Changeset 3437 for branches/2.2/phpgwapi
- Timestamp:
- 10/29/10 10:14:12 (14 years ago)
- Location:
- branches/2.2/phpgwapi
- Files:
-
- 4 edited
-
inc/common_functions.inc.php (modified) (1 diff)
-
setup/phpgw_en.lang (modified) (previous)
-
setup/phpgw_pt-br.lang (modified) (previous)
-
templates/default/login_default.php (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
branches/2.2/phpgwapi/inc/common_functions.inc.php
r1681 r3437 707 707 708 708 /*! 709 @function session_convert 710 @abstract cipher/decipher session id. 711 @Include by Serpro ( Antonio Carlos da Silva). 712 @discussion This function cipher/decipher session id to captcha. 713 */ 714 function session_convert($str,$ky='') 715 { 716 if($ky=='') return $str; 717 $ky=str_replace(chr(32),'',$ky); 718 if(strlen($ky)<8) return ''; 719 $kl=strlen($ky)<32?strlen($ky):32; 720 $k=array(); 721 for($i=0;$i<$kl;$i++) 722 { 723 $k[$i]=ord($ky{$i})&0x1F; 724 } 725 $j=0; 726 for($i=0;$i<strlen($str);$i++) 727 { 728 $e=ord($str{$i}); 729 $str{$i}=$e&0xE0?chr($e^$k[$j]):chr($e); 730 $j++;$j=$j==$kl?0:$j; 731 } 732 return $str; 733 } 734 735 /*! 709 736 @function CreateObject 710 737 @abstract Load a class and include the class file if not done so already. -
branches/2.2/phpgwapi/templates/default/login_default.php
r3243 r3437 12 12 \**************************************************************************/ 13 13 14 14 function check_logoutcode($code) 15 15 { 16 16 switch($code) … … 56 56 } 57 57 } 58 58 59 59 /* Program starts here */ 60 60 … … 104 104 unset($sslattributes); 105 105 } 106 session_start(); 106 107 if( isset( $_GET[ 'cd' ] ) && ( $_GET['cd']=='1' || $_GET['cd'] == 10 ) ) 108 { 109 $_SESSION['contador'] = 0; 110 } 111 107 112 if(isset($passwd_type) || $_POST['submitit_x'] || $_POST['submitit_y'] || $submit) 108 113 { 109 110 // Primeiro testa o captcha....se houver...... 111 if( $GLOBALS['phpgw_info']['server']['captcha']==1) 112 { 113 if(isset($_POST['codigo'])) 114 { 115 if ($_SESSION['CAPTCHAString'] != strtoupper($_POST['codigo'])) 116 { 117 $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=200')); 118 } 119 unset($_SESSION['CAPTCHAString']); 120 } 121 } 114 115 // Primeiro testa o captcha....se houver...... 116 if($GLOBALS['phpgw_info']['server']['captcha']==1) 117 { 118 if(!$_COOKIE['ZABX']) 119 { 120 $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=5')); 121 } 122 if($_SESSION['contador'] > $GLOBALS['phpgw_info']['server']['num_badlogin']) 123 { 124 if ($_SESSION['CAPTCHAString'] != trim(strtoupper($_POST['codigo']))) 125 { 126 $GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','cd=200')); 127 } 128 unset($_SESSION['CAPTCHAString']); 129 } 130 } 122 131 if($_POST['user']) { 123 132 if($GLOBALS['phpgw_info']['server']['use_prefix_organization']) { … … 197 206 else 198 207 { 208 $valor_contador = $_SESSION['contador']; 209 $valor_contador = $valor_contador + 1; 210 $_SESSION['contador'] = $valor_contador; 199 211 // !!! DONT CHANGE THESE LINES !!! 200 212 // If there is something wrong with this code TELL ME! … … 402 414 $tmpl->set_var('autocomplete', ($GLOBALS['phpgw_info']['server']['autocomplete_login'] ? 'autocomplete="off"' : '')); 403 415 404 $aux_captcha = '';405 416 // soh mostra o captcha se for login sem certificado.... 406 417 if($GLOBALS['phpgw_info']['server']['captcha'] && $_GET['cd']!='300' ) 407 408 if($valor_cookie > $GLOBALS['phpgw_info']['server']['num_badlogin']) 409 { 410 $aux_captcha = '<div class="login_label" > 411 <input type="hidden" name="' . session_name() .'" value="' . session_id() . '" >412 <img src="./security/captcha.php?xsid='.session_id().'" title="'.lang('Security code').'" alt="'.lang('Security code').'" style="width:60;">413 <br/>414 <input class="input" type="text" maxlength="50" size="20" name="codigo" id="codigo" value="" >415 </div>';416 417 418 419 418 { 419 $aux_captcha = ''; 420 setcookie(session_name(),base64_encode(session_convert($key_convert . session_id(),$key_convert)),0); 421 if($valor_contador > $GLOBALS['phpgw_info']['server']['num_badlogin']) 422 { 423 $aux_captcha = '<div class="login_label" > 424 <img src="./security/captcha.php" title="'.lang('Security code').'" alt="'.lang('Security code').'" style="width:60;"><br/> 425 <input class="input" type="text" maxlength="50" size="20" name="codigo" id="codigo" value="" > 426 </div>'; 427 $tmpl->set_var('captcha',$aux_captcha); 428 } 429 } 430 420 431 // Testa se deve incluir applet para login com certificado...... 421 432 if ($_GET['cd']=='300' && $GLOBALS['phpgw_info']['server']['certificado']==1) 422 433 { 423 434 //Zera o Cookie contador, responsavel pelo captcha 424 $valor_cookie = 1; 425 setcookie("contador", 1,0); 426 435 $_SESSION['contador'] = 0; 436 $valor_contador = 0; 427 437 $link_alterna_login = '<img border=0 style="padding: 0px 5px 0px 0px" src="phpgwapi/templates/default/images/warning.gif"/><a href="login.php" style="margin: 0px; padding: 0px; text-decoration:none;"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="1">' . lang('Access without Digital Certificate') . '</a>'; 428 438 $tmpl->set_var('show','none');
Note: See TracChangeset
for help on using the changeset viewer.
