3 include "./includes/config.php";
4 include "./includes/php-dbi.php";
5 include "./includes/functions.php";
6 include "./includes/$user_inc";
7 include "./includes/connect.php";
9 // Change this to true to show "no such user" or "invalid password" on
11 $showLoginFailureReason = true;
13 load_global_settings ();
18 //utilisation des cookies
19 //modif du fichier include/user.php
21 if($_GET['type'] == 'group'){
22 $group_id = getIntFromRequest('group_id');
23 //session_require(array('group'=>$group_id,'admin_flags'=>'A'));
25 //choix du calendrier a afficher
26 $sql_group = "SELECT unix_group_name FROM groups WHERE group_id = '".$_GET['group_id']."'" ;
27 $result_group = dbi_query ($sql_group);
28 if ( $result_group ) {
29 if ( $row_group = dbi_fetch_row ( $result_group ) ) {
30 $return_path = 'week.php?user='.$row_group[0];
32 dbi_free_result ( $result_group );
34 //on log l'utilisateur
35 $sql = "SELECT user_name,user_pw FROM users WHERE user_id = '".user_getid()."'" ;
37 $result = dbi_query ($sql);
39 if ( $row_log = dbi_fetch_row ( $result ) ) {
40 $_POST['login'] = $row_log[0];
41 $_POST['password'] = $row_log[1];
44 dbi_free_result ( $result );
50 if($_GET['type'] == 'user'){
51 $sql = "SELECT user_name,user_pw FROM users WHERE user_id = '".user_getid()."'" ;
52 $result = dbi_query ($sql);
54 if ( $row_log = dbi_fetch_row ( $result ) ) {
55 $_POST['login'] = $row_log[0];
56 $_POST['password'] = $row_log[1];
59 dbi_free_result ( $result );
65 if ( ! empty ( $last_login ) ) {
69 if ( empty ( $webcalendar_login ) ) {
70 $webcalendar_login = "";
73 if ( $remember_last_login == "Y" && empty ( $login ) ) {
74 $last_login = $login = $webcalendar_login;
78 include "includes/translate.php";
80 // see if a return path was set
81 if ( ! empty ( $return_path ) ) {
82 $return_path = clean_whitespace ( $return_path );
88 if ( ! empty ( $LANGUAGE ) && $LANGUAGE != "Browser-defined" && $LANGUAGE != "none" ) {
89 $lang = languageToAbbrev ( $LANGUAGE );
91 $lang_long = get_browser_language ();
92 $lang = languageToAbbrev ( $lang_long );
95 if ( empty ( $lang ) ) {
99 $login = getPostValue ( 'login' );
100 $password = getPostValue ( 'password' );
102 if ( ! empty ( $settings['session'] ) && $settings['session'] = 'php' ) {
106 // calculate path for cookie
107 if ( empty ( $PHP_SELF ) ) {
108 $PHP_SELF = $_SERVER["PHP_SELF"];
110 $cookie_path = str_replace ( "login.php", "", $PHP_SELF );
111 //echo "Cookie path: $cookie_path\n$cookie_path1";
113 if ( $single_user == "Y" ) {
114 // No login for single-user mode
115 do_redirect ( "index.php" );
116 } else if ( $use_http_auth ) {
117 // There is no login page when using HTTP authorization
118 do_redirect ( "index.php" );
120 if ( ! empty ( $login ) && ! empty ( $password ) ) {
121 if ( get_magic_quotes_gpc() ) {
122 $password = stripslashes ( $password );
123 $login = stripslashes ( $login );
125 $login = trim ( $login );
126 if ( $login != addslashes ( $login ) ) {
127 die_miserable_death ( "Illegal characters in login " .
128 "<tt>" . htmlentities ( $login ) . "</tt>" );
130 if ( user_valid_login ( $login, $password ) ) {
131 user_load_variables ( $login, "" );
132 // set login to expire in 365 days
133 srand((double) microtime() * 1000000);
134 $salt = chr( rand(ord('A'), ord('z'))) . chr( rand(ord('A'), ord('z')));
135 $encoded_login = encode_string ( $login . "|" . crypt($password, $salt) );
137 if ( ! empty ( $settings['session'] ) && $settings['session'] = 'php' ) {
138 $_SESSION['webcalendar_session'] = $encoded_login;
140 if ( ! empty ( $remember ) && $remember == "yes" ) {
141 SetCookie ( "webcalendar_session", $encoded_login,
142 time() + ( 24 * 3600 * 365 ), $cookie_path );
144 SetCookie ( "webcalendar_session", $encoded_login, 0, $cookie_path );
147 load_user_preferences ();
148 // The cookie "webcalendar_login" is provided as a convenience to
149 // other apps that may wish to find out what the last calendar
150 // login was, so they can use week_ssi.php as a server-side include.
151 // As such, it's not a security risk to have it un-encoded since it
152 // is not used to allow logins within this app. It is used to
153 // load user preferences on the login page (before anyone has
154 // logged in) if $remember_last_login is set to "Y" (in admin.php).
