X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-core%2Fhtml%2Findex.php;h=577fc6e4bd288dc306ddabab6bdadcce7db8270d;hb=2a149851f2d86b31477ca6b82b02395a4a1a0393;hp=342d9a3b7295fa70cb7bfac835705b139023074e;hpb=0fb744832aa9692e24c9cb2ec2638059eaab41bd;p=gosa.git diff --git a/gosa-core/html/index.php b/gosa-core/html/index.php index 342d9a3b7..577fc6e4b 100644 --- a/gosa-core/html/index.php +++ b/gosa-core/html/index.php @@ -38,7 +38,7 @@ function displayLogin() /* Fill template with required values */ $username = ""; if(isset($_POST["username"])){ - $username= $_POST["username"]; + $username= get_post("username"); } $smarty->assign ('date', gmdate("D, d M Y H:i:s")); $smarty->assign ('username', $username); @@ -61,7 +61,7 @@ function displayLogin() if(!$config->check_session_lifetime()){ $smarty->assign ("lifetime", _("Warning").": ". - _("The session lifetime configured in your gosa.conf will be overridden by php.ini settings.")); + _("The session lifetime configured in your gosa.conf will be overridden by php.ini settings.")); }else{ $smarty->assign ("lifetime", ""); } @@ -69,7 +69,7 @@ function displayLogin() /* Generate server list */ $servers= array(); if (isset($_POST['server'])){ - $selected= validate($_POST['server']); + $selected= get_post('server'); } else { $selected= $config->data['MAIN']['DEFAULT']; } @@ -90,6 +90,8 @@ function displayLogin() $smarty->assign("php_errors", ""); } $smarty->assign("msg_dialogs", msg_dialog::get_dialogs()); + $smarty->assign("iePngWorkaround", $config->get_cfg_value("iePngWorkaround","false" ) == "true"); + $smarty->assign("usePrototype", "false"); $smarty->display (get_template_path('headers.tpl')); $smarty->assign("version",get_gosa_version()); $smarty->display(get_template_path('login.tpl')); @@ -132,9 +134,9 @@ session::set('errors',""); /* Check for java script */ if(isset($_POST['javascript']) && $_POST['javascript'] == "true") { - session::set('js',TRUE); + session::global_set('js',TRUE); }elseif(isset($_POST['javascript'])) { - session::set('js',FALSE); + session::global_set('js',FALSE); } /* Check if gosa.conf (.CONFIG_FILE) is accessible */ @@ -145,23 +147,23 @@ if (!is_readable(CONFIG_DIR."/".CONFIG_FILE)){ /* Parse configuration file */ $config= new config(CONFIG_DIR."/".CONFIG_FILE, $BASE_DIR); -session::set('DEBUGLEVEL',$config->get_cfg_value('DEBUGLEVEL')); +session::global_set('DEBUGLEVEL',$config->get_cfg_value('DEBUGLEVEL')); if ($_SERVER["REQUEST_METHOD"] != "POST"){ @DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config"); } /* Enable compressed output */ -if ($config->get_cfg_value("compressed") != ""){ +if ($config->get_cfg_value("sendCompressedOutput") != ""){ ob_start("ob_gzhandler"); } /* Set template compile directory */ -$smarty->compile_dir= $config->get_cfg_value("compile", '/var/spool/gosa'); +$smarty->compile_dir= $config->get_cfg_value("templateCompileDirectory", '/var/spool/gosa'); /* Check for compile directory */ if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))){ msg_dialog::display(_("Smarty error"),sprintf(_("Directory '%s' specified as compile directory is not accessible!"), - $smarty->compile_dir),FATAL_ERROR_DIALOG); + $smarty->compile_dir),FATAL_ERROR_DIALOG); exit(); } @@ -209,7 +211,7 @@ if ($config->get_cfg_value("forcessl") == 'true' && $ssl != ''){ /* Do we have htaccess authentification enabled? */ $htaccess_authenticated= FALSE; -if ($config->get_cfg_value("htaccess_auth") == "true" ){ +if ($config->get_cfg_value("htaccessAuthentication") == "true" ){ if (!isset($_SERVER['REMOTE_USER'])){ msg_dialog::display(_("Configuration error"), _("There is a problem with the authentication setup!"), FATAL_ERROR_DIALOG); exit; @@ -223,7 +225,7 @@ if ($config->get_cfg_value("htaccess_auth") == "true" ){ exit; } if ($server == ""){ - msg_dialog::display(_("Error"), _("User information is not unique accross the configured LDAP trees!"), FATAL_ERROR_DIALOG); + msg_dialog::display(_("Error"), _("User information is not unique across the configured LDAP trees!"), FATAL_ERROR_DIALOG); exit; } @@ -237,12 +239,12 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces $message= ""; /* Destroy old sessions, they cause a successfull login to relog again ...*/ - if(session::is_set('_LAST_PAGE_REQUEST')){ - session::set('_LAST_PAGE_REQUEST',time()); + if(session::global_is_set('_LAST_PAGE_REQUEST')){ + session::global_set('_LAST_PAGE_REQUEST',time()); } if (!