, Jam Warehouse (Pty) Ltd, South Africa */ class LoginPageDispatcher extends KTDispatcher { function check() { // bounce out immediately. $session = new Session(); if ($session->verify() == 1) { // erk. neil - DOUBLE CHECK THIS PLEASE. exit(redirect(generateControllerLink('dashboard'))); } else { $session->destroy(); // toast it - its probably a hostile session. } return true; } function do_main() { global $default; $this->check(); // bounce here, potentially. $cookietest = KTUtil::randomString(); setcookie("CookieTestCookie", $cookietest, false); $errorMessage = KTUtil::arrayGet($_REQUEST, 'errorMessage'); $redirect = KTUtil::arrayGet($_REQUEST, 'redirect'); $oTemplating = new KTTemplating; $oTemplate = $oTemplating->loadTemplate("ktcore/login"); $aTemplateData = array( "context" => $this, 'cookietest' => $cookietest, 'errorMessage' => $errorMessage, 'redirect' => $redirect, 'systemVersion' => $default->systemVersion, ); return $oTemplate->render($aTemplateData); } function simpleRedirectToMain($errorMessage, $url, $params) { $params[] = 'errorMessage='. urlencode($errorMessage); $url .= '?' . join('&', $params); redirect($url); exit(0); } function do_login() { $this->check(); global $default; $redirect = KTUtil::arrayGet($_REQUEST, 'redirect'); $url = $_SERVER["PHP_SELF"]; $queryParams = array(); if ($redirect !== null) { $queryParams[] = 'redirect='. urlencode($redirect); } $cookieTest = KTUtil::arrayGet($_COOKIE, "CookieTestCookie", null); $cookieVerify = KTUtil::arrayGet($_REQUEST, 'cookieverify', null); if (($cookieVerify === null) || ($cookieTest !== $cookieVerify)) { $this->simpleRedirectToMain(_('You must have cookies enabled to use the document management system.'), $url, $params); exit(0); } $username = KTUtil::arrayGet($_REQUEST,'username'); $password = KTUtil::arrayGet($_REQUEST,'password'); if (empty($username)) { $this->simpleRedirectToMain(_('Please enter your username.'), $url, $params); } if (empty($password)) { $this->simpleRedirectToMain(_('Please enter your password.'), $url, $params); } $oUser =& User::getByUsername($username); if (PEAR::isError($oUser) || ($oUser === false)) { $this->simpleRedirectToMain(_('Login failed. Please check your username and password, and try again.'), $url, $params); exit(0); } $authenticated = KTAuthenticationUtil::checkPassword($oUser, $password); if (PEAR::isError($authenticated)) { $this->simpleRedirectToMain(_('Authentication failure. Please try again.'), $url, $params); exit(0); } if ($authenticated !== true) { $this->simpleRedirectToMain(_('Login failed. Please check your username and password, and try again.'), $url, $params); exit(0); } $session = new Session(); $sessionID = $session->create($oUser->getId()); // DEPRECATED initialise page-level authorisation array $_SESSION["pageAccess"] = NULL; // check for a location to forward to if ($redirect !== null) { $url = $redirect; // else redirect to the dashboard if there is none } else { $url = generateControllerUrl("dashboard"); } exit(redirect($url)); } } $dispatcher =& new LoginPageDispatcher(); $dispatcher->dispatch(); ?>