| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * login.php -- simple login screen |
| 5 | * |
| 6 | * This a simple login screen. Some housekeeping is done to clean |
| 7 | * cookies and find language. |
| 8 | * |
| 9 | * @copyright 1999-2022 The SquirrelMail Project Team |
| 10 | * @license http://opensource.org/licenses/gpl-license.php GNU Public License |
| 11 | * @version $Id$ |
| 12 | * @package squirrelmail |
| 13 | */ |
| 14 | |
| 15 | /** This is the login page */ |
| 16 | define('PAGE_NAME', 'login'); |
| 17 | |
| 18 | /** |
| 19 | * Include the SquirrelMail initialization file. |
| 20 | */ |
| 21 | require('../include/init.php'); |
| 22 | |
| 23 | /* SquirrelMail required files. */ |
| 24 | require_once(SM_PATH . 'functions/imap_general.php'); |
| 25 | require_once(SM_PATH . 'functions/forms.php'); |
| 26 | |
| 27 | /** |
| 28 | * $squirrelmail_language is set by a cookie when the user selects |
| 29 | * language and logs out |
| 30 | */ |
| 31 | set_up_language($squirrelmail_language, TRUE, TRUE); |
| 32 | |
| 33 | /** |
| 34 | * This detects if the IMAP server has logins disabled, and if so, |
| 35 | * squelches the display of the login form and puts up a message |
| 36 | * explaining the situation. |
| 37 | */ |
| 38 | if($imap_auth_mech == 'login') { |
| 39 | /** |
| 40 | * detect disabled login, only when imapServerAddress contains |
| 41 | * server address and not mapping. See sqimap_get_user_server() |
| 42 | */ |
| 43 | if (substr($imapServerAddress, 0, 4) != "map:") { |
| 44 | $imap = sqimap_create_stream($imapServerAddress, $imapPort, $use_imap_tls); |
| 45 | $logindisabled = sqimap_capability($imap,'LOGINDISABLED'); |
| 46 | sqimap_logout($imap); |
| 47 | if ($logindisabled) { |
| 48 | $string = _("The IMAP server is reporting that plain text logins are disabled.").'<br />'. |
| 49 | _("Using CRAM-MD5 or DIGEST-MD5 authentication instead may work.").'<br />'; |
| 50 | if (!$use_imap_tls) { |
| 51 | $string .= _("Also, the use of TLS may allow SquirrelMail to login.").'<br />'; |
| 52 | } |
| 53 | $string .= _("Please contact your system administrator and report this error."); |
| 54 | error_box($string); |
| 55 | // display footer (closes html tags) and stop script execution |
| 56 | $oTemplate->display('footer.tpl'); |
| 57 | exit; |
| 58 | } |
| 59 | } |
| 60 | } |
| 61 | |
| 62 | $username_form_name = 'login_username'; |
| 63 | $password_form_name = 'secretkey'; |
| 64 | do_hook('login_cookie', $null); |
| 65 | |
| 66 | $loginname_value = (sqGetGlobalVar('loginname', $loginname) ? sm_encode_html_special_chars($loginname) : ''); |
| 67 | |
| 68 | //FIXME: should be part of the template, not the core! |
| 69 | /* Output the javascript onload function. */ |
| 70 | $header = "<script type=\"text/javascript\">\n" . |
| 71 | "<!--\n". |
| 72 | " var alreadyFocused = false;\n". |
| 73 | " function squirrelmail_loginpage_onload() {\n". |
| 74 | " if (alreadyFocused) return;\n". |
| 75 | " var textElements = 0; var i = 0;\n". |
| 76 | " for (i = 0; i < document.login_form.elements.length; i++) {\n". |
| 77 | " if (document.login_form.elements[i].type == \"text\" || document.login_form.elements[i].type == \"password\") {\n". |
| 78 | " textElements++;\n". |
| 79 | " if (textElements == " . (isset($loginname) ? 2 : 1) . ") {\n". |
| 80 | " document.login_form.elements[i].focus();\n". |
