2000-08-18 05:24:22 +02:00
< ? php
2001-02-27 13:49:10 +01:00
/************************************************************************** \
2004-08-21 17:22:56 +02:00
* eGroupWare login *
* http :// www . egroupware . org *
* Originaly written by Dan Kuykendall < seek3r @ phpgroupware . org > *
* Joseph Engo < jengo @ phpgroupware . org > *
2001-02-27 13:49:10 +01:00
* -------------------------------------------- *
* This program is free software ; you can redistribute it and / or modify it *
* under the terms of the GNU General Public License as published by the *
* Free Software Foundation ; either version 2 of the License , or ( at your *
* option ) any later version . *
\ **************************************************************************/
2003-08-28 16:16:30 +02:00
2001-02-27 13:49:10 +01:00
/* $Id$ */
2003-12-11 14:14:47 +01:00
$submit = False ; // set to some initial value
2005-06-20 10:48:39 +02:00
$GLOBALS [ 'egw_info' ] = array ( 'flags' => array (
'disable_Template_class' => True ,
'login' => True ,
'currentapp' => 'login' ,
));
2003-12-11 14:14:47 +01:00
2002-02-17 09:07:38 +01:00
if ( file_exists ( './header.inc.php' ))
{
2003-11-26 14:51:58 +01:00
include ( './header.inc.php' );
2005-07-17 23:33:51 +02:00
if ( ! function_exists ( 'CreateObject' ))
2003-11-26 00:03:59 +01:00
{
Header ( 'Location: setup/index.php' );
exit ;
}
2002-02-17 09:07:38 +01:00
}
else
{
Header ( 'Location: setup/index.php' );
exit ;
2006-12-25 12:06:22 +01:00
}
2005-06-20 10:48:39 +02:00
$GLOBALS [ 'egw_info' ][ 'server' ][ 'template_dir' ] = EGW_SERVER_ROOT . '/phpgwapi/templates/' . $GLOBALS [ 'egw_info' ][ 'login_template_set' ];
2006-10-15 18:19:19 +02:00
2004-03-23 11:28:15 +01:00
// read the images from the login-template-set, not the (maybe not even set) users template-set
2005-03-03 11:45:52 +01:00
$GLOBALS [ 'egw_info' ][ 'user' ][ 'preferences' ][ 'common' ][ 'template_set' ] = $GLOBALS [ 'egw_info' ][ 'login_template_set' ];
2004-03-23 11:28:15 +01:00
2006-12-25 12:06:22 +01:00
$class = $GLOBALS [ 'egw_info' ][ 'login_template_set' ] . '_framework' ;
if ( ! file_exists ( $framework = $GLOBALS [ 'egw_info' ][ 'server' ][ 'template_dir' ] . '/class.' . $class . '.inc.php' ))
2006-10-15 22:07:02 +02:00
{
2006-12-25 12:06:22 +01:00
$framework = EGW_SERVER_ROOT . '/phpgwapi/templates/idots/class.' . ( $class = 'idots_framework' ) . '.inc.php' ;
2006-10-15 22:07:02 +02:00
}
2006-12-25 12:06:22 +01:00
require_once ( $framework );
$GLOBALS [ 'egw' ] -> framework = new $class ( $GLOBALS [ 'egw_info' ][ 'login_template_set' ]);
unset ( $framework ); unset ( $class );
2006-10-15 18:19:19 +02:00
2003-08-28 16:16:30 +02:00
// This is used for system downtime, to prevent new logins.