155 if ( ! empty ( $remember ) && $remember == "yes" ) {
156 SetCookie ( "webcalendar_login", $login,
157 time() + ( 24 * 3600 * 365 ), $cookie_path );
159 SetCookie ( "webcalendar_login", $login, 0, $cookie_path );
161 do_redirect ( $url );
164 if ( empty ( $error ) || ! $showLoginFailureReason ) {
165 $error = translate("Invalid login" );
169 // No login info... just present empty login page
172 // delete current user
173 SetCookie ( "webcalendar_session", "", 0, $cookie_path );
174 // In older versions the cookie path had no trailing slash and NS 4.78
175 // thinks "path/" and "path" are different, so the line above does not
176 // delete the "old" cookie. This prohibits the login. So we delete the
177 // cookie with the trailing slash removed
178 if (substr($cookie_path, -1) == '/') {
179 SetCookie ( "webcalendar_session", "", 0, substr($cookie_path, 0, -1) );
182 $charset = ( ! empty ( $LANGUAGE )?translate("charset"): "iso-8859-1" );
183 echo "<?xml version=\"1.0\" encoding=\"$charset\"?>" . "\n";
186 PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
187 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $lang; ?>" lang="<?php echo $lang; ?>">
189 <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $charset; ?>" />
190 <title><?php etranslate($application_name)?></title>
191 <script type="text/javascript">
192 // error check login/password
193 function valid_form ( form ) {
194 if ( form.login.value.length == 0 || form.password.value.length == 0 ) {
195 alert ( "<?php etranslate("You must enter a login and password")?>." );
200 function myOnLoad() {
201 <?php if ( ! empty ( $plugins_enabled ) && ( $plugins_enabled ) ){ ?>
203 window.open("login.php","_top","");
207 document.login_form.login.focus();
209 if ( ! empty ( $login ) ) echo "document.login_form.login.select();";
210 if ( ! empty ( $error ) ) {
211 echo " alert ( \"$error\" );\n";
217 include "includes/styles.php";
219 // Print custom header (since we do not call print_header function)
220 if ( ! empty ( $CUSTOM_SCRIPT ) && $CUSTOM_SCRIPT == 'Y' ) {
222 "SELECT cal_template_text FROM webcal_report_template " .
223 "WHERE cal_template_type = 'S' and cal_report_id = 0" );
225 if ( $row = dbi_fetch_row ( $res ) ) {
228 dbi_free_result ( $res );
233 <body onload="myOnLoad();">
235 // Print custom header (since we do not call print_header function)
236 if ( ! empty ( $CUSTOM_HEADER ) && $CUSTOM_HEADER == 'Y' ) {
238 "SELECT cal_template_text FROM webcal_report_template " .
239 "WHERE cal_template_type = 'H' and cal_report_id = 0" );
241 if ( $row = dbi_fetch_row ( $res ) ) {
244 dbi_free_result ( $res );
250 // If Application Name is set to Title then get translation
251 // If not, use the Admin defined Application Name
252 if ( ! empty ( $application_name ) && $application_name =="Title") {
253 etranslate($application_name);
255 echo htmlspecialchars ( $application_name );
260 if ( ! empty ( $error ) ) {
261 print "<span style=\"color:#FF0000; font-weight:bold;\">" .
262 translate("Error") . ": $error</span><br />\n";
267 <form name="login_form" id="login" action="login.php" method="post"
268 onsubmit="return valid_form(this)">
270 if ( ! empty ( $return_path ) ) {
271 echo "<input type=\"hidden\" name=\"return_path\" value=\"" .
272 htmlentities ( $return_path ) . "\" />\n";
276 <table cellpadding="10" align="center">
278 <img src="login.gif" alt="Login" /></td><td align="right">
279 <label for="user"><?php etranslate("Username")?>:</label></td><td>
280 <input name="login" id="user" size="15" maxlength="25"
281 value="<?php if ( ! empty ( $last_login ) ) echo $last_login;?>"
284 <tr><td style="text-align:right;">
285 <label for="password"><?php etranslate("Password")?>:</label></td><td>
286 <input name="password" id="password" type="password" size="15"
287 maxlength="30" tabindex="2" />
289 <tr><td colspan="3" style="font-size: 10px;">
290 <input type="checkbox" name="remember" id="remember" tabindex="3"
291 value="yes" <?php if ( ! empty ( $remember ) && $remember == "yes" ) {
292 echo "checked=\"checked\""; }?> /><label for="remember">
293 <?php etranslate("Save login via cookies so I don't have to login next time")?></label>
295 <tr><td colspan="4" style="text-align:center;">
296 <input type="submit" value="<?php etranslate("Login")?>" tabindex="4" />
301 <?php if ( ! empty ( $public_access ) && $public_access == "Y" ) { ?>
303 <a class="nav" href="index.php">
304 <?php etranslate("Access public calendar")?></a><br />
307 <?php if ( $demo_mode == "Y" ) {
308 // This is used on the sourceforge demo page
309 echo "Demo login: user = \"demo\", password = \"demo\"<br />";
312 <span class="cookies"><?php etranslate("cookies-note")?></span><br />
315 <a href="<?php echo $PROGRAM_URL ?>" id="programname"><?php echo $PROGRAM_NAME?></a>
317 <?php // Print custom trailer (since we do not call print_trailer function)
318 if ( ! empty ( $CUSTOM_TRAILER ) && $CUSTOM_TRAILER == 'Y' ) {
320 "SELECT cal_template_text FROM webcal_report_template " .
321 "WHERE cal_template_type = 'T' and cal_report_id = 0" );
323 if ( $row = dbi_fetch_row ( $res ) ) {
326 dbi_free_result ( $res );