| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * login.php -- simple login screen |
| 5 | * |
| 6 | * This a simple login screen. Some housekeeping is done to clean |
| 7 | * cookies and find language. |
| 8 | * |
| 9 | * @copyright © 1999-2006 The SquirrelMail Project Team |
| 10 | * @license http://opensource.org/licenses/gpl-license.php GNU Public License |
| 11 | * @version $Id$ |
| 12 | * @package squirrelmail |
| 13 | */ |
| 14 | |
| 15 | /** |
| 16 | * Path for SquirrelMail required files. |
| 17 | * @ignore |
| 18 | */ |
| 19 | define('SM_PATH','../'); |
| 20 | |
| 21 | /* SquirrelMail required files. */ |
| 22 | require_once(SM_PATH . 'functions/strings.php'); |
| 23 | require_once(SM_PATH . 'config/config.php'); |
| 24 | require_once(SM_PATH . 'functions/i18n.php'); |
| 25 | require_once(SM_PATH . 'functions/plugin.php'); |
| 26 | require_once(SM_PATH . 'functions/constants.php'); |
| 27 | require_once(SM_PATH . 'functions/page_header.php'); |
| 28 | require_once(SM_PATH . 'functions/html.php'); |
| 29 | require_once(SM_PATH . 'functions/global.php'); |
| 30 | require_once(SM_PATH . 'functions/imap_general.php'); |
| 31 | require_once(SM_PATH . 'functions/forms.php'); |
| 32 | |
| 33 | /** |
| 34 | * $squirrelmail_language is set by a cookie when the user selects |
| 35 | * language and logs out |
| 36 | */ |
| 37 | set_up_language($squirrelmail_language, TRUE, TRUE); |
| 38 | |
| 39 | /** |
| 40 | * Find out the base URI to set cookies. |
| 41 | */ |
| 42 | if (!function_exists('sqm_baseuri')){ |
| 43 | require_once(SM_PATH . 'functions/display_messages.php'); |
| 44 | } |
| 45 | $base_uri = sqm_baseuri(); |
| 46 | |
| 47 | /* |
| 48 | * In case the last session was not terminated properly, make sure |
| 49 | * we get a new one. |
| 50 | */ |
| 51 | |
| 52 | sqsession_destroy(); |
| 53 | /** |
| 54 | * PHP bug. http://bugs.php.net/11643 (warning, spammed bug tracker) and |
| 55 | * http://bugs.php.net/13834 |
| 56 | * SID constant is not destroyed in PHP 4.1.2, 4.2.3 and maybe other |
| 57 | * versions. Produces warning on login page. Bug should be fixed only in 4.3.0 |
| 58 | */ |
| 59 | @sqsession_start(); |
| 60 | header('Pragma: no-cache'); |
| 61 | |
| 62 | /** |
| 63 | * This detects if the IMAP server has logins disabled, and if so, |
| 64 | * squelches the display of the login form and puts up a message |
| 65 | * explaining the situation. |
| 66 | */ |
| 67 | if($imap_auth_mech == 'login') { |
| 68 | /** |
| 69 | * detect disabled login, only when imapServerAddress contains |
| 70 | * server address and not mapping. See sqimap_get_user_server() |
| 71 | */ |
| 72 | if (substr($imapServerAddress, 0, 4) != "map:") { |
| 73 | $imap = sqimap_create_stream($imapServerAddress, $imapPort, $use_imap_tls); |
| 74 | $logindisabled = sqimap_capability($imap,'LOGINDISABLED'); |
| 75 | sqimap_logout($imap); |
| 76 | if ($logindisabled) { |
| 77 | $string = _("The IMAP server is reporting that plain text logins are disabled.").'<br />'. |
| 78 | _("Using CRAM-MD5 or DIGEST-MD5 authentication instead may work.").'<br />'; |
| 79 | if (!$use_imap_tls) { |
| 80 | $string .= _("Also, the use of TLS may allow SquirrelMail to login.").'<br />'; |
| 81 | } |
| 82 | $string .= _("Please contact your system administrator and report this error."); |
| 83 | error_box($string,$color); |
| 84 | exit; |
| 85 | } |
| 86 | } |
| 87 | } |
| 88 | |
| 89 | do_hook('login_cookie'); |
| 90 | |
| 91 | $loginname_value = (sqGetGlobalVar('loginname', $loginname) ? htmlspecialchars($loginname) : ''); |
| 92 | |
| 93 | /* Output the javascript onload function. */ |
| 94 | |
| 95 | $header = "<script language=\"JavaScript\" type=\"text/javascript\">\n" . |
| 96 | "<!--\n". |
| 97 | " function squirrelmail_loginpage_onload() {\n". |
| 98 | " var textElements = 0;\n". |
| 99 | " for (i = 0; i < document.forms[0].elements.length; i++) {\n". |
| 100 | " if (document.forms[0].elements[i].type == \"text\" || document.forms[0].elements[i].type == \"password\") {\n". |
| 101 | " textElements++;\n". |
| 102 | " if (textElements == " . (isset($loginname) ? 2 : 1) . ") {\n". |
| 103 | " document.forms[0].elements[i].focus();\n". |