2005-03-03 11:45:52 +01:00
if ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'deny_all_logins' ])
2002-10-19 22:44:40 +02:00
{
2006-12-25 12:06:22 +01:00
echo $GLOBALS [ 'egw' ] -> framework -> denylogin_screen ();
2006-10-15 18:19:19 +02:00
exit ;
2002-10-19 22:44:40 +02:00
}
2005-06-15 13:16:27 +02:00
2003-08-28 16:16:30 +02:00
function check_logoutcode ( $code )
2001-02-27 13:49:10 +01:00
{
2003-08-28 16:16:30 +02:00
switch ( $code )
2001-02-27 13:49:10 +01:00
{
case 1 :
2003-08-28 16:16:30 +02:00
return lang ( 'You have been successfully logged out' );
2001-02-27 13:49:10 +01:00
case 2 :
2003-08-28 16:16:30 +02:00
return lang ( 'Sorry, your login has expired' );
2004-01-28 07:05:25 +01:00
case 4 :
return lang ( 'Cookies are required to login to this site.' );
2001-02-27 13:49:10 +01:00
case 5 :
2006-09-27 09:10:43 +02:00
return '<font color="red">' . lang ( 'Bad login or password' ) . '</font>' ;
2003-10-16 16:55:12 +02:00
case 98 :
2006-09-27 09:10:43 +02:00
return '<font color="red">' . lang ( 'Account is expired' ) . '</font>' ;
2003-05-18 21:18:58 +02:00
case 99 :
2006-09-27 09:10:43 +02:00
return '<font color="red">' . lang ( 'Blocked, too many attempts' ) . '</font>' ;
2001-02-27 13:49:10 +01:00
case 10 :
2006-09-27 09:10:43 +02:00
$GLOBALS [ 'egw' ] -> session -> egw_setcookie ( 'sessionid' );
$GLOBALS [ 'egw' ] -> session -> egw_setcookie ( 'kp3' );
$GLOBALS [ 'egw' ] -> session -> egw_setcookie ( 'domain' );
return '<font color="red">' . lang ( 'Your session could not be verified.' ) . '</font>' ;
2003-08-28 16:16:30 +02:00
default :
return ' ' ;
2001-02-27 13:49:10 +01:00
}
}
2005-07-08 07:00:14 +02:00
2001-02-27 13:49:10 +01:00
/* Program starts here */
2003-10-04 15:36:11 +02:00
2007-06-20 08:46:55 +02:00
// some apache mod_auth_* modules use REMOTE_USER instead of PHP_AUTH_USER, thanks to Sylvain Beucler
if ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'auth_type' ] == 'http' && ! isset ( $_SERVER [ 'PHP_AUTH_USER' ]) && isset ( $_SERVER [ 'REMOTE_USER' ]))
{
$_SERVER [ 'PHP_AUTH_USER' ] = $_SERVER [ 'REMOTE_USER' ];
}
2005-03-03 11:45:52 +01:00
if ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'auth_type' ] == 'http' && isset ( $_SERVER [ 'PHP_AUTH_USER' ]))
2001-02-27 13:49:10 +01:00
{
$submit = True ;
2003-05-18 21:18:58 +02:00
$login = $_SERVER [ 'PHP_AUTH_USER' ];
$passwd = $_SERVER [ 'PHP_AUTH_PW' ];
2003-12-11 14:14:47 +01:00
$passwd_type = 'text' ;
}
else
{
2007-06-20 08:46:55 +02:00
$passwd = get_magic_quotes_gpc () ? stripslashes ( $_POST [ 'passwd' ]) : $_POST [ 'passwd' ];
2003-12-11 14:14:47 +01:00
$passwd_type = $_POST [ 'passwd_type' ];
2005-06-16 00:12:35 +02:00
if ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'allow_cookie_auth' ])
{
2007-06-20 08:46:55 +02:00
