X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=src%2Flogin.php;h=e5efc68a6091f3f2f6dfa44085b492dad881bc12;hb=f5dcd7f397592d2e271e80f97555701fb4ad3a66;hp=fba85c64d192d02c016d6480a73fffd10b5edff0;hpb=7407e21d58d6f9b2063af1935b6ae7d42564313a;p=squirrelmail.git diff --git a/src/login.php b/src/login.php index fba85c64..e5efc68a 100644 --- a/src/login.php +++ b/src/login.php @@ -3,183 +3,175 @@ /** * login.php -- simple login screen * - * Copyright (c) 1999-2002 The SquirrelMail Project Team - * Licensed under the GNU GPL. For full terms see the file COPYING. - * * This a simple login screen. Some housekeeping is done to clean * cookies and find language. * - * $Id$ + * @copyright © 1999-2006 The SquirrelMail Project Team + * @license http://opensource.org/licenses/gpl-license.php GNU Public License + * @version $Id$ + * @package squirrelmail */ -$rcptaddress = ''; -if (isset($emailaddress)) { - if (stristr($emailaddress, 'mailto:')) { - $rcptaddress = substr($emailaddress, 7); - } else { - $rcptaddress = $emailaddress; - } - - if (($pos = strpos($rcptaddress, '?')) !== false) { - $a = substr($rcptaddress, $pos + 1); - $rcptaddress = substr($rcptaddress, 0, $pos); - $a = explode('=', $a, 2); - if (isset($a[1])) { - $name = urldecode($a[0]); - $val = urldecode($a[1]); - global $$name; - $$name = $val; - } - } - - /* At this point, we have parsed a lot of the mailto stuff. */ - /* Let's do the rest -- CC, BCC, Subject, Body */ - /* Note: They can all be case insensitive */ - foreach ($GLOBALS as $k => $v) { - $key = strtolower($k); - $value = urlencode($v); - if ($key == 'cc') { - $rcptaddress .= '&send_to_cc=' . $value; - } else if ($key == 'bcc') { - $rcptaddress .= '&send_to_bcc=' . $value; - } else if ($key == 'subject') { - $rcptaddress .= '&subject=' . $value; - } else if ($key == 'body') { - $rcptaddress .= '&body=' . $value; - } - } - - /* Double-encode in this fashion to get past redirect.php properly. */ - $rcptaddress = urlencode($rcptaddress); -} +// reduces the files included in init.php +$sInitLocation = 'login'; -require_once('../functions/strings.php'); -require_once('../config/config.php'); -require_once('../functions/i18n.php'); -require_once('../functions/plugin.php'); -require_once('../functions/constants.php'); -require_once('../functions/page_header.php'); -require_once('../functions/html.php'); - -/* - * $squirrelmail_language is set by a cookie when the user selects - * language and logs out +/** + * Include the SquirrelMail initialization file. */ -set_up_language($squirrelmail_language, TRUE); +require('../include/init.php'); + + +/* SquirrelMail required files. */ +require_once(SM_PATH . 'functions/imap_general.php'); +require_once(SM_PATH . 'functions/forms.php'); /** - * Find out the base URI to set cookies. + * $squirrelmail_language is set by a cookie when the user selects + * language and logs out */ -if (!function_exists('sqm_baseuri')){ - require_once('../functions/display_messages.php'); -} -$base_uri = sqm_baseuri(); -@session_destroy(); +set_up_language($squirrelmail_language, TRUE, TRUE); /* * In case the last session was not terminated properly, make sure * we get a new one. */ -$cookie_params = session_get_cookie_params(); -setcookie(session_name(), '', 0, $cookie_params['path'], - $cookie_params['domain']); -setcookie('username', '', 0, $base_uri); -setcookie('key', '', 0, $base_uri); -header('Pragma: no-cache'); +sqsession_destroy(); +sqsession_is_active(); +$_SESSION=array(); + + +/** + * PHP bug. http://bugs.php.net/11643 (warning, spammed bug tracker) and + * http://bugs.php.net/13834 + * SID constant is not destroyed in PHP 4.1.2, 4.2.3 and maybe other + * versions. Produces warning on login page. Bug should be fixed only in 4.3.0 + */ + +/** + * This detects if the IMAP server has logins disabled, and if so, + * squelches the display of the login form and puts up a message + * explaining the situation. + */ +if($imap_auth_mech == 'login') { + /** + * detect disabled login, only when imapServerAddress contains + * server address and not mapping. See sqimap_get_user_server() + */ + if (substr($imapServerAddress, 0, 4) != "map:") { + $imap = sqimap_create_stream($imapServerAddress, $imapPort, $use_imap_tls); + $logindisabled = sqimap_capability($imap,'LOGINDISABLED'); + sqimap_logout($imap); + if ($logindisabled) { + $string = _("The IMAP server is reporting that plain text logins are disabled.").'
'. + _("Using CRAM-MD5 or DIGEST-MD5 authentication instead may work.").'
'; + if (!$use_imap_tls) { + $string .= _("Also, the use of TLS may allow SquirrelMail to login.").'
