| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * login.php -- simple login screen |
| 5 | * |
| 6 | * This a simple login screen. Some housekeeping is done to clean |
| 7 | * cookies and find language. |
| 8 | * |
| 9 | * @copyright © 1999-2006 The SquirrelMail Project Team |
| 10 | * @license http://opensource.org/licenses/gpl-license.php GNU Public License |
| 11 | * @version $Id$ |
| 12 | * @package squirrelmail |
| 13 | */ |
| 14 | |
| 15 | /** |
| 16 | * Path for SquirrelMail required files. |
| 17 | * @ignore |
| 18 | */ |
| 19 | define('SM_PATH','../'); |
| 20 | |
| 21 | /* SquirrelMail required files. */ |
| 22 | require_once(SM_PATH . 'functions/strings.php'); |
| 23 | require_once(SM_PATH . 'config/config.php'); |
| 24 | require_once(SM_PATH . 'functions/i18n.php'); |
| 25 | require_once(SM_PATH . 'functions/plugin.php'); |
| 26 | require_once(SM_PATH . 'functions/constants.php'); |
| 27 | require_once(SM_PATH . 'functions/page_header.php'); |
| 28 | require_once(SM_PATH . 'functions/html.php'); |
| 29 | require_once(SM_PATH . 'functions/global.php'); |
| 30 | require_once(SM_PATH . 'functions/imap_general.php'); |
| 31 | require_once(SM_PATH . 'functions/forms.php'); |
| 32 | |
| 33 | /** |
| 34 | * $squirrelmail_language is set by a cookie when the user selects |
| 35 | * language and logs out |
| 36 | */ |
| 37 | set_up_language($squirrelmail_language, TRUE, TRUE); |
| 38 | |
| 39 | /** |
| 40 | * Find out the base URI to set cookies. |
| 41 | */ |
| 42 | if (!function_exists('sqm_baseuri')){ |
| 43 | require_once(SM_PATH . 'functions/display_messages.php'); |
| 44 | } |
| 45 | $base_uri = sqm_baseuri(); |
| 46 | |
| 47 | /* |
| 48 | * In case the last session was not terminated properly, make sure |
| 49 | * we get a new one. |
| 50 | */ |
| 51 | |
| 52 | sqsession_destroy(); |
| 53 | /** |
| 54 | * PHP bug. http://bugs.php.net/11643 (warning, spammed bug tracker) and |
| 55 | * http://bugs.php.net/13834 |
| 56 | * SID constant is not destroyed in PHP 4.1.2, 4.2.3 and maybe other |
| 57 | * versions. Produces warning on login page. Bug should be fixed only in 4.3.0 |
| 58 | */ |
| 59 | @sqsession_start(); |
| 60 | header('Pragma: no-cache'); |
| 61 | |
| 62 | /** |
| 63 | * This detects if the IMAP server has logins disabled, and if so, |
| 64 | * squelches the display of the login form and puts up a message |
| 65 | * explaining the situation. |
| 66 | */ |
| 67 | if($imap_auth_mech == 'login') { |
| 68 | /** |
| 69 | * detect disabled login, only when imapServerAddress contains |
| 70 | * server address and not mapping. See sqimap_get_user_server() |
| 71 | */ |
| 72 | if (substr($imapServerAddress, 0, 4) != "map:") { |
| 73 | $imap = sqimap_create_stream($imapServerAddress, $imapPort, $use_imap_tls); |
| 74 | $logindisabled = sqimap_capability($imap,'LOGINDISABLED'); |
| 75 | sqimap_logout($imap); |
| 76 | if ($logindisabled) { |
| 77 | $string = _("The IMAP server is reporting that plain text logins are disabled.").'<br />'. |
| 78 | _("Using CRAM-MD5 or DIGEST-MD5 authentication instead may work.").'<br />'; |
| 79 | if (!$use_imap_tls) { |
| 80 | $string .= _("Also, the use of TLS may allow SquirrelMail to login.").'<br />'; |
| 81 | } |
| 82 | $string .= _("Please contact your system administrator and report this error."); |
| 83 | error_box($string,$color); |
| 84 | exit; |
| 85 | } |
| 86 | } |
| 87 | } |
| 88 | |
| 89 | /* |
| 90 | * Initialize the template object and custom error handler object |
| 91 | */ |
| 92 | include_once(SM_PATH . 'class/template/template.class.php'); |
| 93 | include_once(SM_PATH . 'class/error.class.php'); |
| 94 | |
| 95 | /* |
| 96 | * $sTplDir is not initialized when a user is not logged in, so we will use |
| 97 | * the config file defaults here. If the neccesary variables are net set, |
| 98 | * force a default value. |
| 99 | */ |
| 100 | $aTemplateSet = ( !isset($aTemplateSet) ? array() : $aTemplateSet ); |
| 101 | $templateset_default = ( !isset($templateset_default) ? 0 : $templateset_default ); |
