diff --git a/setup/config.php b/setup/config.php index dd4a200976..c11f9b19f4 100644 --- a/setup/config.php +++ b/setup/config.php @@ -21,24 +21,6 @@ include("./inc/setup_auth.inc.php"); // Does not return unless user is authorized - /* Database setup */ - include($phpgw_info["server"]["api_dir"] . "/phpgw_db_".$phpgw_info["server"]["db_type"].".inc.php"); - - $db = new db; - if ($phpgw_info["multiable_domains"] != True){ - $db->Host = $phpgw_info["server"]["db_host"]; - $db->Type = $phpgw_info["server"]["db_type"]; - $db->Database = $phpgw_info["server"]["db_name"]; - $db->User = $phpgw_info["server"]["db_user"]; - $db->Password = $phpgw_info["server"]["db_pass"]; - }else{ - $db->Host = $phpgw_domain[$SetupDomain]["db_host"]; - $db->Type = $phpgw_domain[$SetupDomain]["db_type"]; - $db->Database = $phpgw_domain[$SetupDomain]["db_name"]; - $db->User = $phpgw_domain[$SetupDomain]["db_user"]; - $db->Password = $phpgw_domain[$SetupDomain]["db_pass"]; - } - if ($newsettings["auth_type"] != "ldap") { setup_header(); } diff --git a/setup/inc/setup_auth.inc.php b/setup/inc/setup_auth.inc.php index e2afdc1172..bd7b007eb1 100644 --- a/setup/inc/setup_auth.inc.php +++ b/setup/inc/setup_auth.inc.php @@ -27,10 +27,9 @@ function loginForm($err="") { - global $phpgw_info, $phpgw_domain, $SetupDomain, $SetupCookie, $FormDomain, $PHP_SELF; + global $phpgw_info, $phpgw_domain, $SetupDomain, $SetupPasswd, $PHP_SELF; - setup_header("Please login"); - + setup_header("Please login"); echo "

\n"; echo "\n"; echo " \n"; @@ -41,11 +40,12 @@ } echo " \n"; echo " \n"; @@ -54,43 +54,49 @@ echo "\n"; } +//if (count($phpgw_domain) > 1){ +// echo "count: ".count($phpgw_domain)."
\n";; +//} + + reset($phpgw_domain); + $default_domain = each($phpgw_domain); + $phpgw_info["server"]["default_domain"] = $default_domain[0]; + unset ($default_domain); // we kill this for security reasons + if (isset($FormPW)) { - if ($phpgw_info["multiable_domains"] == True){ - if ($FormPW != $phpgw_domain[$FormDomain]["config_passwd"]) { - loginForm("Invalid password."); - exit; - } + if ($FormPW == $phpgw_domain[$FormDomain]["config_passwd"]) { + setcookie("SetupPasswd","$FormPW"); + setcookie("SetupDomain","$FormDomain"); }else{ - if ($FormPW != $phpgw_domain["default"]["config_passwd"]) { - loginForm("Invalid password."); - exit; - } + loginForm("Invalid password."); + exit; } - // Valid login, fall through and set the cookie - $SetupCookie = $FormPW; - } else if (isset($SetupCookie)) { - if ($phpgw_info["multiable_domains"] == True){ - if ($SetupCookie != $phpgw_domain[$SetupDomain]["config_passwd"]) { - setcookie("SetupCookie",""); // scrub the old one - setcookie("SetupDomain",""); // scrub the old one - loginForm("Invalid session cookie (cookies must be enabled)"); - exit; - } - }else{ - if ($SetupCookie != $phpgw_domain["default"]["config_passwd"]) { - setcookie("SetupCookie",""); // scrub the old one - loginForm("Invalid session cookie (cookies must be enabled)"); - exit; - } + } elseif (isset($SetupPasswd)) { + if ($SetupPasswd != $phpgw_domain[$SetupDomain]["config_passwd"]) { + setcookie("SetupPasswd",""); // scrub the old one + setcookie("SetupDomain",""); // scrub the old one + loginForm("Invalid session cookie (cookies must be enabled)"); + exit; } } else { loginForm(); exit; } - - // Auth ok. - setcookie("SetupCookie","$SetupCookie"); - if ($phpgw_info["multiable_domains"] == True){ - setcookie("SetupDomain","$FormDomain"); + /* Database setup */ + include($phpgw_info["server"]["api_dir"] . "/phpgw_db_".$phpgw_info["server"]["db_type"].".inc.php"); + $db = new db; + if ($phpgw_info["multiable_domains"] != True){ + $db->Host = $phpgw_info["server"]["db_host"]; + $db->Type = $phpgw_info["server"]["db_type"]; + $db->Database = $phpgw_info["server"]["db_name"]; + $db->User = $phpgw_info["server"]["db_user"]; + $db->Password = $phpgw_info["server"]["db_pass"]; + }else{ + $db->Host = $phpgw_domain[$SetupDomain]["db_host"]; + $db->Type = $phpgw_domain[$SetupDomain]["db_type"]; + $db->Database = $phpgw_domain[$SetupDomain]["db_name"]; + $db->User = $phpgw_domain[$SetupDomain]["db_user"]; + $db->Password = $phpgw_domain[$SetupDomain]["db_pass"]; } + ?> diff --git a/setup/index.php b/setup/index.php index a1dfa4342f..119c55e4d4 100644 --- a/setup/index.php +++ b/setup/index.php @@ -25,36 +25,6 @@ include("./inc/setup_auth.inc.php"); // Does not return unless user is authorized - /* Database setup */ - switch($phpgw_info["server"]["db_type"]){ - case "pgsql": - include($phpgw_info["server"]["api_dir"] . "/phpgw_db_pgsql.inc.php"); - break; - case "oracle": - include($phpgw_info["server"]["api_dir"] . "/phpgw_db_oracle.inc.php"); - break; - case "mysql": - include($phpgw_info["server"]["api_dir"] . "/phpgw_db_mysql.inc.php"); - break; - default: - echo("

Please set db_type in your header.inc.php correctly

\n"); - exit; - } - - $db = new db; - if ($phpgw_info["multiable_domains"] != True){ - $db->Host = $phpgw_info["server"]["db_host"]; - $db->Type = $phpgw_info["server"]["db_type"]; - $db->Database = $phpgw_info["server"]["db_name"]; - $db->User = $phpgw_info["server"]["db_user"]; - $db->Password = $phpgw_info["server"]["db_pass"]; - }else{ - $db->Host = $phpgw_domain[$SetupDomain]["db_host"]; - $db->Type = $phpgw_domain[$SetupDomain]["db_type"]; - $db->Database = $phpgw_domain[$SetupDomain]["db_name"]; - $db->User = $phpgw_domain[$SetupDomain]["db_user"]; - $db->Password = $phpgw_domain[$SetupDomain]["db_pass"]; - } // $db->Halt_On_Error = "report"; $db->Halt_On_Error = "no";
\n"; - if ($phpgw_info["multiable_domains"] == True){ + if (count($phpgw_domain) > 1){ echo " \n"; echo "
Domain:
Password:
\n"; }else{ echo " \n"; + echo " \n"; } echo " \n"; echo "