1<?php 2/* 3** Zabbix 4** Copyright (C) 2001-2021 Zabbix SIA 5** 6** This program is free software; you can redistribute it and/or modify 7** it under the terms of the GNU General Public License as published by 8** the Free Software Foundation; either version 2 of the License, or 9** (at your option) any later version. 10** 11** This program is distributed in the hope that it will be useful, 12** but WITHOUT ANY WARRANTY; without even the implied warranty of 13** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14** GNU General Public License for more details. 15** 16** You should have received a copy of the GNU General Public License 17** along with this program; if not, write to the Free Software 18** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 19**/ 20 21 22require_once dirname(__FILE__).'/include/classes/user/CWebUser.php'; 23CWebUser::disableSessionCookie(); 24 25require_once dirname(__FILE__).'/include/config.inc.php'; 26require_once dirname(__FILE__).'/include/forms.inc.php'; 27 28$page['title'] = _('ZABBIX'); 29$page['file'] = 'index.php'; 30 31// VAR TYPE OPTIONAL FLAGS VALIDATION EXCEPTION 32$fields = [ 33 'name' => [T_ZBX_STR, O_NO, null, null, 'isset({enter})', _('Username')], 34 'password' => [T_ZBX_STR, O_OPT, null, null, 'isset({enter})'], 35 'sessionid' => [T_ZBX_STR, O_OPT, null, null, null], 36 'reconnect' => [T_ZBX_INT, O_OPT, P_SYS|P_ACT, BETWEEN(0, 65535), null], 37 'enter' => [T_ZBX_STR, O_OPT, P_SYS, null, null], 38 'autologin' => [T_ZBX_INT, O_OPT, null, null, null], 39 'request' => [T_ZBX_STR, O_OPT, null, null, null] 40]; 41check_fields($fields); 42 43// logout 44if (isset($_REQUEST['reconnect'])) { 45 DBstart(); 46 add_audit_details(AUDIT_ACTION_LOGOUT, AUDIT_RESOURCE_USER, CWebUser::$data['userid'], '', _('Manual Logout'), 47 CWebUser::$data['userid'] 48 ); 49 DBend(true); 50 CWebUser::logout(); 51 redirect('index.php'); 52} 53 54$config = select_config(); 55 56if ($config['authentication_type'] == ZBX_AUTH_HTTP) { 57 if (!empty($_SERVER['PHP_AUTH_USER'])) { 58 $_REQUEST['enter'] = _('Sign in'); 59 $_REQUEST['name'] = $_SERVER['PHP_AUTH_USER']; 60 } 61 else { 62 access_deny(ACCESS_DENY_PAGE); 63 } 64} 65 66// login via form 67if (isset($_REQUEST['enter']) && $_REQUEST['enter'] == _('Sign in')) { 68 // try to login 69 $autoLogin = getRequest('autologin', 0); 70 71 DBstart(); 72 $loginSuccess = CWebUser::login(getRequest('name', ''), getRequest('password', '')); 73 DBend(true); 74 75 if ($loginSuccess) { 76 // save remember login preference 77 $user = ['autologin' => $autoLogin]; 78 79 if (CWebUser::$data['autologin'] != $autoLogin) { 80 API::User()->updateProfile($user); 81 } 82 83 $request = getRequest('request', ''); 84 85 if ($request) { 86 preg_match('/^\/?(?<filename>[a-z0-9\_\.]+\.php)(?<request>\?.*)?$/i', $request, $test_request); 87 88 $request = (array_key_exists('filename', $test_request) && file_exists('./'.$test_request['filename'])) 89 ? $test_request['filename'].(array_key_exists('request', $test_request) ? $test_request['request'] : '') 90 : ''; 91 } 92 93 if (!zbx_empty($request)) { 94 $url = $request; 95 } 96 elseif (!zbx_empty(CWebUser::$data['url'])) { 97 $url = CWebUser::$data['url']; 98 } 99 else { 100 $url = ZBX_DEFAULT_URL; 101 } 102 redirect($url); 103 exit; 104 } 105 // login failed, fall back to a guest account 106 else { 107 CWebUser::checkAuthentication(null); 108 } 109} 110else { 111 // login the user from the session, if the session id is empty - login as a guest 112 CWebUser::checkAuthentication(CWebUser::getSessionCookie()); 113} 114 115// the user is not logged in, display the login form 116if (!CWebUser::$data['alias'] || CWebUser::$data['alias'] == ZBX_GUEST_USER) { 117 switch ($config['authentication_type']) { 118 case ZBX_AUTH_HTTP: 119 echo _('User name does not match with DB'); 120 break; 121 case ZBX_AUTH_LDAP: 122 case ZBX_AUTH_INTERNAL: 123 if (isset($_REQUEST['enter'])) { 124 $_REQUEST['autologin'] = getRequest('autologin', 0); 125 } 126 127 if ($messages = clear_messages()) { 128 $messages = array_pop($messages); 129 $_REQUEST['message'] = $messages['message']; 130 } 131 132 (new CView('general.login')) 133 ->disableJsLoader() 134 ->render(); 135 } 136} 137else { 138 redirect(zbx_empty(CWebUser::$data['url']) ? ZBX_DEFAULT_URL : CWebUser::$data['url']); 139} 140