$eGW_remember = explode ( '::::' , get_magic_quotes_gpc () ? stripslashes ( $_COOKIE [ 'eGW_remember' ]) : $_COOKIE [ 'eGW_remember' ]);
2006-12-21 22:30:01 +01:00
2006-10-16 23:10:00 +02:00
if ( $eGW_remember [ 0 ] && $eGW_remember [ 1 ] && $eGW_remember [ 2 ])
2005-06-16 00:12:35 +02:00
{
2006-12-21 22:30:01 +01:00
$_SERVER [ 'PHP_AUTH_USER' ] = $login = $eGW_remember [ 0 ];
$_SERVER [ 'PHP_AUTH_PW' ] = $passwd = $eGW_remember [ 1 ];
$passwd_type = $eGW_remember [ 2 ];
2005-06-16 00:12:35 +02:00
$submit = True ;
}
}
2006-06-07 20:12:39 +02:00
if ( ! $passwd && ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'auto_anon_login' ]) && ! $_GET [ 'cd' ])
{
$_SERVER [ 'PHP_AUTH_USER' ] = $login = 'anonymous' ;
$_SERVER [ 'PHP_AUTH_PW' ] = $passwd = 'anonymous' ;
$passwd_type = 'text' ;
$submit = True ;
}
2001-02-27 13:49:10 +01:00
}
2001-04-26 00:01:52 +02:00
# Apache + mod_ssl style SSL certificate authentication
# Certificate (chain) verification occurs inside mod_ssl
2005-03-03 11:45:52 +01:00
if ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'auth_type' ] == 'sqlssl' && isset ( $_SERVER [ 'SSL_CLIENT_S_DN' ]) && ! isset ( $_GET [ 'cd' ]))
2001-04-26 00:01:52 +02:00
{
2006-10-15 18:19:19 +02:00
// an X.509 subject looks like:
// CN=john.doe/OU=Department/O=Company/C=xx/Email=john@comapy.tld/L=City/
// the username is deliberately lowercase, to ease LDAP integration
$sslattribs = explode ( '/' , $_SERVER [ 'SSL_CLIENT_S_DN' ]);
# skip the part in front of the first '/' (nothing)
while (( $sslattrib = next ( $sslattribs )))
{
list ( $key , $val ) = explode ( '=' , $sslattrib );
$sslattributes [ $key ] = $val ;
}
if ( isset ( $sslattributes [ 'Email' ]))
{
$submit = True ;
# login will be set here if the user logged out and uses a different username with
# the same SSL-certificate.
if ( ! isset ( $_POST [ 'login' ]) && isset ( $sslattributes [ 'Email' ]))
{
$login = $sslattributes [ 'Email' ];
# not checked against the database, but delivered to authentication module
$passwd = $_SERVER [ 'SSL_CLIENT_S_DN' ];
}
}
unset ( $key );
unset ( $val );
unset ( $sslattributes );
2001-04-26 00:01:52 +02:00
}
2003-05-18 21:18:58 +02:00
2004-01-28 07:05:25 +01:00
if ( isset ( $passwd_type ) || $_POST [ 'submitit_x' ] || $_POST [ 'submitit_y' ] || $submit )
2006-10-15 18:19:19 +02:00
// isset($_POST['passwd']) && $_POST['passwd']) // enable konqueror to login via Return
2001-02-27 13:49:10 +01:00
{
2006-10-15 18:19:19 +02:00
if ( getenv ( 'REQUEST_METHOD' ) != 'POST' && $_SERVER [ 'REQUEST_METHOD' ] != 'POST' &&
! isset ( $_SERVER [ 'PHP_AUTH_USER' ]) && ! isset ( $_SERVER [ 'SSL_CLIENT_S_DN' ]))
{
2006-12-25 12:06:22 +01:00
$GLOBALS [ 'egw' ] -> session -> egw_setcookie ( 'eGW_remember' , '' , 0 , '/' );
