1<?php 2/* $Id: index.php,v 1.139 2004/05/24 13:52:37 liedekef Exp $ */ 3 4// This line is not standard module a line...do not use it elsewhere 5// -------------------------------------------------------------------- 6if(!file_exists("config.inc.php")) exit("<html><head><title>Error</title><link rel='stylesheet' type='text/css' href='./setup/templates/default/css/setup.css'></head><body bgcolor='#c8c9d4'><table align='center' width='500'><tr><td><br /><table border='0' cellpadding='6' cellspacing='1' bgcolor='black'><tr><td align='center' bgcolor='#ededed'style='font: 12px Arial;'><strong>ERROR</strong></td></tr><tr><td bgcolor='#ededed'style='font: 12px Arial;'><br />Please <a href='setup/index.php'>run setup</a> first.<br /><br />Have a <a href='docs/html/en/index.html'>look at the manual</a> for more information. Chances are, that you need to <a href='http://www.moregroupware.org/manual/mgw-manual-en.tar.gz'>download</a> it first - or <a href='http://www.moregroupware.org/manual/en/index.html'>read it online</a>.</td></tr></table></td></tr></table></body></html>"); 7// -------------------------------------------------------------------- 8 9$myEnv["module"] = "general"; 10$myEnv["output"] = "html"; 11$myEnv["translate"] = true; 12$myEnv["stdsmenu"] = false; 13$myEnv["auth"] = false; 14 15include('config.inc.php'); 16include(INCLUDEPATH ."container.inc.php"); 17 18$num = 0; 19$conn = connect_database(); 20 21// change language setting 22if($_SERVER["REQUEST_METHOD"] == "POST"){ 23 $loginlang = $_POST["language"]; 24 $lsql = "SELECT charset FROM mgw_languages WHERE langcode=".$conn->QMagic($_POST["language"]); 25 if (!$lres = $conn->Execute($lsql)) exit(showSQLerror($lsql, $conn->ErrorMsg(), __LINE__, __FILE__)); 26 $lrow = $lres->FetchRow(); 27 $logincharset = $lrow["charset"]; 28} 29else{ 30 $loginlang = $appconf["def_language"]; 31 $logincharset = $appconf["def_charset"]; 32} 33Lang::setLocaledText($loginlang,"general"); 34if (!$appconf["encrypt_pwd"]) { $smarty->assign("encrypt_pwd","hex_md5"); } 35// send header for used charset 36header('Content-Type: text/html; charset='.$logincharset); 37$smarty->assign("charset",$logincharset); 38 39// logout 40if(isset($_GET["view"]) && $_GET["view"]=="logout"){ 41 $_SESSION = array(); 42 $_SESSION["MGW"]= new MGW(); 43 session_destroy(); 44} 45 46// NTLM auth 47elseif (isset($_SERVER["REMOTE_USER"]) && $appconf["use_ntlm_auth"]) { 48 // FIXME move NTLM auth code into this file, might make more 49 // sense?!? 50 redirect("index_ntlm.php"); 51} 52 53// already logged in 54elseif (isset($_SESSION['MGW']) && isset($_SESSION['MGW']->userid) && !empty($_SESSION["MGW"]->userid) && !isset($_POST["login"])) { 55 redirect(ROOTURL."modules/".$_SESSION["MGW"]->settings["def_module"]."/index.php?".SID); 56} 57 58// process login 59elseif (isset($_POST["login"])) { 60 $row = false; 61 $login = $_POST["login"]; 62 $password = (isset($_POST["password"]) ? $_POST["password"] : ""); 63 $encrypted_pwd = (isset($_POST["encrypted_pwd"]) ? $_POST["encrypted_pwd"] : ""); 64 65 // check for user being in the database 66 $sql = "SELECT id, is_ldap FROM mgw_users WHERE username=".