1<?php
2/**
3 * Postfix Admin
4 *
5 * LICENSE
6 * This source file is subject to the GPL license that is bundled with
7 * this package in the file LICENSE.TXT.
8 *
9 * Further details on the project are available at http://postfixadmin.sf.net
10 *
11 * @version $Id$
12 * @license GNU GPL v2 or later.
13 *
14 * File: login.php
15 * Authenticates a user, and populates their $_SESSION as appropriate.
16 * Template File: login.tpl
17 *
18 * Template Variables:
19 *
20 *  none
21 *
22 * Form POST \ GET Variables:
23 *
24 *  fUsername
25 *  fPassword
26 *  token
27 *  lang
28 */
29
30require_once('common.php');
31
32$CONF = Config::getInstance()->getAll();
33$smarty = PFASmarty::getInstance();
34
35if ($CONF['configured'] !== true) {
36    print "Installation not yet configured; please edit config.inc.php or write your settings to config.local.php";
37    exit;
38}
39
40check_db_version(); # check if the database layout is up to date (and error out if not)
41
42if ($_SERVER['REQUEST_METHOD'] == "POST") {
43    if (!isset($_SESSION['PFA_token'])) {
44        die("Invalid token (session timeout; refresh the page and try again?)");
45    }
46
47    if (safepost('token') != $_SESSION['PFA_token']) {
48        die('Invalid token! (CSRF check failed)');
49    }
50
51    $lang = safepost('lang');
52    $fUsername = trim(safepost('fUsername'));
53    $fPassword = safepost('fPassword');
54
55    if ($lang != check_language(false)) { # only set cookie if language selection was changed
56        setcookie('lang', $lang, time() + 60*60*24*30); # language cookie, lifetime 30 days
57        # (language preference cookie is processed even if username and/or password are invalid)
58    }
59
60    $h = new AdminHandler();
61
62    $login = new Login('admin');
63    if ($login->login($fUsername, $fPassword)) {
64        init_session($fUsername, true);
65
66        # they've logged in, so see if they are a domain admin, as well.
67
68        if (!$h->init($fUsername)) {
69            flash_error($PALANG['pLogin_failed']);
70        }
71
72        if (!$h->view()) {
73            flash_error($PALANG['pLogin_failed']);
74        }
75
76        $adminproperties = $h->result();
77
78        if ($adminproperties['superadmin'] == 1) {
79            $_SESSION['sessid']['roles'][] = 'global-admin';
80        }
81
82        header("Location: main.php");
83        exit(0);
84    } else { # $h->login failed
85        error_log("PostfixAdmin admin login failed (username: $fUsername, ip_address: {$_SERVER['REMOTE_ADDR']})");
86        flash_error($PALANG['pLogin_failed']);
87    }
88} else {
89    session_unset();
90    session_destroy();
91    session_start();
92}
93
94$_SESSION['PFA_token'] = md5(uniqid("pfa" . rand(), true));
95
96$smarty->assign('language_selector', language_selector(), false);
97$smarty->assign('smarty_template', 'login');
98$smarty->assign('logintype', 'admin');
99$smarty->assign('forgotten_password_reset', Config::bool('forgotten_admin_password_reset'));
100$smarty->display('index.tpl');
101
102/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */
103