| [ Index ] |
|
Code source de WebCalendar 1.0.5 |
1 <?php 2 include "includes/config.php"; 3 include "includes/php-dbi.php"; 4 include "includes/functions.php"; 5 include "includes/$user_inc"; 6 include "includes/connect.php"; 7 8 // Change this to true to show "no such user" or "invalid password" on 9 // login failures. 10 $showLoginFailureReason = true; 11 12 load_global_settings (); 13 14 if ( ! empty ( $last_login ) ) { 15 $login = ""; 16 } 17 18 if ( empty ( $webcalendar_login ) ) { 19 $webcalendar_login = ""; 20 } 21 22 if ( $remember_last_login == "Y" && empty ( $login ) ) { 23 $last_login = $login = $webcalendar_login; 24 } 25 26 27 include "includes/translate.php"; 28 29 // see if a return path was set 30 if ( ! empty ( $return_path ) ) { 31 $return_path = clean_whitespace ( $return_path ); 32 $url = $return_path; 33 } else { 34 $url = "index.php"; 35 } 36 37 $lang = ''; 38 if ( ! empty ( $LANGUAGE ) && $LANGUAGE != "Browser-defined" && $LANGUAGE != "none" ) { 39 $lang = languageToAbbrev ( $LANGUAGE ); 40 } else { 41 $lang_long = get_browser_language (); 42 $lang = languageToAbbrev ( $lang_long ); 43 } 44 45 if ( empty ( $lang ) ) { 46 $lang = 'en'; 47 } 48 49 $login = getPostValue ( 'login' ); 50 $password = getPostValue ( 'password' ); 51 52 if ( ! empty ( $settings['session'] ) && $settings['session'] = 'php' ) { 53 session_start (); 54 } 55 56 // calculate path for cookie 57 if ( empty ( $PHP_SELF ) ) { 58 $PHP_SELF = $_SERVER["PHP_SELF"]; 59 } 60 $cookie_path = str_replace ( "login.php", "", $PHP_SELF ); 61 //echo "Cookie path: $cookie_path\n$cookie_path1"; 62 63 if ( $single_user == "Y" ) { 64 // No login for single-user mode 65 do_redirect ( "index.php" ); 66 } else if ( $use_http_auth ) { 67 // There is no login page when using HTTP authorization 68 do_redirect ( "index.php" ); 69 } else { 70 if ( ! empty ( $login ) && ! empty ( $password ) ) { 71 if ( get_magic_quotes_gpc() ) { 72 $password = stripslashes ( $password ); 73 $login = stripslashes ( $login ); 74 } 75 $login = trim ( $login ); 76 if ( $login != addslashes ( $login ) ) { 77 die_miserable_death ( "Illegal characters in login " . 78 "<tt>" . htmlentities ( $login ) . "</tt>" ); 79 } 80 if ( user_valid_login ( $login, $password ) ) { 81 user_load_variables ( $login, "" ); 82 // set login to expire in 365 days 83 srand((double) microtime() * 1000000); 84 $salt = chr( rand(ord('A'), ord('z'))) . chr( rand(ord('A'), ord('z'))); 85 $encoded_login = encode_string ( $login . "|" . crypt($password, $salt) ); 86 87 if ( ! empty ( $settings['session'] ) && $settings['session'] = 'php' ) { 88 $_SESSION['webcalendar_session'] = $encoded_login; 89 } else { 90 if ( ! empty ( $remember ) && $remember == "yes" ) { 91 SetCookie ( "webcalendar_session", $encoded_login, 92 time() + ( 24 * 3600 * 365 ), $cookie_path ); 93 } else { 94 SetCookie ( "webcalendar_session", $encoded_login, 0, $cookie_path ); 95 } 96 } 97 load_user_preferences (); 98 // The cookie "webcalendar_login" is provided as a convenience to 99 // other apps that may wish to find out what the last calendar 100 // login was, so they can use week_ssi.php as a server-side include. 101 // As such, it's not a security risk to have it un-encoded since it 102 // is not used to allow logins within this app. It is used to 103 // load user preferences on the login page (before anyone has 104 // logged in) if $remember_last_login is set to "Y" (in admin.php). 105 if ( ! empty ( $remember ) && $remember == "yes" ) { 106 SetCookie ( "webcalendar_login", $login, 107 time() + ( 24 * 3600 * 365 ), $cookie_path ); 108 } else { 109 SetCookie ( "webcalendar_login", $login, 0, $cookie_path ); 110 } 111 do_redirect ( $url ); 112 } else { 113 // Invalid login 114 if ( empty ( $error ) || ! $showLoginFailureReason ) { 115 $error = translate("Invalid login" ); 116 } 117 } 118 } else { 119 // No login info... just present empty login page 120 //$error = "Start"; 121 } 122 // delete current user 123 SetCookie ( "webcalendar_session", "", 0, $cookie_path ); 124 // In older versions the cookie path had no trailing slash and NS 4.78 125 // thinks "path/" and "path" are different, so the line above does not 126 // delete the "old" cookie. This prohibits the login. So we delete the 127 // cookie with the trailing slash removed 128 if (substr($cookie_path, -1) == '/') { 129 SetCookie ( "webcalendar_session", "", 0, substr($cookie_path, 0, -1) ); 130 } 131 } 132 $charset = ( ! empty ( $LANGUAGE )?translate("charset"): "iso-8859-1" ); 133 echo "<?xml version=\"1.0\" encoding=\"$charset\"?>" . "\n"; 134 ?> 135 <!DOCTYPE html 136 PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd"> 137 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $lang; ?>" lang="<?php echo $lang; ?>"> 138 <head> 139 <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $charset; ?