$htaccess_authenticated){ - $server= validate($_POST["server"]); + $server= get_post("server"); } $config->set_current($server); @@ -255,13 +257,9 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces } /* Check for schema file presence */ - #TODO: these three lines should go to the class_config.inc, shouldn't they? - if(!isset($config->data['MAIN']['SCHEMA_CHECK'])){ - $config->data['MAIN']['SCHEMA_CHECK'] = "true"; - } if ($config->get_cfg_value("schemaCheck") == "true"){ - $recursive = ($config->get_cfg_value("recursive") == "true"); - $tls = ($config->get_cfg_value("tls") == "true"); + $recursive = ($config->get_cfg_value("ldapFollowReferrals") == "true"); + $tls = ($config->get_cfg_value("ldapTLS") == "true"); if(!count($ldap->get_objectclasses())){ msg_dialog::display(_("LDAP error"), _("Cannot detect information about the installed LDAP schema!"), ERROR_DIALOG); @@ -269,8 +267,8 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces exit() ; }else{ $cfg = array(); - $cfg['admin'] = $config->current['ADMIN']; - $cfg['password'] = $config->current['PASSWORD']; + $cfg['admin'] = $config->current['ADMINDN']; + $cfg['password'] = $config->current['ADMINPASSWORD']; $cfg['connection']= $config->current['SERVER']; $cfg['tls'] = $tls; $str = check_schema($cfg, $config->get_cfg_value("rfc2307bis") == "true"); @@ -296,17 +294,17 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces /* Check for valid input */ $ok= true; if (!$htaccess_authenticated){ - $username= $_POST["username"]; - if (!ereg("^[@A-Za-z0-9_.-]+$", $username)){ + $username= get_post("username"); + if (!preg_match("/^[@A-Za-z0-9_.-]+$/", $username)){ $message= _("Please specify a valid username!"); $ok= false; - } elseif (mb_strlen($_POST["password"], 'UTF-8') == 0){ + } elseif (mb_strlen(get_post("password"), 'UTF-8') == 0){ $message= _("Please specify your password!"); $smarty->assign ('nextfield', 'password'); $ok= false; } } - + if ($ok) { /* Login as user, initialize user ACL's */ @@ -317,28 +315,30 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces exit; } } else { - $ui= ldap_login_user($username, $_POST["password"]); + $ui= ldap_login_user($username, get_post("password")); } if ($ui === NULL || !$ui){ $message= _("Please check the username/password combination."); $smarty->assign ('nextfield', 'password'); - new log("security","login","",array(),"Authentication failed for user \"$username\"") ; + session::global_set('config',$config); + $ip= $_SERVERREMOTE_ADDR; + new log("security","login","",array(),"Authentication failed for user \"$username\" [from $ip]"); } else { /* Remove all locks of this user */ del_user_locks($ui->dn); /* Save userinfo and plugin structure */ - session::set('ui',$ui); - session::set('session_cnt',0); + session::global_set('ui',$ui); + session::global_set('session_cnt',0); /* Let GOsa trigger a new connection for each POST, save config to session. */ $config->get_departments(); $config->make_idepartments(); - session::set('config',$config); + session::global_set('config',$config); /* Restore filter settings from cookie, if available */ - if($config->get_cfg_value("save_filter") == "true"){ + if($config->get_cfg_value("storeFilterSettings") == "true"){ if(isset($_COOKIE['GOsa_Filter_Settings']) || isset($HTTP_COOKIE_VARS['GOsa_Filter_Settings'])){ @@ -352,7 +352,7 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces $cookie_vars= array("MultiDialogFilters","CurrentMainBase","plug"); foreach($cookie_vars as $var){ if(isset($cookie[$var])){ - session::set($var,$cookie[$var]); + session::global_set($var,$cookie[$var]); } } if(isset($cookie['plug'])){ @@ -363,23 +363,15 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces } /* are we using accountexpiration */ - if ($config->get_cfg_value("account_expiration") == "true"){ + if ($config->get_cfg_value("handleExpiredAccounts") == "true"){ $expired= ldap_expired_account($config, $ui->dn, $ui->username); - if ($expired == 1){ + if ($expired == POSIX_ACCOUNT_EXPIRED){ $message= _("Account locked. Please contact your system administrator!"); $smarty->assign ('nextfield', 'password'); new log("security","login","",array(),"Account for user \"$username\" has expired") ; - } elseif ($expired == 3){ - $plist= new pluglist($config, $ui); - foreach ($plist->dirlist as $key => $value){ - if (preg_match("/\bpassword\b/i",$value)){ - $plug=$key; - new log("security","login","",array(),"User \"$username\" password forced to change") ; - header ("Location: main.php?plug=$plug&reset=1"); - exit; - } - } + displayLogin(); + exit(); } } @@ -387,7 +379,7 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces new log("security","login","",array(),"User \"$username\" logged in successfully") ; $plist= new pluglist($config, $ui); if(isset($plug) && isset($plist->dirlist[$plug])){ - header ("Location: main.php?plug=".$plug."&global_check=1"); + header ("Location: main.php?plug=".$plug."&global_check=1"); }else{ header ("Location: main.php?global_check=1"); } @@ -423,7 +415,7 @@ $smarty->assign ("cookies", ""._("Warning").":<\/b> "._("Your browser has coo /* Generate server list */ $servers= array(); if (isset($_POST['server'])){ - $selected= validate($_POST['server']); + $selected= get_post('server'); } else { $selected= $config->data['MAIN']['DEFAULT']; } @@ -454,7 +446,7 @@ if (session::is_set('errors') && session::get('errors') != ""){ $smarty->assign("focus", $focus); displayLogin(); -// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: +// vim:tabstop=2:expandtab:shiftwidth=2:softtabstop=2:filetype=php:syntax:ruler: ?>