[tokkee]

tokkee.org

Code

projects / gosa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Added logging of IP address. Closes #1137. Thanks for contribution.
[gosa.git] / gosa-core / html / index.php
diff --git a/gosa-core/html/index.php b/gosa-core/html/index.php
index 0510543652829fd9b0cfe308e7a854408df569a6..eae3f532d184898e9f2f261249273c7dfcb17a54 100644 (file)
--- a/gosa-core/html/index.php
+++ b/gosa-core/html/index.php
@@ -38,7 +38,7 @@ function displayLogin()
   /* Fill template with required values */
   $username = "";
   if(isset($_POST["username"])){
-    $username= $_POST["username"];
+    $username= get_post("username");
   }
   $smarty->assign ('date', gmdate("D, d M Y H:i:s"));
   $smarty->assign ('username', $username);
@@ -69,7 +69,7 @@ function displayLogin()
   /* Generate server list */
   $servers= array();
   if (isset($_POST['server'])){
-    $selected= validate($_POST['server']);
+    $selected= get_post('server');
   } else {
     $selected= $config->data['MAIN']['DEFAULT'];
   }
@@ -244,7 +244,7 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces
   }
 
   if (!$htaccess_authenticated){
-    $server= validate($_POST["server"]);
+    $server= get_post("server");
   }
   $config->set_current($server);
 
@@ -294,11 +294,11 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces
   /* Check for valid input */
   $ok= true;
   if (!$htaccess_authenticated){
-    $username= $_POST["username"];
+    $username= get_post("username");
     if (!preg_match("/^[@A-Za-z0-9_.-]+$/", $username)){
       $message= _("Please specify a valid username!");
       $ok= false;
-    } elseif (mb_strlen($_POST["password"], 'UTF-8') == 0){
+    } elseif (mb_strlen(get_post("password"), 'UTF-8') == 0){
       $message= _("Please specify your password!");
       $smarty->assign ('nextfield', 'password');
       $ok= false;
@@ -315,13 +315,14 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces
         exit;
       }
     } else {
-      $ui= ldap_login_user($username, $_POST["password"]);
+      $ui= ldap_login_user($username, get_post("password"));
     }
     if ($ui === NULL || !$ui){
       $message= _("Please check the username/password combination.");
       $smarty->assign ('nextfield', 'password');
       session::global_set('config',$config);
-      new log("security","login","",array(),"Authentication failed for user \"$username\"");
+      $ip= $_SERVERREMOTE_ADDR;
+      new log("security","login","",array(),"Authentication failed for user \"$username\" [from $ip]");
     } else {
       /* Remove all locks of this user */
       del_user_locks($ui->dn);
@@ -414,7 +415,7 @@ $smarty->assign ("cookies", "<b>"._("Warning").":<\/b> "._("Your browser has coo
 /* Generate server list */
 $servers= array();
 if (isset($_POST['server'])){
-  $selected= validate($_POST['server']);
+  $selected= get_post('server');
 } else {
   $selected= $config->data['MAIN']['DEFAULT'];
 }
GONICUS system administrator (SVN clone)