X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=src%2Flogin.php;h=21fe8fa19aec2e4817a34569a53c907a32c4c640;hb=d7270cc414d34775b3aec09cb2364605695fdf43;hp=033e9efc3acca446e37a18525fc60c753829a246;hpb=15e6162eacc97158393bc75aed3afeb7b19c24a6;p=squirrelmail.git diff --git a/src/login.php b/src/login.php index 033e9efc..21fe8fa1 100644 --- a/src/login.php +++ b/src/login.php @@ -3,166 +3,184 @@ /** * login.php -- simple login screen * - * Copyright (c) 1999-2002 The SquirrelMail Project Team - * Licensed under the GNU GPL. For full terms see the file COPYING. - * * This a simple login screen. Some housekeeping is done to clean * cookies and find language. * - * $Id$ + * @copyright © 1999-2007 The SquirrelMail Project Team + * @license http://opensource.org/licenses/gpl-license.php GNU Public License + * @version $Id$ + * @package squirrelmail */ -/*****************************************************************/ -/*** THIS FILE NEEDS TO HAVE ITS FORMATTING FIXED!!! ***/ -/*** PLEASE DO SO AND REMOVE THIS COMMENT SECTION. ***/ -/*** + Base level indent should begin at left margin, as ***/ -/*** the first two lines below look. ***/ -/*** + All identation should consist of four space blocks ***/ -/*** + Tab characters are evil. ***/ -/*** + all comments should use "slash-star ... star-slash" ***/ -/*** style -- no pound characters, no slash-slash style ***/ -/*** + FLOW CONTROL STATEMENTS (if, while, etc) SHOULD ***/ -/*** ALWAYS USE { AND } CHARACTERS!!! ***/ -/*** + Please use ' instead of ", when possible. Note " ***/ -/*** should always be used in _( ) function calls. ***/ -/*** Thank you for your help making the SM code more readable. ***/ -/*****************************************************************/ - -$rcptaddress = ''; -if (isset($emailaddress)) { - if (stristr($emailaddress, 'mailto:')) { - $rcptaddress = substr($emailaddress, 7); - } else { - $rcptaddress = $emailaddress; - } +// reduces the files included in init.php +$sInitLocation = 'login'; - if (($pos = strpos($rcptaddress, '?')) !== false) { - $a = substr($rcptaddress, $pos + 1); - $rcptaddress = substr($rcptaddress, 0, $pos); - $a = explode('=', $a, 2); - if (isset($a[1])) { - $name = urldecode($a[0]); - $val = urldecode($a[1]); - global $$name; - $$naame = $val; - } - } +/** + * Include the SquirrelMail initialization file. + */ +require('../include/init.php'); + + +/* SquirrelMail required files. */ +require_once(SM_PATH . 'functions/imap_general.php'); +require_once(SM_PATH . 'functions/forms.php'); - /* At this point, we have parsed a lot of the mailto stuff. */ - /* Let's do the rest -- CC, BCC, Subject, Body */ - /* Note: They can all be case insensitive */ - foreach ($GLOBALS as $k => $v) { - $key = strtolower($k); - $value = urlencode($v); - if ($key == 'cc') { - $rcptaddress .= '&send_to_cc=' . $value; - } else if ($key == 'bcc') { - $rcptaddress .= '&send_to_bcc=' . $value; - } else if ($key == 'subject') { - $rcptaddress .= '&subject=' . $value; - } else if ($key == 'body') { - $rcptaddress .= '&body=' . $value; +/** + * $squirrelmail_language is set by a cookie when the user selects + * language and logs out + */ +set_up_language($squirrelmail_language, TRUE, TRUE); + +/** + * In case the last session was not terminated properly, make sure + * we get a new one, but make sure we preserve session_expired_* + */ +if ( !empty($_SESSION['session_expired_post']) && !empty($_SESSION['session_expired_location']) ) { + $sep = $_SESSION['session_expired_post']; + $sel = $_SESSION['session_expired_location']; + + sqsession_destroy(); + @sqsession_is_active(); + $_SESSION=array(); + sqsession_register($sep, 'session_expired_post'); + sqsession_register($sel, 'session_expired_location'); +} else { + sqsession_destroy(); + @sqsession_is_active(); + $_SESSION=array(); +} + +/** + * This detects if the IMAP server has logins disabled, and if so, + * squelches the display of the login form and puts up a message + * explaining the situation. + */ +if($imap_auth_mech == 'login') { + /** + * detect disabled login, only when imapServerAddress contains + * server address and not mapping. See sqimap_get_user_server() + */ + if (substr($imapServerAddress, 0, 4) != "map:") { + $imap = sqimap_create_stream($imapServerAddress, $imapPort, $use_imap_tls); + $logindisabled = sqimap_capability($imap,'LOGINDISABLED'); + sqimap_logout($imap); + if ($logindisabled) { + $string = _("The IMAP server is reporting that plain text logins are disabled.").'
'. + _("Using CRAM-MD5 or DIGEST-MD5 authentication instead may work.").'
'; + if (!$use_imap_tls) { + $string .= _("Also, the use of TLS may allow SquirrelMail to login.").'