2006-10-15 18:19:19 +02:00
$GLOBALS [ 'egw' ] -> redirect ( $GLOBALS [ 'egw' ] -> link ( '/login.php' , 'cd=5' ));
}
2004-01-28 10:27:00 +01:00
#if(!isset($_COOKIE['eGroupWareLoginTime']))
#{
2005-03-03 11:45:52 +01:00
# $GLOBALS['egw']->redirect($GLOBALS['egw']->link('/login.php','cd=4'));
2004-01-28 10:27:00 +01:00
#}
2005-07-08 07:00:14 +02:00
2003-11-18 23:03:34 +01:00
// don't get login data again when $submit is true
if ( $submit == false )
{
$login = $_POST [ 'login' ];
}
2005-07-08 07:00:14 +02:00
2005-06-20 10:48:39 +02:00
//conference - for strings like vinicius@thyamad.com@default , allows
//that user have a login that is his e-mail. (viniciuscb)
$login_parts = explode ( '@' , $login );
$got_login = false ;
if ( count ( $login_parts ) > 1 )
2003-05-18 21:18:58 +02:00
{
2005-06-20 10:48:39 +02:00
//Last part of login string, when separated by @, is a domain name
if ( array_key_exists ( array_pop ( $login_parts ), $GLOBALS [ 'egw_domain' ]))
{
$got_login = true ;
}
2003-05-18 21:18:58 +02:00
}
2005-06-20 10:48:39 +02:00
if ( ! $got_login )
2003-11-14 00:15:55 +01:00
{
2005-06-20 10:48:39 +02:00
if ( isset ( $_POST [ 'logindomain' ]))
{
$login .= '@' . $_POST [ 'logindomain' ];
}
elseif ( ! isset ( $GLOBALS [ 'egw_domain' ][ $GLOBALS [ 'egw_info' ][ 'user' ][ 'domain' ]]))
{
$login .= '@' . $GLOBALS [ 'egw_info' ][ 'server' ][ 'default_domain' ];
}
2003-11-14 00:15:55 +01:00
}
2005-03-03 11:45:52 +01:00
$GLOBALS [ 'sessionid' ] = $GLOBALS [ 'egw' ] -> session -> create ( $login , $passwd , $passwd_type , 'u' );
2001-08-21 20:34:56 +02:00
2003-12-11 14:14:47 +01:00
if ( ! isset ( $GLOBALS [ 'sessionid' ]) || ! $GLOBALS [ 'sessionid' ])
2001-02-27 13:49:10 +01:00
{
2006-12-25 12:06:22 +01:00
$GLOBALS [ 'egw' ] -> session -> egw_setcookie ( 'eGW_remember' , '' , 0 , '/' );
2005-03-03 11:45:52 +01:00
$GLOBALS [ 'egw' ] -> redirect ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'webserver_url' ] . '/login.php?cd=' . $GLOBALS [ 'egw' ] -> session -> cd_reason );
2001-02-27 13:49:10 +01:00
}
else
{
2005-06-16 00:12:35 +02:00
/* set auth_cookie */
if ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'allow_cookie_auth' ] && $_POST [ 'remember_me' ] && $_POST [ 'passwd' ])
{
switch ( $_POST [ 'remember_me' ])
{
case '1hour' :
$remember_time = time () + 60 * 60 ;
break ;
case '1day' :
$remember_time = time () + 60 * 60 * 24 ;
break ;
case '1week' :
$remember_time = time () + 60 * 60 * 24 * 7 ;
break ;
case '1month' :
$remember_time = time () + 60 * 60 * 24 * 30 ;
break ;
case 'forever' :
default :
$remember_time = 2147483647 ;
break ;
}
2006-10-16 23:10:00 +02:00
$GLOBALS [ 'egw' ] -> session -> egw_setcookie ( 'eGW_remember' , implode ( '::::' , array (
2005-06-16 00:12:35 +02:00
'login' => $login ,
'passwd' => $passwd ,
