From 79d886e345c710e2e799da183b6fcdb23be86862 Mon Sep 17 00:00:00 2001 From: Miles Lott Date: Mon, 4 Mar 2002 02:55:53 +0000 Subject: [PATCH] Hopefully better logic for login/logout of the two setup logins --- phpgwapi/inc/class.setup.inc.php | 136 ++++++++++++++++--------------- setup/ldap.php | 2 +- setup/ldapexport.php | 2 +- setup/ldapimport.php | 2 +- setup/ldapmodify.php | 2 +- setup/manageheader.php | 2 + 6 files changed, 78 insertions(+), 68 deletions(-) diff --git a/phpgwapi/inc/class.setup.inc.php b/phpgwapi/inc/class.setup.inc.php index 6195bb1011..10e1931030 100644 --- a/phpgwapi/inc/class.setup.inc.php +++ b/phpgwapi/inc/class.setup.inc.php @@ -69,105 +69,113 @@ function auth($auth_type='Config') { $FormLogout = get_var('FormLogout', array('GET','POST')); - $ConfigLogin = get_var('ConfigLogin', array('POST','COOKIE')); - $HeaderLogin = get_var('HeaderLogin', array('POST','COOKIE')); + $ConfigLogin = get_var('ConfigLogin', array('POST')); + $HeaderLogin = get_var('HeaderLogin', array('POST')); $FormDomain = get_var('FormDomain', array('POST')); $FormPW = get_var('FormPW', array('POST')); + $ConfigDomain = get_var('ConfigDomain',array('POST','COOKIE')); $ConfigPW = get_var('ConfigPW', array('POST','COOKIE')); - $HeaderPW = get_var('HeaderPW', array('COOKIE','POST')); + $HeaderPW = get_var('HeaderPW', array('POST','COOKIE')); $ConfigLang = get_var('ConfigLang', array('POST','COOKIE')); - if(isset($FormLogout) && !empty($FormLogout)) + /* 6 cases: + 1. Logging into header admin + 2. Logging into config admin + 3. Logging out of config admin + 4. Logging out of header admin + 5. Return visit to config OR header + 6. None of the above + */ + + if(!empty($HeaderLogin) && $auth_type == 'Header') { - if($FormLogout == 'config' || - $FormLogout == 'ldap' || - $FormLogout == 'ldapexport' || - $FormLogout == 'ldapimport' || - $FormLogout == 'sqltoarray') + /* header admin login */ + if($FormPW == $GLOBALS['phpgw_info']['server']['header_admin_password']) { - setcookie('ConfigPW',''); /* scrub the old one */ - setcookie('ConfigDomain',''); /* scrub the old one */ + setcookie('HeaderPW',"$FormPW"); + return True; + } + else + { + $GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = 'Invalid password'; + $GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = ''; + return False; + } + } + elseif(!empty($ConfigLogin) && $auth_type == 'Config') + { + /* config login */ + if($FormPW == $GLOBALS['phpgw_domain'][$FormDomain]['config_passwd']) + { + setcookie('ConfigPW',"$FormPW"); + setcookie('ConfigDomain',"$FormDomain"); + setcookie('ConfigLang',"$ConfigLang"); + return True; + } + else + { + $GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = 'Invalid password'; + $GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = ''; + return False; + } + } + elseif(!empty($FormLogout)) + { + /* logout */ + if($FormLogout == 'config') + { + /* config logout */ + setcookie('ConfigPW',''); + setcookie('ConfigDomain',''); setcookie('ConfigLang',''); $GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = 'You have successfully logged out'; $GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = ''; + return False; } elseif($FormLogout == 'header') { - setcookie('HeaderPW',''); /* scrub the old one */ + /* header admin logout */ + setcookie('HeaderPW',''); $GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = 'You have successfully logged out'; $GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = ''; + return False; } } - elseif(isset($ConfigPW) && !empty($ConfigPW)) + elseif(!empty($ConfigPW) && $auth_type == 'Config') { - if($ConfigPW != $GLOBALS['phpgw_domain'][$ConfigDomain]['config_passwd'] && $auth_type == 'Config') + /* Returning after login to config */ + if($ConfigPW == $GLOBALS['phpgw_domain'][$ConfigDomain]['config_passwd']) { - setcookie('ConfigPW',''); /* scrub the old one */ - setcookie('ConfigDomain',''); /* scrub the old one */ - setcookie('ConfigLang',''); - $GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = 'Invalid session cookie (cookies must be enabled)'; + return True; + } + else + { + $GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = 'Invalid password'; $GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = ''; return False; } - else + } + elseif(!empty($HeaderPW) && $auth_type == 'Header') + { + /* Returning after login to header admin */ + if($HeaderPW == $GLOBALS['phpgw_info']['server']['header_admin_password']) { return True; } - } - elseif(isset($FormPW) && !empty($FormPW)) - { - if(isset($ConfigLogin)) + else { - if($FormPW == $GLOBALS['phpgw_domain'][$FormDomain]['config_passwd'] && $auth_type == 'Config') - { - setcookie('HeaderPW',''); /* scrub the old one */ - setcookie('ConfigPW',"$FormPW"); - setcookie('ConfigDomain',"$FormDomain"); - setcookie('ConfigLang',"$ConfigLang"); - $ConfigDomain = "$FormDomain"; - return True; - } - else - { - $GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = 'Invalid password'; - $GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = ''; - return False; - } - } - elseif(isset($HeaderLogin) && !empty($HeaderLogin)) - { - if($FormPW == $GLOBALS['phpgw_info']['server']['header_admin_password'] && $auth_type == 'Header') - { - setcookie('HeaderPW',"$FormPW"); - return True; - } - else - { - $GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = 'Invalid password'; - $GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = ''; - return False; - } - } - } - elseif(isset($HeaderPW) && !empty($HeaderPW)) - { - if($HeaderPW != $GLOBALS['phpgw_info']['server']['header_admin_password'] && $auth_type == 'Header') - { - setcookie('HeaderPW',''); /* scrub the old one */ - $GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = 'Invalid session cookie (cookies must be enabled)'; + $GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = 'Invalid password'; $GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = ''; return False; } - else - { - return True; - } } else { + $GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = ''; + $GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = ''; return False; } } diff --git a/setup/ldap.php b/setup/ldap.php index b47a607724..a47132f616 100644 --- a/setup/ldap.php +++ b/setup/ldap.php @@ -43,7 +43,7 @@ 'T_alert_msg' => 'msg_alert_msg.tpl' )); - $GLOBALS['phpgw_setup']->html->show_header(lang('LDAP Config'),'','ldap',$ConfigDomain); + $GLOBALS['phpgw_setup']->html->show_header(lang('LDAP Config'),'','config',$ConfigDomain); if ($error) { diff --git a/setup/ldapexport.php b/setup/ldapexport.php index c5182caff9..104e482685 100644 --- a/setup/ldapexport.php +++ b/setup/ldapexport.php @@ -230,7 +230,7 @@ $setup_complete = True; } - $GLOBALS['phpgw_setup']->html->show_header('LDAP Export','','ldapexport',$ConfigDomain); + $GLOBALS['phpgw_setup']->html->show_header('LDAP Export','','config',$ConfigDomain); if($error) { diff --git a/setup/ldapimport.php b/setup/ldapimport.php index d07adf4bf1..0782e04813 100644 --- a/setup/ldapimport.php +++ b/setup/ldapimport.php @@ -396,7 +396,7 @@ $setup_complete = True; } - $GLOBALS['phpgw_setup']->html->show_header('LDAP Import','','ldapimport',$ConfigDomain); + $GLOBALS['phpgw_setup']->html->show_header('LDAP Import','','config',$ConfigDomain); if ($error) { diff --git a/setup/ldapmodify.php b/setup/ldapmodify.php index 0a748af68d..fe8cb2da4e 100644 --- a/setup/ldapmodify.php +++ b/setup/ldapmodify.php @@ -123,7 +123,7 @@ exit; } - $GLOBALS['phpgw_setup']->html->show_header('LDAP Modify','','ldapmodify',$ConfigDomain); + $GLOBALS['phpgw_setup']->html->show_header('LDAP Modify','','config',$ConfigDomain); if ($submit) { diff --git a/setup/manageheader.php b/setup/manageheader.php index 8b78a53242..0c1e9e9455 100644 --- a/setup/manageheader.php +++ b/setup/manageheader.php @@ -81,6 +81,7 @@ { $GLOBALS['phpgw_setup']->html->show_header('Please login',True); $GLOBALS['phpgw_setup']->html->login_form(); + $GLOBALS['phpgw_setup']->html->show_footer(); exit; } break; @@ -89,6 +90,7 @@ { $GLOBALS['phpgw_setup']->html->show_header('Please login',True); $GLOBALS['phpgw_setup']->html->login_form(); + $GLOBALS['phpgw_setup']->html->show_footer(); exit; } $GLOBALS['phpgw_info']['setup']['HeaderFormMSG'] = 'Edit your header.inc.php';