'; } + $string .= _("Please contact your system administrator and report this error."); + error_box($string); + // display footer (closes html tags) and stop script execution + $oTemplate->display('footer.tpl'); + exit; } - - /* Double-encode in this fashion to get past redirect.php properly. */ - $rcptaddress = urlencode($rcptaddress); + } +} + +do_hook('login_cookie', $null); + +$loginname_value = (sqGetGlobalVar('loginname', $loginname) ? htmlspecialchars($loginname) : ''); + +//FIXME: should be part of the template, not the core! +/* Output the javascript onload function. */ +$header = "\n"; + +if (@file_exists($theme[$theme_default]['PATH'])) + @include ($theme[$theme_default]['PATH']); + +if (! isset($color) || ! is_array($color)) { + // Add default color theme, if theme loading fails + $color = array(); + $color[0] = '#dcdcdc'; /* light gray TitleBar */ + $color[1] = '#800000'; /* red */ + $color[2] = '#cc0000'; /* light red Warning/Error Messages */ + $color[4] = '#ffffff'; /* white Normal Background */ + $color[7] = '#0000cc'; /* blue Links */ + $color[8] = '#000000'; /* black Normal text */ +} + +displayHtmlHeader( "$org_name - " . _("Login"), $header, FALSE ); + + + +/* If they don't have a logo, don't bother.. */ +$logo_str = ''; +if (isset($org_logo) && $org_logo) { + + if (isset($org_logo_width) && is_numeric($org_logo_width) && + $org_logo_width>0) { + $width = $org_logo_width; + } else { + $width = ''; + } + if (isset($org_logo_height) && is_numeric($org_logo_height) && + $org_logo_height>0) { + $height = $org_logo_height; + } else { + $height = ''; } + $logo_str = create_image($org_logo, sprintf(_("%s Logo"), $org_name), + $width, $height, '', 'sqm_loginImage'); +} - require_once('../functions/strings.php'); - require_once('../config/config.php'); - require_once('../functions/i18n.php'); - require_once('../functions/plugin.php'); - require_once('../functions/constants.php'); - require_once('../functions/page_header.php'); +$sm_attribute_str = ''; +if (isset($hide_sm_attributions) && !$hide_sm_attributions) { + $sm_attribute_str = _("SquirrelMail Webmail Application")."\n" . + _("By the SquirrelMail Project Team"); +} - /* - * $squirrelmail_language is set by a cookie when the user selects - * language and logs out - */ - set_up_language($squirrelmail_language, true); +if(sqgetGlobalVar('mailtodata', $mailtodata)) { + $mailtofield = addHidden('mailtodata', $mailtodata); +} else { + $mailtofield = ''; +} - /* Need the base URI to set the cookies. (Same code as in webmail.php). */ - ereg ("(^.*/)[^/]+/[^/]+$", $PHP_SELF, $regs); - $base_uri = $regs[1]; - @session_destroy(); +$password_field = addPwField('secretkey'); +$login_extra = addHidden('js_autodetect_results', SMPREF_JS_OFF). + $mailtofield . + addHidden('just_logged_in', '1'); - /* - * In case the last session was not terminated properly, make sure - * we get a new one. - */ - $cookie_params = session_get_cookie_params(); - setcookie(session_name(),'',0,$cookie_params['path'].$cookie_params['domain']); - setcookie('username', '', 0, $base_uri); - setcookie('key', '', 0, $base_uri); - header ('Pragma: no-cache'); - - do_hook('login_cookie'); - - /* Output the javascript onload function. */ - displayHtmlHeader( "$org_name - " . _("Login"), - "\n", FALSE ); - - /* Set the title of this page. */ - echo "\n". - "
\n"; - - $username_form_name = 'login_username'; - $password_form_name = 'secretkey'; - do_hook('login_top'); - - $loginname_value = (isset($loginname) ? htmlspecialchars($loginname) : ''); - - echo "
". - "
\n". - ( $hide_sm_attributions ? '' : - '' . sprintf (_("SquirrelMail version %s"), $version) . "
\n". - ' ' . _("By the SquirrelMail Development Team") . "
\n" ) . - "
\n". - - "
\n". - "\n". - " ". - " \n". - " \n". - "
\n". - '
' . sprintf (_("%s Login"), $org_name) . "
\n". - "
\n". - " \n". - ' \n". - " \n". - " \n". - " \n". - ' \n". - " \n". - " \n". - "
' . _("Name:") . "\n". - " \n". - "
' . _("Password:") . "\n". - " \n". - " \n". - " \n"; - if ($rcptaddress != '') { - echo " \n"; - } - echo "
\n". - '
\n". - "
\n". - "
\n"; - - do_hook('login_form'); - echo "
\n"; - - do_hook('login_bottom'); - echo "\n". - "\n"; +session_write_close(); + +$oTemplate->assign('logo_str', $logo_str); +$oTemplate->assign('logo_path', $org_logo); +$oTemplate->assign('sm_attribute_str', $sm_attribute_str); +$oTemplate->assign('org_name_str', sprintf (_("%s Login"), $org_name)); +$oTemplate->assign('login_field_value', $loginname_value); +$oTemplate->assign('login_extra', $login_extra); + +//FIXME: need to remove *ALL* HTML from this file! +echo ''."\n"; +echo '
'."\n"; +do_hook('login_top', $null); + +$oTemplate->display('login.tpl'); + +//FIXME: need to remove *ALL* HTML from this file! +echo "
\n"; +do_hook('login_bottom', $null); + +// Turn off delayed error handling to make sure all errors are dumped. +$oErrorHandler->setDelayedErrors(false); + +$oTemplate->display('footer.tpl'); ?>