'passwd_type' => $passwd_type )),
2006-12-25 12:06:22 +01:00
$remember_time , '/' ); // make the cookie valid for the whole site (incl. sitemgr) and not only the eGW install-dir
2005-07-08 07:00:14 +02:00
}
2004-03-21 22:20:05 +01:00
if ( $_POST [ 'lang' ] && preg_match ( '/^[a-z]{2}(-[a-z]{2}){0,1}$/' , $_POST [ 'lang' ]) &&
2005-07-08 07:00:14 +02:00
$_POST [ 'lang' ] != $GLOBALS [ 'egw_info' ][ 'user' ][ 'preferences' ][ 'common' ][ 'lang' ])
2004-03-21 22:20:05 +01:00
{
2005-03-03 11:45:52 +01:00
$GLOBALS [ 'egw' ] -> preferences -> add ( 'common' , 'lang' , $_POST [ 'lang' ], 'session' );
2004-03-21 22:20:05 +01:00
}
2004-04-14 13:52:16 +02:00
2005-03-03 11:45:52 +01:00
if ( ! $GLOBALS [ 'egw_info' ][ 'server' ][ 'disable_autoload_langfiles' ])
2003-08-10 12:11:43 +02:00
{
2005-03-03 11:45:52 +01:00
$GLOBALS [ 'egw' ] -> translation -> autoload_changed_langfiles ();
2003-08-10 12:11:43 +02:00
}
2005-06-20 10:48:39 +02:00
$forward = isset ( $_GET [ 'phpgw_forward' ]) ? urldecode ( $_GET [ 'phpgw_forward' ]) : @ $_POST [ 'phpgw_forward' ];
2004-04-14 13:52:16 +02:00
if ( ! $forward )
{
$extra_vars [ 'cd' ] = 'yes' ;
2005-07-08 07:00:14 +02:00
if ( $GLOBALS [ 'egw' ] -> hooks -> single ( 'hasUpdates' , 'home' ))
2005-06-15 13:16:27 +02:00
{
$extra_vars [ 'hasupdates' ] = 'yes' ;
}
$forward = '/index.php' ;
2004-04-14 13:52:16 +02:00
}
2004-05-03 15:52:09 +02:00
else
{
list ( $forward , $extra_vars ) = explode ( '?' , $forward , 2 );
}
2006-03-13 22:56:28 +01:00
2006-08-23 15:50:02 +02:00
if ( strpos ( $_SERVER [ 'HTTP_REFERER' ], $_SERVER [ 'REQUEST_URI' ]) === false ) {
// login requuest does not come from login.php
// redirect to referer on logout
$GLOBALS [ 'egw' ] -> session -> appsession ( 'referer' , 'login' , $_SERVER [ 'HTTP_REFERER' ]);
}
2006-03-13 22:56:28 +01:00
// Check for save passwd
if ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'check_save_passwd' ] && $GLOBALS [ 'egw' ] -> acl -> check ( 'changepassword' , 1 , 'preferences' ) && $unsave_msg = $GLOBALS [ 'egw' ] -> auth -> crackcheck ( $passwd ))
{
$GLOBALS [ 'egw' ] -> log -> write ( array ( 'text' => 'D-message, User ' . $login . ' authenticated with an unsave password' , 'file' => __FILE__ , 'line' => __LINE__ ));
$message = '<font color="red">' . lang ( 'eGroupWare checked your password for saftyness. You have to change your password for the following reason:' ) . '<br>' ;
$GLOBALS [ 'egw' ] -> redirect_link ( '/index.php' , array ( 'menuaction' => 'preferences.uipassword.change' , 'message' => $message . $unsave_msg . '</font>' ));
}
else
{
$GLOBALS [ 'egw' ] -> redirect_link ( $forward , $extra_vars );
}
2001-02-27 13:49:10 +01:00
}
}
else
{
// !!! DONT CHANGE THESE LINES !!!
// If there is something wrong with this code TELL ME!