'; + } + $string .= _("Please contact your system administrator and report this error."); + error_box($string,$color); + exit; + } + } +} do_hook('login_cookie'); -/* Output the javascript onload function. */ +$loginname_value = (sqGetGlobalVar('loginname', $loginname) ? htmlspecialchars($loginname) : ''); -$header = "\n"; -$custom_css = 'none'; -displayHtmlHeader( "$org_name - " . _("Login"), $header, FALSE ); -/* Set the title of this page. */ -echo ''; +if (@file_exists($theme[$theme_default]['PATH'])) + @include ($theme[$theme_default]['PATH']); + +if (! isset($color) || ! is_array($color)) { + // Add default color theme, if theme loading fails + $color = array(); + $color[0] = '#dcdcdc'; /* light gray TitleBar */ + $color[1] = '#800000'; /* red */ + $color[2] = '#cc0000'; /* light red Warning/Error Messages */ + $color[4] = '#ffffff'; /* white Normal Background */ + $color[7] = '#0000cc'; /* blue Links */ + $color[8] = '#000000'; /* black Normal text */ +} +/** + * send out all the cookies + */ +sqsetcookieflush(); -$username_form_name = 'login_username'; -$password_form_name = 'secretkey'; -do_hook('login_top'); +displayHtmlHeader( "$org_name - " . _("Login"), $header, FALSE ); -$loginname_value = (isset($loginname) ? htmlspecialchars($loginname) : ''); -/* Display width and height like good little people */ -$width_and_height = ''; -if (isset($org_logo_width) && is_numeric($org_logo_width) && $org_logo_width>0) { - $width_and_height = " width=\"$org_logo_width\""; +/* If they don't have a logo, don't bother.. */ +$logo_str = ''; +if (isset($org_logo) && $org_logo) { + /* Display width and height like good little people */ + $width_and_height = ''; + if (isset($org_logo_width) && is_numeric($org_logo_width) && + $org_logo_width>0) { + $width_and_height = " width=\"$org_logo_width\""; + } + if (isset($org_logo_height) && is_numeric($org_logo_height) && + $org_logo_height>0) { + $width_and_height .= " height=\"$org_logo_height\""; + } + + $logo_str = '
'."\n"; } -if (isset($org_logo_height) && is_numeric($org_logo_height) && $org_logo_height>0) { - $width_and_height .= " height=\"$org_logo_height\""; + +$sm_attribute_str = ''; +if (isset($hide_sm_attributions) && !$hide_sm_attributions) { + $sm_attribute_str = _("SquirrelMail Webmail Application")."
\n" . + _("By the SquirrelMail Project Team")."
\n"; } -$rcptaddress_input = ''; -if ($rcptaddress != '') { - $rcptaddress_input = ''; +$username_form_name = 'login_username'; +$password_form_name = 'secretkey'; + +if(sqgetGlobalVar('mailto', $mailto)) { + $rcptaddress = addHidden('mailto', $mailto); +} else { + $rcptaddress = ''; } -echo "\n" . '
' . "\n" . -html_tag( 'table', - html_tag( 'tr', - html_tag( 'td', - '
'. - '' . sprintf(_(
' . "\n". - ( $hide_sm_attributions ? '' : - '' . sprintf (_("SquirrelMail version %s"), $version) . '
' ."\n". - ' ' . _("By the SquirrelMail Development Team") . '
' . "\n" ) . - html_tag( 'table', - html_tag( 'tr', - html_tag( 'td', - '' . sprintf (_("%s Login"), $org_name) . "\n", - 'center', '#DCDCDC' ) - ) . - html_tag( 'tr', - html_tag( 'td', "\n" . - html_tag( 'table', - html_tag( 'tr', - html_tag( 'td', - _("Name:") , - 'right', '', 'width="30%"' ) . - html_tag( 'td', - '' , - 'left', '', 'width="*"' ) - ) . "\n" . - html_tag( 'tr', - html_tag( 'td', - _("Password:") , - 'right', '', 'width="30%"' ) . - html_tag( 'td', - '' . "\n" . - '' . "\n" . - '' . "\n" . - $rcptaddress_input . "\n" , - 'left', '', 'width="*"' ) - ) , - 'center', '#ffffff', 'border="0" cols="2" width="100%"' ) , - 'left', '#FFFFFF' ) - ) . - html_tag( 'tr', - html_tag( 'td', - '
', - 'left' ) - ), - '', '#ffffff', 'border="0" cols="1" width="350"' ), - 'center' ) - ) , -'', '#ffffff', 'border="0" cellspacing="0" cellpadding="0" width="100%"' ) . -'' . "\n"; - -do_hook('login_form'); - -do_hook('login_bottom'); -echo "\n". - "\n"; -?> +$password_field = addPwField($password_form_name). + addHidden('js_autodetect_results', SMPREF_JS_OFF). + $rcptaddress . + addHidden('just_logged_in', '1'); + +session_write_close(); + +$oTemplate->assign('logo_str', $logo_str); +$oTemplate->assign('sm_attribute_str', $sm_attribute_str); +$oTemplate->assign('org_name_str', sprintf (_("%s Login"), $org_name)); +$oTemplate->assign('login_field', addInput($username_form_name, $loginname_value)); +$oTemplate->assign('password_field', $password_field); +$oTemplate->assign('submit_field', addSubmit(_("Login"))); + +$oTemplate->display('login.tpl'); + +// Turn off delayed error handling to make sure all errors are dumped. +$oErrorHandler->delayedErrors(false); + +trigger_error('login'); +$oTemplate->display('footer.tpl'); +?> \ No newline at end of file