organizations = $obj_organization->organization_search($GLOBALS['phpgw_info']['server']['ldap_context']);314 315 for ($i=0; $i<count($organizations); $i++)316 {317 $tmp_array[strtolower($organizations[$i])] = $organizations[$i];318 }319 320 $arrayOrganization = $tmp_array;321 ksort($arrayOrganization);322 323 foreach($arrayOrganization324 as $organization_name => $organization_vars)325 {326 $organization_select .= '<option value="' . $organization_name . '"';327 328 if($organization_name == $_COOKIE['last_organization'])329 {330 $organization_select .= ' selected';331 }332 $organization_select .= '>' . $organization_vars . "</option>\n";333 }334 $organization_select .= "</select>\n";335 $organization_select .="</td><td> </td></tr>";336 $tmpl->set_var('select_organization',$organization_select);337 }338 339 $domain_select = ' ';340 $last_loginid = $_COOKIE['last_loginid'];341 if($GLOBALS['phpgw_info']['server']['show_domain_selectbox'])342 {343 $domain_select = "<select name=\"logindomain\">\n";344 foreach($GLOBALS['phpgw_domain'] as $domain_name => $domain_vars)345 {346 $domain_select .= '<option value="' . $domain_name . '"';347 348 if($domain_name == $_COOKIE['last_domain'])349 {350 $domain_select .= ' selected';351 }352 $domain_select .= '>' . $domain_name . "</option>\n";353 }354 $domain_select .= "</select>\n";355 }356 elseif($last_loginid !== '')357 {358 reset($GLOBALS['phpgw_domain']);359 list($default_domain) = each($GLOBALS['phpgw_domain']);360 361 if($_COOKIE['last_domain'] != $default_domain && !empty($_COOKIE['last_domain']))362 {363 $last_loginid .= '@' . $_COOKIE['last_domain'];364 }365 }366 $tmpl->set_var('select_domain',$domain_select);367 368 foreach($_GET as $name => $value)369 {370 if(ereg('phpgw_',$name))371 {372 $extra_vars .= '&' . $name . '=' . urlencode($value);373 }374 }375 376 if($extra_vars)377 {378 $extra_vars = '?' . substr($extra_vars,1);379 }380 381 /********************************************************\382 * Check is the registration app is installed, activated *383 * And if the register link must be placed *384 \********************************************************/385 386 $cnf_reg = createobject('phpgwapi.config','registration');387 $cnf_reg->read_repository();388 $config_reg = $cnf_reg->config_data;389 390 if($config_reg[enable_registration]=='True' && $config_reg[register_link]=='True')391 {392 $reg_link=' <a href="registration/">'.lang('Not a user yet? Register now').'</a><br/>';393 }394 395 $GLOBALS['phpgw_info']['server']['template_set'] = $GLOBALS['phpgw_info']['login_template_set'];396 397 $tmpl->set_var('register_link',$reg_link);398 $tmpl->set_var('charset',$GLOBALS['phpgw']->translation->charset());399 $tmpl->set_var('login_url', $GLOBALS['phpgw_info']['server']['webserver_url'] . '/login.php' . $extra_vars);400 $tmpl->set_var('registration_url',$GLOBALS['phpgw_info']['server']['webserver_url'] . '/registration/');401 $tmpl->set_var('version',$GLOBALS['phpgw_info']['server']['versions']['phpgwapi']);402 $tmpl->set_var('cd',check_logoutcode($_GET['cd']));403 $tmpl->set_var('cookie',$last_loginid);404 405 $tmpl->set_var('lang_username',lang('username'));406 $tmpl->set_var('lang_password',lang('password'));407 $tmpl->set_var('lang_login',lang('login'));408 409 $tmpl->set_var('website_title', $GLOBALS['phpgw_info']['server']['site_title']);410 $tmpl->set_var('template_set',$GLOBALS['phpgw_info']['login_template_set']);411 $tmpl->set_var('bg_color',($GLOBALS['phpgw_info']['server']['login_bg_color']?$GLOBALS['phpgw_info']['server']['login_bg_color']:'FFFFFF'));412 $tmpl->set_var('bg_color_title',($GLOBALS['phpgw_info']['server']['login_bg_color_title']?$GLOBALS['phpgw_info']['server']['login_bg_color_title']:'486591'));413 414 if($GLOBALS['phpgw_info']['server']['use_frontend_name'])415 $tmpl->set_var('frontend_name', " - ".$GLOBALS['phpgw_info']['server']['use_frontend_name']);416 417 if (substr($GLOBALS['phpgw_info']['server']['login_logo_file'],0,4) == 'http')418 {419 $var['logo_file'] = $GLOBALS['phpgw_info']['server']['login_logo_file'];420 }421 else422 {423 $var['logo_file'] = $GLOBALS['phpgw']->common->image('phpgwapi',$GLOBALS['phpgw_info']['server']['login_logo_file']?$GLOBALS['phpgw_info']['server']['login_logo_file']:'logo');424 }425 $var['logo_url'] = $GLOBALS['phpgw_info']['server']['login_logo_url']?$GLOBALS['phpgw_info']['server']['login_logo_url']:'http://www.eGroupWare.org';426 if (substr($var['logo_url'],0,4) != 'http')427 {428 $var['logo_url'] = 'http://'.$var['logo_url'];429 }430 $var['logo_title'] = $GLOBALS['phpgw_info']['server']['login_logo_title']?$GLOBALS['phpgw_info']['server']['login_logo_title']:'www.eGroupWare.org';431 $tmpl->set_var($var);432 433 if (@$GLOBALS['phpgw_info']['server']['login_show_language_selection'])434 {435 $select_lang = '<select name="lang" onchange="'."location.href=location.href+(location.search?'&':'?')+'lang='+this.value".'">';436 $langs = $GLOBALS['phpgw']->translation->get_installed_langs();437 uasort($langs,'strcasecmp');438 foreach ($langs as $key => $name) // if we have a translation use it439 {440 $select_lang .= "\n\t".'<option value="'.$key.'"'.($key == $GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] ? ' selected="1"' : '').'>'.$name.'</option>';441 }442 $select_lang .= "\n</select>\n";443 $tmpl->set_var(array(444 'lang_language' => lang('Language'),445 'select_language' => $select_lang,446 ));447 }448 else449 {450 $tmpl->set_block('login_form','language_select');451 $tmpl->set_var('language_select','');452 }453 454 $tmpl->set_var('autocomplete', ($GLOBALS['phpgw_info']['server']['autocomplete_login'] ? 'autocomplete="off"' : ''));455 456 $tmpl->pfp('loginout','login_form');457 ?>
Note: See TracChangeset
for help on using the changeset viewer.