// Commenting out the code will not fix it. (jengo)
2003-12-11 14:14:47 +01:00
if ( isset ( $_COOKIE [ 'last_loginid' ]))
2001-02-27 13:49:10 +01:00
{
2005-06-20 10:48:39 +02:00
$accounts =& CreateObject ( 'phpgwapi.accounts' );
$prefs =& CreateObject ( 'phpgwapi.preferences' , $accounts -> name2id ( $_COOKIE [ 'last_loginid' ]));
2001-02-27 13:49:10 +01:00
2003-12-11 14:14:47 +01:00
if ( $prefs -> account_id )
2001-02-27 13:49:10 +01:00
{
2005-03-03 11:45:52 +01:00
$GLOBALS [ 'egw_info' ][ 'user' ][ 'preferences' ] = $prefs -> read_repository ();
2001-02-27 13:49:10 +01:00
}
}
2004-07-11 11:42:54 +02:00
if ( $_GET [ 'lang' ])
{
2005-03-03 11:45:52 +01:00
$GLOBALS [ 'egw_info' ][ 'user' ][ 'preferences' ][ 'common' ][ 'lang' ] = $_GET [ 'lang' ];
2004-07-11 11:42:54 +02:00
}
elseif ( ! isset ( $_COOKIE [ 'last_loginid' ]) || ! $prefs -> account_id )
2001-02-27 13:49:10 +01:00
{
2003-09-18 07:04:06 +02:00
// If the lastloginid cookies isn't set, we will default to the first language,
// the users browser accepts.
2003-09-23 23:26:58 +02:00
list ( $lang ) = explode ( ',' , $_SERVER [ 'HTTP_ACCEPT_LANGUAGE' ]);
2003-12-11 14:14:47 +01:00
if ( strlen ( $lang ) > 2 )
2003-09-23 23:26:58 +02:00
{
$lang = substr ( $lang , 0 , 2 );
}
2005-03-03 11:45:52 +01:00
$GLOBALS [ 'egw_info' ][ 'user' ][ 'preferences' ][ 'common' ][ 'lang' ] = $lang ;
2003-05-18 21:18:58 +02:00
}
2005-03-03 11:45:52 +01:00
#print 'LANG:' . $GLOBALS['egw_info']['user']['preferences']['common']['lang'] . '<br>';
2003-09-23 23:26:58 +02:00
2005-03-03 11:45:52 +01:00
$GLOBALS [ 'egw' ] -> translation -> init (); // this will set the language according to the (new) set prefs
$GLOBALS [ 'egw' ] -> translation -> add_app ( 'login' );
$GLOBALS [ 'egw' ] -> translation -> add_app ( 'loginscreen' );
2007-05-17 21:04:02 +02:00
if ( $GLOBALS [ 'egw' ] -> translation -> translate ( 'loginscreen_message' , false , '' ) == 'loginscreen_message' )
2003-09-15 10:41:57 +02:00
{
2006-10-15 18:19:19 +02:00
$GLOBALS [ 'egw' ] -> translation -> add_app ( 'loginscreen' , 'en' ); // trying the en one
2003-09-15 10:41:57 +02:00
}
2007-05-17 21:04:02 +02:00
if ( $GLOBALS [ 'egw' ] -> translation -> translate ( 'loginscreen_message' , false , '' ) != 'loginscreen_message' )
2003-05-18 21:18:58 +02:00
{
2006-10-15 22:07:02 +02:00
// for now store login message in globals so it is available for the login.inc.php
2006-10-15 18:19:19 +02:00
$GLOBALS [ 'loginscreenmessage' ] = stripslashes ( lang ( 'loginscreen_message' ));
2001-02-27 13:49:10 +01:00
}
2006-12-25 12:06:22 +01:00
}
2001-02-27 13:49:10 +01:00
2003-08-10 12:11:43 +02:00
foreach ( $_GET as $name => $value )
2001-02-27 13:49:10 +01:00
{
2005-06-20 10:48:39 +02:00
if ( ereg ( 'phpgw_' , $name ))
2001-02-27 13:49:10 +01:00
{
$extra_vars .= '&' . $name . '=' . urlencode ( $value );
}
}
2003-12-11 14:14:47 +01:00
if ( $extra_vars )
2001-02-27 13:49:10 +01:00
{
2004-04-14 13:52:16 +02:00
$extra_vars = '?' . substr ( $extra_vars , 1 );
2001-02-27 13:49:10 +01:00
}
2003-12-13 04:55:30 +01:00
2006-12-25 12:06:22 +01:00
$GLOBALS [ 'egw' ] -> framework -> login_screen ( $extra_vars );