| 81 | " break;\n". |
| 82 | " }\n". |
| 83 | " }\n". |
| 84 | " }\n". |
| 85 | " }\n". |
| 86 | "// -->\n". |
| 87 | "</script>\n"; |
| 88 | |
| 89 | if (@file_exists($theme[$theme_default]['PATH'])) |
| 90 | @include ($theme[$theme_default]['PATH']); |
| 91 | |
| 92 | if (! isset($color) || ! is_array($color)) { |
| 93 | // Add default color theme, if theme loading fails |
| 94 | $color = array(); |
| 95 | $color[0] = '#dcdcdc'; /* light gray TitleBar */ |
| 96 | $color[1] = '#800000'; /* red */ |
| 97 | $color[2] = '#cc0000'; /* light red Warning/Error Messages */ |
| 98 | $color[4] = '#ffffff'; /* white Normal Background */ |
| 99 | $color[7] = '#0000cc'; /* blue Links */ |
| 100 | $color[8] = '#000000'; /* black Normal text */ |
| 101 | } |
| 102 | |
| 103 | // if any plugin returns TRUE here, the standard page header will be skipped |
| 104 | $temp = array($header); |
| 105 | if (!boolean_hook_function('login_before_page_header', $temp, 1)) |
| 106 | displayHtmlHeader( "$org_name - " . _("Login"), $header, FALSE ); |
| 107 | |
| 108 | |
| 109 | |
| 110 | /* If they don't have a logo, don't bother.. */ |
| 111 | $logo_str = ''; |
| 112 | if (isset($org_logo) && $org_logo) { |
| 113 | |
| 114 | if (isset($org_logo_width) && is_numeric($org_logo_width) && |
| 115 | $org_logo_width>0) { |
| 116 | $width = $org_logo_width; |
| 117 | } else { |
| 118 | $width = ''; |
| 119 | } |
| 120 | if (isset($org_logo_height) && is_numeric($org_logo_height) && |
| 121 | $org_logo_height>0) { |
| 122 | $height = $org_logo_height; |
| 123 | } else { |
| 124 | $height = ''; |
| 125 | } |
| 126 | |
| 127 | $logo_str = create_image($org_logo, sprintf(_("%s Logo"), $org_name), |
| 128 | $width, $height, '', 'sqm_loginImage'); |
| 129 | |
| 130 | } |
| 131 | |
| 132 | $sm_attribute_str = ''; |
| 133 | if (isset($hide_sm_attributions) && !$hide_sm_attributions) { |
| 134 | $sm_attribute_str = _("SquirrelMail Webmail")."\n" . |
| 135 | _("By the SquirrelMail Project Team"); |
| 136 | } |
| 137 | |
| 138 | if(sqgetGlobalVar('mailtodata', $mailtodata)) { |
| 139 | $mailtofield = addHidden('mailtodata', $mailtodata); |
| 140 | } else { |
| 141 | $mailtofield = ''; |
| 142 | } |
| 143 | |
| 144 | $password_field = addPwField('secretkey'); |
| 145 | $login_extra = addHidden('js_autodetect_results', SMPREF_JS_OFF). |
| 146 | $mailtofield . |
| 147 | addHidden('just_logged_in', '1'); |
| 148 | |
| 149 | session_write_close(); |
| 150 | |
| 151 | $oTemplate->assign('logo_str', $logo_str, FALSE); |
| 152 | $oTemplate->assign('logo_path', $org_logo); |
| 153 | $oTemplate->assign('sm_attribute_str', $sm_attribute_str); |
| 154 | // i18n: The %s represents the service provider's name |
| 155 | $oTemplate->assign('org_name_str', sprintf (_("%s Login"), $org_name)); |
| 156 | // i18n: The %s represents the service provider's name |
| 157 | $oTemplate->assign('org_logo_str', sprintf (_("The %s logo"), $org_name)); |
| 158 | $oTemplate->assign('login_field_value', $loginname_value); |
| 159 | $oTemplate->assign('login_extra', $login_extra, FALSE); |
| 160 | |
| 161 | $oTemplate->display('login.tpl'); |
| 162 | |
| 163 | do_hook('login_bottom', $null); |
| 164 | |
| 165 | // Turn off delayed error handling to make sure all errors are dumped. |
| 166 | $oErrorHandler->setDelayedErrors(false); |
| 167 | |
| 168 | $oTemplate->display('footer.tpl'); |