src/login.php

   1 <?php
   2
   3 /**
   4  * login.php -- simple login screen
   5  *
   6  * This a simple login screen. Some housekeeping is done to clean
   7  * cookies and find language.
   8  *
   9  * @copyright &copy; 1999-2006 The SquirrelMail Project Team
  10  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  11  * @version $Id$
  12  * @package squirrelmail
  13  */
  14
  15 /**
  16  * Path for SquirrelMail required files.
  17  * @ignore
  18  */
  19 define('SM_PATH','../');
  20
  21 /* SquirrelMail required files. */
  22 require_once(SM_PATH . 'functions/strings.php');
  23 require_once(SM_PATH . 'config/config.php');
  24 require_once(SM_PATH . 'functions/i18n.php');
  25 require_once(SM_PATH . 'functions/plugin.php');
  26 require_once(SM_PATH . 'functions/constants.php');
  27 require_once(SM_PATH . 'functions/page_header.php');
  28 require_once(SM_PATH . 'functions/html.php');
  29 require_once(SM_PATH . 'functions/global.php');
  30 require_once(SM_PATH . 'functions/imap_general.php');
  31 require_once(SM_PATH . 'functions/forms.php');
  32
  33 /**
  34  * $squirrelmail_language is set by a cookie when the user selects
  35  * language and logs out
  36  */
  37 set_up_language($squirrelmail_language, TRUE, TRUE);
  38
  39 /**
  40  * Find out the base URI to set cookies.
  41  */
  42 if (!function_exists('sqm_baseuri')){
  43     require_once(SM_PATH . 'functions/display_messages.php');
  44 }
  45 $base_uri = sqm_baseuri();
  46
  47 /*
  48  * In case the last session was not terminated properly, make sure
  49  * we get a new one.
  50  */
  51
  52 sqsession_destroy();
  53 /**
  54  * PHP bug. http://bugs.php.net/11643 (warning, spammed bug tracker) and
  55  * http://bugs.php.net/13834
  56  * SID constant is not destroyed in PHP 4.1.2, 4.2.3 and maybe other
  57  * versions. Produces warning on login page. Bug should be fixed only in 4.3.0
  58  */
  59 @sqsession_start();
  60 header('Pragma: no-cache');
  61
  62 /**
  63  * This detects if the IMAP server has logins disabled, and if so,
  64  * squelches the display of the login form and puts up a message
  65  * explaining the situation.
  66  */
  67 if($imap_auth_mech == 'login') {
  68     /**
  69      * detect disabled login, only when imapServerAddress contains
  70      * server address and not mapping. See sqimap_get_user_server()
  71      */
  72     if (substr($imapServerAddress, 0, 4) != "map:") {
  73         $imap = sqimap_create_stream($imapServerAddress, $imapPort, $use_imap_tls);
  74         $logindisabled = sqimap_capability($imap,'LOGINDISABLED');
  75         sqimap_logout($imap);
  76         if ($logindisabled) {
  77             $string = _("The IMAP server is reporting that plain text logins are disabled.").'<br />'.
  78                 _("Using CRAM-MD5 or DIGEST-MD5 authentication instead may work.").'<br />';
  79             if (!$use_imap_tls) {
  80                 $string .= _("Also, the use of TLS may allow SquirrelMail to login.").'<br />';
  81             }
  82             $string .= _("Please contact your system administrator and report this error.");
  83             error_box($string,$color);
  84             exit;
  85         }
  86     }
  87 }
  88
  89 do_hook('login_cookie');
  90
  91 $loginname_value = (sqGetGlobalVar('loginname', $loginname) ? htmlspecialchars($loginname) : '');
  92
  93 /* Output the javascript onload function. */
  94
  95 $header = "<script language=\"JavaScript\" type=\"text/javascript\">\n" .
  96           "<!--\n".
  97           "  function squirrelmail_loginpage_onload() {\n".
  98           "    var textElements = 0;\n".
  99           "    for (i = 0; i < document.forms[0].elements.length; i++) {\n".
 100           "      if (document.forms[0].elements[i].type == \"text\" || document.forms[0].elements[i].type == \"password\") {\n".
 101           "        textElements++;\n".
 102           "        if (textElements == " . (isset($loginname) ? 2 : 1) . ") {\n".
 103           "          document.forms[0].elements[i].focus();\n".
 104           "          break;\n".
 105           "        }\n".
 106           "      }\n".
 107           "    }\n".
 108           "  }\n".
 109           "// -->\n".
