Peter M. Groen / knowledgetree

login.php 5.01 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 
<?php

// main library routines and defaults
require_once("../config/dmsDefaults.php");

/**
 * $Id$
 *  
 * This page handles logging a user into the dms.
 * This page displays the login form, and performs the business logic login processing.
 *
 * Licensed under the GNU GPL. For full terms see the file COPYING.
 *
 * @version $Revision$
 * @author Michael Joseph <michael@jamwarehouse.com>, Jam Warehouse (Pty) Ltd, South Africa
 * @package presentation
 */

// -------------------------------
// page start
// -------------------------------
global $default;

if ($loginAction == "loginForm") {
    // TODO: build login form using PatternMainPage
    print "<html>
           <head>
           <link rel=\"stylesheet\" href=\"$default->owl_ui_url/stylesheet.php\">
           </head>
           <body>
           <center>
           <img src=\"$default->owl_root_url/locale/$default->owl_lang/graphics/$default->logo\">
           <br><br>
           <table>\n
           <form action=\"login.php\" method=\"post\">
           <tr><td>Please enter your details below to login</td></tr>
           <tr><td></td></tr>
           <tr align=\"center\"><td><font color=\"red\">$errorMessage</font><tr><td>
           \t<tr><td>$lang_username:</td></tr>
           \t<tr><td><input type=\"text\" name=\"fUserName\" size=\"35\"></td></tr>
           \t<tr><td>$lang_password:</td></tr>
           <tr><td><input type=\"password\" name=\"fPassword\" size=\"35\">
           </td></tr>
           <input type=\"hidden\" name=\"redirect\" value=\"$redirect\"/>
           <input type=\"hidden\" name=\"loginAction\" value=\"login\">\n    
           <tr align=\"right\"><td><input type=\"image\" src=\"$default->owl_graphics_url/icons/login.jpg\" border=\"0\"></td></tr>\n
           </table>
           </center>
           </body>
           </html>";
    
} elseif ($loginAction == "login") {
    // set default url for login failure
    $url = $url . "login.php?loginAction=loginForm";
    // if requirements are met and we have a username and password to authenticate
    if( isset($fUserName) && isset($fPassword) ) {
        // verifies the login and password of the user
        $dbAuth = new $default->authentication_class;
        $userDetails = $dbAuth->login($fUserName, $fPassword);

        switch ($userDetails["status"]) {
            // bad credentials
            case 0:
                $url = $url . "&errorMessage=$lang_loginfail";
                break;
            // successfully authenticated
            case 1:
                // start the session
                $session = new Session();
                $sessionID = $session->create($userDetails["userID"]);
                
                // initialise page-level authorisation array
                $_SESSION["pageAccess"] = NULL;
                
                // check for a location to forward to
                if (isset($redirect) && strlen(trim($redirect))>0) {
                    // remove any params from redirect before looking up from sitemap
                    if (strstr($redirect, "?")) {
                        $queryString = substr($redirect, strpos($redirect, "?")+1, strlen($redirect));
                        $redirect = substr($redirect, 0, strpos($redirect, "?"));
                        $default->log->debug("login.php redirect=$redirect; querystring=$queryString");
                    }
                    
                    // need to strip owl_root_url off $redirect
                    if (strlen($default->owl_root_url) > 0) {
                        $tmp = urldecode($redirect);
                        $default->log->debug("login.php: substr($tmp, strpos($tmp, $default->owl_root_url)+strlen($default->owl_root_url), strlen($tmp))");
                        $redirect = substr($tmp, strpos($tmp, $default->owl_root_url)+strlen($default->owl_root_url), strlen($tmp));
                        $default->log->debug("login.php: redirect=$redirect");                        
                    }                    

                    $url = generateControllerUrl($default->siteMap->getActionFromPage($redirect));
                // else redirect to the dashboard
                } else {                                            
                    $url = generateControllerUrl("dashboard");
                }
                break;
            // login disabled                    
            case 2:
                $url = $url . "&errorMessage=$lang_logindisabled";
                break;
            // too many sessions
            case 3 :
                $url = $url . "&errorMessage=$lang_toomanysessions";
                break;
            default :
                $url = $url . "&errorMessage=$lang_err_general";
        }
    } else {
        // didn't receive any login parameters, so redirect login form
        // TODO: set "no login parameters received error message?
        // internal error message- should never happen
    }
    if (strlen($queryString) > 0) {
        $url .= "&$queryString";
    }
    $default->log->debug("login.php: about to redirect to $url");
    redirect($url);
}
?>