| 102 | $sTplDir = ( !isset($aTemplateSet[$templateset_default]['PATH']) ? |
| 103 | SM_PATH . 'templates/default/' : |
| 104 | $aTemplateSet[$templateset_default]['PATH'] ); |
| 105 | |
| 106 | $oTemplate = new Template($sTplDir); |
| 107 | $oErrorHandler = new ErrorHandler($oTemplate,'error_message.tpl'); |
| 108 | |
| 109 | do_hook('login_cookie'); |
| 110 | |
| 111 | $loginname_value = (sqGetGlobalVar('loginname', $loginname) ? htmlspecialchars($loginname) : ''); |
| 112 | |
| 113 | /* Output the javascript onload function. */ |
| 114 | $header = "<script type=\"text/javascript\">\n" . |
| 115 | "<!--\n". |
| 116 | " function squirrelmail_loginpage_onload() {\n". |
| 117 | " var textElements = 0;\n". |
| 118 | " for (i = 0; i < document.forms[0].elements.length; i++) {\n". |
| 119 | " if (document.forms[0].elements[i].type == \"text\" || document.forms[0].elements[i].type == \"password\") {\n". |
| 120 | " textElements++;\n". |
| 121 | " if (textElements == " . (isset($loginname) ? 2 : 1) . ") {\n". |
| 122 | " document.forms[0].elements[i].focus();\n". |
| 123 | " break;\n". |
| 124 | " }\n". |
| 125 | " }\n". |
| 126 | " }\n". |
| 127 | " }\n". |
| 128 | "// -->\n". |
| 129 | "</script>\n"; |
| 130 | |
| 131 | if (@file_exists($theme[$theme_default]['PATH'])) |
| 132 | @include ($theme[$theme_default]['PATH']); |
| 133 | |
| 134 | if (! isset($color) || ! is_array($color)) { |
| 135 | // Add default color theme, if theme loading fails |
| 136 | $color = array(); |
| 137 | $color[0] = '#dcdcdc'; /* light gray TitleBar */ |
| 138 | $color[1] = '#800000'; /* red */ |
| 139 | $color[2] = '#cc0000'; /* light red Warning/Error Messages */ |
| 140 | $color[4] = '#ffffff'; /* white Normal Background */ |
| 141 | $color[7] = '#0000cc'; /* blue Links */ |
| 142 | $color[8] = '#000000'; /* black Normal text */ |
| 143 | } |
| 144 | |
| 145 | displayHtmlHeader( "$org_name - " . _("Login"), $header, FALSE ); |
| 146 | |
| 147 | |
| 148 | /* If they don't have a logo, don't bother.. */ |
| 149 | $logo_str = ''; |
| 150 | if (isset($org_logo) && $org_logo) { |
| 151 | /* Display width and height like good little people */ |
| 152 | $width_and_height = ''; |
| 153 | if (isset($org_logo_width) && is_numeric($org_logo_width) && |
| 154 | $org_logo_width>0) { |
| 155 | $width_and_height = " width=\"$org_logo_width\""; |
| 156 | } |
| 157 | if (isset($org_logo_height) && is_numeric($org_logo_height) && |
| 158 | $org_logo_height>0) { |
| 159 | $width_and_height .= " height=\"$org_logo_height\""; |
| 160 | } |
| 161 | |
| 162 | $logo_str = '<img src="'.$org_logo.'" ' . |
| 163 | 'alt="'. sprintf(_("%s Logo"), $org_name).'" ' . |
| 164 | $width_and_height . |
| 165 | 'class="sqm_loginImage" ' . |
| 166 | ' /><br />'."\n"; |
| 167 | } |
| 168 | |
| 169 | $sm_attribute_str = ''; |
| 170 | if (isset($hide_sm_attributions) && !$hide_sm_attributions) { |
| 171 | $sm_attribute_str = _("SquirrelMail Webmail Application")."<br />\n" . |
| 172 | _("By the SquirrelMail Project Team")."<br />\n"; |
| 173 | } |
| 174 | |
| 175 | $username_form_name = 'login_username'; |
| 176 | $password_form_name = 'secretkey'; |
| 177 | |
| 178 | if(sqgetGlobalVar('mailto', $mailto)) { |
| 179 | $rcptaddress = addHidden('mailto', $mailto); |
| 180 | } else { |
| 181 | $rcptaddress = ''; |
| 182 | } |
| 183 | |
| 184 | $password_field = addPwField($password_form_name). |
| 185 | addHidden('js_autodetect_results', SMPREF_JS_OFF). |
| 186 | $rcptaddress . |
| 187 | addHidden('just_logged_in', '1'); |
| 188 | |
| 189 | $oTemplate->assign('color', $color); |
| 190 | $oTemplate->assign('logo_str', $logo_str); |
| 191 | $oTemplate->assign('sm_attribute_str', $sm_attribute_str); |
| 192 | $oTemplate->assign('org_name_str', sprintf (_("%s Login"), $org_name)); |
| 193 | $oTemplate->assign('login_field', addInput($username_form_name, $loginname_value)); |
| 194 | $oTemplate->assign('password_field', $password_field); |
| 195 | $oTemplate->assign('submit_field', addSubmit(_("Login"))); |
| 196 | |
| 197 | $oTemplate->display('login.tpl'); |
| 198 | ?> |