>" /> 140 <title><?php etranslate($application_name)?></title> 141 <script type="text/javascript"> 142 // error check login/password 143 function valid_form ( form ) { 144 if ( form.login.value.length == 0 || form.password.value.length == 0 ) { 145 alert ( "<?php etranslate("You must enter a login and password")?>." ); 146 return false; 147 } 148 return true; 149 } 150 function myOnLoad() { 151 <?php if ( ! empty ( $plugins_enabled ) && ( $plugins_enabled ) ){ ?> 152 if (self != top) { 153 window.open("login.php","_top",""); 154 return; 155 } 156 <?php } ?> 157 document.login_form.login.focus(); 158 <?php 159 if ( ! empty ( $login ) ) echo "document.login_form.login.select();"; 160 if ( ! empty ( $error ) ) { 161 echo " alert ( \"$error\" );\n"; 162 } 163 ?> 164 } 165 </script> 166 <?php 167 include "includes/styles.php"; 168 169 // Print custom header (since we do not call print_header function) 170 if ( ! empty ( $CUSTOM_SCRIPT ) && $CUSTOM_SCRIPT == 'Y' ) { 171 $res = dbi_query ( 172 "SELECT cal_template_text FROM webcal_report_template " . 173 "WHERE cal_template_type = 'S' and cal_report_id = 0" ); 174 if ( $res ) { 175 if ( $row = dbi_fetch_row ( $res ) ) { 176 echo $row[0]; 177 } 178 dbi_free_result ( $res ); 179 } 180 } 181 ?> 182 </head> 183 <body onload="myOnLoad();"> 184 <?php 185 // Print custom header (since we do not call print_header function) 186 if ( ! empty ( $CUSTOM_HEADER ) && $CUSTOM_HEADER == 'Y' ) { 187 $res = dbi_query ( 188 "SELECT cal_template_text FROM webcal_report_template " . 189 "WHERE cal_template_type = 'H' and cal_report_id = 0" ); 190 if ( $res ) { 191 if ( $row = dbi_fetch_row ( $res ) ) { 192 echo $row[0]; 193 } 194 dbi_free_result ( $res ); 195 } 196 } 197 ?> 198 199 <h2><?php 200 // If Application Name is set to Title then get translation 201 // If not, use the Admin defined Application Name 202 if ( ! empty ( $application_name ) && $application_name =="Title") { 203 etranslate($application_name); 204 } else { 205 echo htmlspecialchars ( $application_name ); 206 } 207 ?></h2> 208 209 <?php 210 if ( ! empty ( $error ) ) { 211 print "<span style=\"color:#FF0000; font-weight:bold;\">" . 212 translate("Error") . ": $error</span><br />\n"; 213 } else { 214 print "<br />\n"; 215 } 216 ?> 217 <form name="login_form" id="login" action="login.php" method="post" 218 onsubmit="return valid_form(this)"> 219 <?php 220 if ( ! empty ( $return_path ) ) { 221 echo "<input type=\"hidden\" name=\"return_path\" value=\"" . 222 htmlentities ( $return_path ) . "\" />\n"; 223 } 224 ?> 225 226 <table cellpadding="10" align="center"> 227 <tr><td rowspan="2"> 228 <img src="login.gif" alt="Login" /></td><td align="right"> 229 <label for="user"><?php etranslate("Username")?>:</label></td><td> 230 <input name="login" id="user" size="15" maxlength="25" 231 value="<?php if ( ! empty ( $last_login ) ) echo $last_login;?>" 232 tabindex="1" /> 233 </td></tr> 234 <tr><td style="text-align:right;"> 235 <label for="password"><?php etranslate("Password")?>:</label></td><td> 236 <input name="password" id="password" type="password" size="15" 237 maxlength="30" tabindex="2" /> 238 </td></tr> 239 <tr><td colspan="3" style="font-size: 10px;"> 240 <input type="checkbox" name="remember" id="remember" tabindex="3" 241 value="yes" <?php if ( ! empty ( $remember ) && $remember == "yes" ) { 242 echo "checked=\"checked\""; }?> /><label for="remember"> 243 <?php etranslate("Save login via cookies so I don't have to login next time")?></label> 244 </td></tr> 245 <tr><td colspan="4" style="text-align:center;"> 246 <input type="submit" value="<?php etranslate("Login")?>" tabindex="4" /> 247 </td></tr> 248 </table> 249 </form> 250 251 <?php if ( ! empty ( $public_access ) && $public_access == "Y" ) { ?> 252 <br /><br /> 253 <a class="nav" href="index.php"> 254 <?php etranslate("Access public calendar")?></a><br /> 255 <?php } ?> 256 257 <?php if ( $demo_mode == "Y" ) { 258 // This is used on the sourceforge demo page 259 echo "Demo login: user = \"demo\", password = \"demo\"<br />"; 260 } ?> 261 <br /><br /><br /> 262 <span class="cookies"><?php etranslate("cookies-note")?></span><br /> 263 <hr /> 264 <br /><br /> 265 <a href="<?php echo $PROGRAM_URL ?>" id="programname"><?php echo $PROGRAM_NAME?></a> 266 267 <?php // Print custom trailer (since we do not call print_trailer function) 268 if ( ! empty ( $CUSTOM_TRAILER ) && $CUSTOM_TRAILER == 'Y' ) { 269 $res = dbi_query ( 270 "SELECT cal_template_text FROM webcal_report_template " . 271 "WHERE cal_template_type = 'T' and cal_report_id = 0" ); 272 if ( $res ) { 273 if ( $row = dbi_fetch_row ( $res ) ) { 274 echo $row[0]; 275 } 276 dbi_free_result ( $res ); 277 } 278 } ?> 279 </body> 280 </html>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Fri Nov 30 19:09:19 2007 | par Balluche grâce à PHPXref 0.7 |
|
|