index f8a84e87681c7fcb251b70f75773fe085504d779..00766954d939e4ecc00957a043f9d0c2b47212b3 100644 (file)
--- a/gosa-core/html/index.php
+++ b/gosa-core/html/index.php
/* Fill template with required values */
$username = "";
if(isset($_POST["username"])) {
- $username= $_POST["username"];
+ $username= get_post("username");
}
$smarty->assign ("title","GOsa");
/* Displasy SSL mode warning? */
if ($ssl != "" && $config->get_cfg_value("core",'warnSSL') == 'true') {
- $smarty->assign("ssl", sprintf(_("This session is not ecrypted. Click %s to enter an encrypted session."), "<a href=\"$ssl\">".bold(_("here"))."</a>"));
+ $smarty->assign("ssl", sprintf(_("This session is not encrypted. Click %s to enter an encrypted session."), "<a href=\"$ssl\">".bold(_("here"))."</a>"));
} else {
$smarty->assign("ssl", "");
}
/* Generate server list */
$servers= array();
if (isset($_POST['server'])) {
- $selected= validate($_POST['server']);
+ $selected= get_post('server');
} else {
$selected= $config->data['MAIN']['DEFAULT'];
}
@@ -261,7 +261,7 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces
}
if (!$htaccess_authenticated) {
- $server= validate($_POST["server"]);
+ $server= get_post("server");
}
$config->set_current($server);
@@ -284,11 +284,11 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces
/* Check for valid input */
$ok= true;
if (!$htaccess_authenticated) {
- $username= $_POST["username"];
+ $username= get_post("username");
if (!preg_match("/^[@A-Za-z0-9_.-]+$/", $username)) {
- $message= _("Please specify a valid username!");
+ $message= _("Please specify a valid user name!");
$ok= false;
- } elseif (mb_strlen($_POST["password"], 'UTF-8') == 0) {
+ } elseif (mb_strlen(get_post("password"), 'UTF-8') == 0) {
$message= _("Please specify your password!");
$smarty->assign ('nextfield', 'password');
$ok= false;
@@ -305,7 +305,7 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces
exit;
}
} else {
- $ui= ldap_login_user($username, $_POST["password"]);
+ $ui= ldap_login_user($username, get_post("password"));
}
if ($ui === NULL || !$ui) {
$message= _("Please check the username/password combination!");
@@ -352,29 +352,24 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces
}
/* are we using accountexpiration */
- if ($config->get_cfg_value("core","handleExpiredAccounts") == "true") {
+ if ($config->boolValueIsTrue("core","handleExpiredAccounts")) {
$expired= ldap_expired_account($config, $ui->dn, $ui->username);
- if ($expired == 1) {
+ if ($expired == POSIX_ACCOUNT_EXPIRED) {
$message= _("Account locked. Please contact your system administrator!");
$smarty->assign ('nextfield', 'password');
new log("security","login","",array(),"Account for user \"$username\" has expired") ;
- } elseif ($expired == 3) {
- $plist= new pluglist($config, $ui);
- foreach ($plist->dirlist as $key => $value) {
- if (preg_match("/\bpassword\b/i",$value)) {
- $plug=$key;
- new log("security","login","",array(),"User \"$username\" password forced to change") ;
- header ("Location: main.php?plug=$plug&reset=1");
- exit;
- }
- }
+ displayLogin();
+ exit();
}
}
/* Not account expired or password forced change go to main page */
new log("security","login","",array(),"User \"$username\" logged in successfully") ;
$plist= new pluglist($config, $ui);
+
+ stats::log('global', 'global', array(), $action = 'login', $amount = 1, 0);
+
if(isset($plug) && isset($plist->dirlist[$plug])) {
header ("Location: main.php?plug=".$plug."&global_check=1");
}else{
/* Generate server list */
$servers= array();
-if (isset($_POST['server'])) {
- $selected= validate($_POST['server']);
+if (isset($_POST['server'])){
+ $selected= get_post('server');
} else {
$selected= $config->data['MAIN']['DEFAULT'];
}