$conn->QMagic($login); 67 if (($res = $conn->GetRow($sql))===false) exit(showSQLerror($sql, $conn->ErrorMsg(), __LINE__, __FILE__)); 68 69 if (isset($res['is_ldap']) && $res['is_ldap']==0) 70 // we want to use SQL auth for this user (enable admin from db) 71 include(INCLUDEPATH ."Auth/sql.inc.php"); 72 else 73 // use the preferred auth method 74 include(INCLUDEPATH ."Auth/". $appconf["auth_method"] . ".inc.php"); 75 76 if (count($res)==0) { //the username is not present in the database 77 if (isset($appconf["create_accounts_on_login"]) && $appconf["create_accounts_on_login"]) { 78 if (authentify_user($login, $password, $encrypted_pwd)) { 79 //user does not exists, but was authentified 80 //lets create an account for this user if create_accounts_on_login 81 // is defined in the config 82 create_user_account_on_login($login); 83 $row = get_user_info($login); 84 } 85 } 86 else { //the user is not allow to create a new account 87 $smarty->assign('loginerrortext', Lang::getLanguageString("loginerror")); 88 } 89 } 90 elseif(authentify_user($login, $password, $encrypted_pwd)) { 91 $row = get_user_info($login); 92 } 93 else{ 94 $smarty->assign('loginerrortext', Lang::getLanguageString("loginerror")); 95 } 96 97 if(is_array($row)) { 98 // Login sucessful 99 $_SESSION = array(); 100 $_SESSION["MGW"]= new MGW(); 101 102 $_SESSION["lastin"] = $conn->UnixTimeStamp($row["lastin"]); 103 $sql = "UPDATE mgw_users SET lu_date=lu_date, lastin=".$conn->DBTimeStamp(time())." WHERE id=".(int)$row["id"]; 104 if (!$conn->Execute($sql)) exit(showSQLerror($sql, $conn->ErrorMsg(), __LINE__, __FILE__)); 105 106 $_SESSION["checkip"] = (isset($_POST["checkip"]) && $_POST["checkip"]==1) ? 1 : 0; 107 $_SESSION["remoteip"] = get_remote_addr(); 108 $_SESSION["http_user_agent"] = $_SERVER["HTTP_USER_AGENT"]; 109 if($row["lang"] != "login"){ 110 $_SESSION["MGW"]->spkz = $row["lang"]; 111 $_SESSION["MGW"]->charset = $row["charset"]; 112 } 113 else{ 114 $_SESSION["MGW"]->spkz = $_POST["language"]; 115 $lsql = "SELECT charset FROM mgw_languages WHERE langcode=".$conn->QMagic($_POST["language"]); 116 if (!$lres = $conn->Execute($lsql)) exit(showSQLerror($sql, $conn->ErrorMsg(), __LINE__, __FILE__)); 117 $lrow = $lres->FetchRow(); 118 $_SESSION["MGW"]->charset = $lrow["charset"]; 119 } 120 $_SESSION["MGW"]->fullusername = $row["firstname"] . " " . $row["lastname"]; 121 $_SESSION["MGW"]->email = $row["email"]; 122 $_SESSION["MGW"]->username = $row["username"]; 123 $_SESSION["MGW"]->userid = $row["id"]; 124 $_SESSION["MGW"]->login = $login; 125 $_SESSION["MGW"]->password = $password; 126 $_SESSION["MGW"]->modules = array(); 127 $_SESSION["MGW"]->modules = getInstalledModules(); 128 $_SESSION["MGW"]->groups = get_user_groups(); 129 $_SESSION["MGW"]->groups_names = get_user_groups_names(); 130 $_SESSION["MGW"]->browser = browser_detect(); 131 $smarty->assign("charset", $_SESSION["MGW"]->charset); 132 133 getUserSettings(); 134 135 redirect("modules/".$_SESSION["MGW"]->settings["def_module"]."/index.php?".SID); 136 } 137 // Login not successfull 138 else { 139 $_SESSION = array(); 140 $_SESSION['MGW']=new MGW(); 141 $smarty->assign('loginerrortext', Lang::getLanguageString("loginerror")); 142 } 143} 144 145// plain GET request, no logout, no login 146include(INCLUDEPATH . "mSelectBox.class.php"); 147 148$lsb = new mSelectBox("language"); 149$lsb->setContentType("sql"); 150$lsb->setSQLvalue("langcode"); 151$lsb->setSQLcontent("description"); 152$lsb->addContent("SELECT langcode, description FROM mgw_languages ORDER BY description"); 153$smarty->assign("lsb", $lsb->draw($loginlang, 'onchange="document.f1.submit()"')); 154 155$smarty->display("login.tpl"); 156?> 157