| 104 | " break;\n". |
| 105 | " }\n". |
| 106 | " }\n". |
| 107 | " }\n". |
| 108 | " }\n". |
| 109 | "// -->\n". |
| 110 | "</script>\n"; |
| 111 | |
| 112 | if (@file_exists($theme[$theme_default]['PATH'])) |
| 113 | @include ($theme[$theme_default]['PATH']); |
| 114 | |
| 115 | if (! isset($color) || ! is_array($color)) { |
| 116 | // Add default color theme, if theme loading fails |
| 117 | $color = array(); |
| 118 | $color[0] = '#dcdcdc'; /* light gray TitleBar */ |
| 119 | $color[1] = '#800000'; /* red */ |
| 120 | $color[2] = '#cc0000'; /* light red Warning/Error Messages */ |
| 121 | $color[4] = '#ffffff'; /* white Normal Background */ |
| 122 | $color[7] = '#0000cc'; /* blue Links */ |
| 123 | $color[8] = '#000000'; /* black Normal text */ |
| 124 | } |
| 125 | |
| 126 | displayHtmlHeader( "$org_name - " . _("Login"), $header, FALSE, FALSE, FALSE ); |
| 127 | |
| 128 | echo "<body text=\"$color[8]\" bgcolor=\"$color[4]\" link=\"$color[7]\" vlink=\"$color[7]\" alink=\"$color[7]\" onLoad=\"squirrelmail_loginpage_onload()\">" . |
| 129 | "\n" . '<form action="redirect.php" method="post" onSubmit="document.forms[0].js_autodetect_results.value=\'' . SMPREF_JS_ON .'\';">' . "\n"; |
| 130 | |
| 131 | $username_form_name = 'login_username'; |
| 132 | $password_form_name = 'secretkey'; |
| 133 | do_hook('login_top'); |
| 134 | |
| 135 | /* If they don't have a logo, don't bother.. */ |
| 136 | if (isset($org_logo) && $org_logo) { |
| 137 | /* Display width and height like good little people */ |
| 138 | $width_and_height = ''; |
| 139 | if (isset($org_logo_width) && is_numeric($org_logo_width) && |
| 140 | $org_logo_width>0) { |
| 141 | $width_and_height = " width=\"$org_logo_width\""; |
| 142 | } |
| 143 | if (isset($org_logo_height) && is_numeric($org_logo_height) && |
| 144 | $org_logo_height>0) { |
| 145 | $width_and_height .= " height=\"$org_logo_height\""; |
| 146 | } |
| 147 | } |
| 148 | |
| 149 | if(sqgetGlobalVar('mailto', $mailto)) { |
| 150 | $rcptaddress = addHidden('mailto', $mailto); |
| 151 | } else { |
| 152 | $rcptaddress = ''; |
| 153 | } |
| 154 | echo html_tag( 'table', |
| 155 | html_tag( 'tr', |
| 156 | html_tag( 'td', |
| 157 | '<center>'. |
| 158 | ( isset($org_logo) && $org_logo |
| 159 | ? '<img src="' . $org_logo . '" alt="' . |
| 160 | sprintf(_("%s Logo"), $org_name) .'"' . $width_and_height . |
| 161 | ' /><br />' . "\n" |
| 162 | : '' ). |
| 163 | ( (isset($hide_sm_attributions) && $hide_sm_attributions) ? '' : |
| 164 | '<small>' . _("SquirrelMail Webmail Application") . '<br />' ."\n". |
| 165 | ' ' . _("By the SquirrelMail Project Team") . '<br /></small>' . "\n" ) . |
| 166 | html_tag( 'table', |
| 167 | html_tag( 'tr', |
| 168 | html_tag( 'td', |
| 169 | '<b>' . sprintf (_("%s Login"), $org_name) . "</b>\n", |
| 170 | 'center', $color[0] ) |
| 171 | ) . |
| 172 | html_tag( 'tr', |
| 173 | html_tag( 'td', "\n" . |
| 174 | html_tag( 'table', |
| 175 | html_tag( 'tr', |
| 176 | html_tag( 'td', |
| 177 | _("Name:") , |
| 178 | 'right', '', 'width="30%"' ) . |
| 179 | html_tag( 'td', |
| 180 | addInput($username_form_name, $loginname_value), |
| 181 | 'left', '', 'width="*"' ) |
| 182 | ) . "\n" . |
| 183 | html_tag( 'tr', |
| 184 | html_tag( 'td', |
| 185 | _("Password:") , |
| 186 | 'right', '', 'width="30%"' ) . |
| 187 | html_tag( 'td', |
| 188 | addPwField($password_form_name). |
| 189 | addHidden('js_autodetect_results', SMPREF_JS_OFF). |
| 190 | $rcptaddress . |
| 191 | addHidden('just_logged_in', '1'), |
| 192 | 'left', '', 'width="*"' ) |
| 193 | ) . |
| 194 | concat_hook_function('login_form') , |
| 195 | 'center', $color[4], 'border="0" width="100%"' ) , |
| 196 | 'left', $color[4] ) |
| 197 | ) . |
| 198 | html_tag( 'tr', |
| 199 | html_tag( 'td', |
| 200 | '<center>'. addSubmit(_("Login")) .'</center>', |
| 201 | 'left' ) |
| 202 | ), |
| 203 | '', $color[4], 'border="0" width="350"' ) . '</center>', |
| 204 | 'center' ) |
| 205 | ) , |
| 206 | '', $color[4], 'border="0" cellspacing="0" cellpadding="0" width="100%"' ); |
| 207 | echo '</form>' . "\n"; |
| 208 | |
| 209 | do_hook('login_bottom'); |
| 210 | |
| 211 | ?> |
| 212 | </body></html> |