 110           "</script>\n";
 111
 112 if (@file_exists($theme[$theme_default]['PATH']))
 113    @include ($theme[$theme_default]['PATH']);
 114
 115 if (! isset($color) || ! is_array($color)) {
 116     // Add default color theme, if theme loading fails
 117     $color = array();
 118     $color[0]  = '#dcdcdc';  /* light gray    TitleBar               */
 119     $color[1]  = '#800000';  /* red                                  */
 120     $color[2]  = '#cc0000';  /* light red     Warning/Error Messages */
 121     $color[4]  = '#ffffff';  /* white         Normal Background      */
 122     $color[7]  = '#0000cc';  /* blue          Links                  */
 123     $color[8]  = '#000000';  /* black         Normal text            */
 124 }
 125
 126 displayHtmlHeader( "$org_name - " . _("Login"), $header, FALSE, FALSE, FALSE );
 127
 128 echo "<body text=\"$color[8]\" bgcolor=\"$color[4]\" link=\"$color[7]\" vlink=\"$color[7]\" alink=\"$color[7]\" onLoad=\"squirrelmail_loginpage_onload()\">" .
 129      "\n" . '<form action="redirect.php" method="post" onSubmit="document.forms[0].js_autodetect_results.value=\'' . SMPREF_JS_ON .'\';">' . "\n";
 130
 131 $username_form_name = 'login_username';
 132 $password_form_name = 'secretkey';
 133 do_hook('login_top');
 134
 135 /* If they don't have a logo, don't bother.. */
 136 if (isset($org_logo) && $org_logo) {
 137     /* Display width and height like good little people */
 138     $width_and_height = '';
 139     if (isset($org_logo_width) && is_numeric($org_logo_width) &&
 140      $org_logo_width>0) {
 141         $width_and_height = " width=\"$org_logo_width\"";
 142     }
 143     if (isset($org_logo_height) && is_numeric($org_logo_height) &&
 144      $org_logo_height>0) {
 145         $width_and_height .= " height=\"$org_logo_height\"";
 146     }
 147 }
 148
 149 if(sqgetGlobalVar('mailto', $mailto)) {
 150     $rcptaddress = addHidden('mailto', $mailto);
 151 } else {
 152     $rcptaddress = '';
 153 }
 154 echo html_tag( 'table',
 155     html_tag( 'tr',
 156         html_tag( 'td',
 157             '<div style="text-align: center;">'.
 158             ( isset($org_logo) && $org_logo
 159               ? '<img src="' . $org_logo . '" alt="' .
 160                 sprintf(_("%s Logo"), $org_name) .'"' . $width_and_height .
 161                 ' /><br />' . "\n"
 162               : '' ).
 163             ( (isset($hide_sm_attributions) && $hide_sm_attributions) ? '' :
 164             '<small>' . _("SquirrelMail Webmail Application") . '<br />' ."\n".
 165             '  ' . _("By the SquirrelMail Project Team") . '<br /></small>' . "\n" ) .
 166             html_tag( 'table',
 167                 html_tag( 'tr',
 168                     html_tag( 'td',
 169                         '<b>' . sprintf (_("%s Login"), $org_name) . "</b>\n",
 170                     'center', $color[0] )
 171                 ) .
 172                 html_tag( 'tr',
 173                     html_tag( 'td',  "\n" .
 174                         html_tag( 'table',
 175                             html_tag( 'tr',
 176                                 html_tag( 'td',
 177                                     _("Name:") ,
 178                                 'right', '', 'width="30%"' ) .
 179                                 html_tag( 'td',
 180                                     addInput($username_form_name, $loginname_value),
 181                                 'left', '', 'width="*"' )
 182                                 ) . "\n" .
 183                             html_tag( 'tr',
 184                                 html_tag( 'td',
 185                                     _("Password:") ,
 186                                 'right', '', 'width="30%"' ) .
 187                                 html_tag( 'td',
 188                                     addPwField($password_form_name).
 189                                     addHidden('js_autodetect_results', SMPREF_JS_OFF).
 190                                     $rcptaddress .
 191                                     addHidden('just_logged_in', '1'),
 192                                     'left', '', 'width="*"' )
 193                                 ) .
 194                                 concat_hook_function('login_form') ,
 195                             'center', $color[4], 'border="0" width="100%"' ) ,
 196                         'left', $color[4] )
 197                         ) .
 198                         html_tag( 'tr',
 199                                 html_tag( 'td',
 200                                     '<div style="text-align: center;">'. addSubmit(_("Login")) .'</div>',
 201                                     'left' )
 202                                 ),
 203                         '', $color[4], 'border="0" width="350"' ) . '</div>',
 204                         'center' )
 205                         ) ,
 206                         '', $color[4], 'border="0" cellspacing="0" cellpadding="0" width="100%"' );
 207 echo '</form>' . "\n";
 208
 209 do_hook('login_bottom');
 210
 211 ?>
 212 </body></html>