Don't assume we are the first form on the page
[squirrelmail.git] / src / login.php
1 <?php
2
3 /**
4 * login.php -- simple login screen
5 *
6 * This a simple login screen. Some housekeeping is done to clean
7 * cookies and find language.
8 *
9 * @copyright &copy; 1999-2007 The SquirrelMail Project Team
10 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
11 * @version $Id$
12 * @package squirrelmail
13 */
14
15 /** This is the login page */
16 define('PAGE_NAME', 'login');
17
18 /**
19 * Include the SquirrelMail initialization file.
20 */
21 require('../include/init.php');
22
23 /* SquirrelMail required files. */
24 require_once(SM_PATH . 'functions/imap_general.php');
25 require_once(SM_PATH . 'functions/forms.php');
26
27 /**
28 * $squirrelmail_language is set by a cookie when the user selects
29 * language and logs out
30 */
31 set_up_language($squirrelmail_language, TRUE, TRUE);
32
33 /**
34 * This detects if the IMAP server has logins disabled, and if so,
35 * squelches the display of the login form and puts up a message
36 * explaining the situation.
37 */
38 if($imap_auth_mech == 'login') {
39 /**
40 * detect disabled login, only when imapServerAddress contains
41 * server address and not mapping. See sqimap_get_user_server()
42 */
43 if (substr($imapServerAddress, 0, 4) != "map:") {
44 $imap = sqimap_create_stream($imapServerAddress, $imapPort, $use_imap_tls);
45 $logindisabled = sqimap_capability($imap,'LOGINDISABLED');
46 sqimap_logout($imap);
47 if ($logindisabled) {
48 $string = _("The IMAP server is reporting that plain text logins are disabled.").'<br />'.
49 _("Using CRAM-MD5 or DIGEST-MD5 authentication instead may work.").'<br />';
50 if (!$use_imap_tls) {
51 $string .= _("Also, the use of TLS may allow SquirrelMail to login.").'<br />';
52 }
53 $string .= _("Please contact your system administrator and report this error.");
54 error_box($string);
55 // display footer (closes html tags) and stop script execution
56 $oTemplate->display('footer.tpl');
57 exit;
58 }
59 }
60 }
61
62 do_hook('login_cookie', $null);
63
64 $loginname_value = (sqGetGlobalVar('loginname', $loginname) ? htmlspecialchars($loginname) : '');
65
66 //FIXME: should be part of the template, not the core!
67 /* Output the javascript onload function. */
68 $header = "<script type=\"text/javascript\">\n" .
69 "<!--\n".
70 " var alreadyFocused = false;\n".
71 " function squirrelmail_loginpage_onload() {\n".
72 " if (alreadyFocused) return;\n".
73 " var textElements = 0; var i = 0;\n".
74 " for (i = 0; i < document.login_form.elements.length; i++) {\n".
75 " if (document.login_form.elements[i].type == \"text\" || document.login_form.elements[i].type == \"password\") {\n".
76 " textElements++;\n".
77 " if (textElements == " . (isset($loginname) ? 2 : 1) . ") {\n".
78 " document.login_form.elements[i].focus();\n".
79 " break;\n".
80 " }\n".
81 " }\n".
82 " }\n".
83 " }\n".
84 "// -->\n".
85 "</script>\n";
86
87 if (@file_exists($theme[$theme_default]['PATH']))
88 @include ($theme[$theme_default]['PATH']);
89
90 if (! isset($color) || ! is_array($color)) {
91 // Add default color theme, if theme loading fails
92 $color = array();
93 $color[0] = '#dcdcdc'; /* light gray TitleBar */
94 $color[1] = '#800000'; /* red */
95 $color[2] = '#cc0000'; /* light red Warning/Error Messages */
96 $color[4] = '#ffffff'; /* white Normal Background */
97 $color[7] = '#0000cc'; /* blue Links */
98 $color[8] = '#000000'; /* black Normal text */
99 }
100
101 displayHtmlHeader( "$org_name - " . _("Login"), $header, FALSE );
102
103
104
105 /* If they don't have a logo, don't bother.. */
106 $logo_str = '';
107 if (isset($org_logo) && $org_logo) {
108
109 if (isset($org_logo_width) && is_numeric($org_logo_width) &&
110 $org_logo_width>0) {
111 $width = $org_logo_width;
112 } else {
113 $width = '';
114 }
115 if (isset($org_logo_height) && is_numeric($org_logo_height) &&
116 $org_logo_height>0) {
117 $height = $org_logo_height;
118 } else {
119 $height = '';
120 }
121
122 $logo_str = create_image($org_logo, sprintf(_("%s Logo"), $org_name),
123 $width, $height, '', 'sqm_loginImage');
124
125 }
126
127 $sm_attribute_str = '';
128 if (isset($hide_sm_attributions) && !$hide_sm_attributions) {
129 $sm_attribute_str = _("SquirrelMail Webmail")."\n" .
130 _("By the SquirrelMail Project Team");
131 }
132
133 if(sqgetGlobalVar('mailtodata', $mailtodata)) {
134 $mailtofield = addHidden('mailtodata', $mailtodata);
135 } else {
136 $mailtofield = '';
137 }
138
139 $password_field = addPwField('secretkey');
140 $login_extra = addHidden('js_autodetect_results', SMPREF_JS_OFF).
141 $mailtofield .
142 addHidden('just_logged_in', '1');
143
144 session_write_close();
145
146 $oTemplate->assign('logo_str', $logo_str, FALSE);
147 $oTemplate->assign('logo_path', $org_logo);
148 $oTemplate->assign('sm_attribute_str', $sm_attribute_str);
149 // i18n: The %s represents the service provider's name
150 $oTemplate->assign('org_name_str', sprintf (_("%s Login"), $org_name));
151 // i18n: The %s represents the service provider's name
152 $oTemplate->assign('org_logo_str', sprintf (_("The %s logo"), $org_name));
153 $oTemplate->assign('login_field_value', $loginname_value);
154 $oTemplate->assign('login_extra', $login_extra, FALSE);
155
156 //FIXME: need to remove *ALL* HTML from this file!
157 echo '<body onload="squirrelmail_loginpage_onload()">'."\n";
158 echo '<form name="login_form" id="login_form" action="redirect.php" method="post" onsubmit="document.login_form.js_autodetect_results.value='. SMPREF_JS_ON .'">'."\n";
159 do_hook('login_top', $null);
160
161 $oTemplate->display('login.tpl');
162
163 //FIXME: need to remove *ALL* HTML from this file!
164 echo "</form>\n";
165 do_hook('login_bottom', $null);
166
167 // Turn off delayed error handling to make sure all errors are dumped.
168 $oErrorHandler->setDelayedErrors(false);
169
170 $oTemplate->display('footer.tpl');