, Jam Warehouse (Pty) Ltd, South Africa
*/
global $default;
$redirect = $_REQUEST['redirect'];
$errorMessage = $_REQUEST['errorMessage'];
if ($_REQUEST['loginAction'] == "loginForm") {
// TODO: build login form using PatternMainPage
$cookietest = KTUtil::randomString();
setcookie("CookieTestCookie", $cookietest, false);
print "
uiUrl/stylesheet.php\">
graphicsUrl/tree.ico\">
The KnowledgeTree
graphicsUrl/ktLogin.jpg\">
\n
";
} elseif ($_REQUEST['loginAction'] == "login") {
// set default url for login failure
// with redirect appended if set
$url = $url . "login.php?loginAction=loginForm" . (isset($redirect) ? "&redirect=" . urlencode($redirect) : "");
$cookieTest = KTUtil::arrayGet($_COOKIE, "CookieTestCookie", null);
if (is_null($cookieTest) || $cookieTest != KTUtil::arrayGet($_REQUEST, "cookietestinput")) {
$url .= "&errorMessage=" . urlencode(_("KnowledgeTree requires cookies to work"));
redirect($url);
exit(0);
}
// if requirements are met and we have a username and password to authenticate
if (isset($_REQUEST['fUserName']) && isset($_REQUEST['fPassword']) ) {
// verifies the login and password of the user
$dbAuth = new $default->authenticationClass;
$userDetails = $dbAuth->login($_REQUEST['fUserName'], $_REQUEST['fPassword']);
switch ($userDetails["status"]) {
// bad credentials
case 0:
$url = $url . "&errorMessage=" . urlencode(_("Login failure"));
break;
// successfully authenticated
case 1:
// start the session
$session = new Session();
$sessionID = $session->create($userDetails["userID"]);
// initialise page-level authorisation array
$_SESSION["pageAccess"] = NULL;
// check for a location to forward to
if (isset($redirect) && strlen(trim($redirect))>0) {
// remove any params from redirect before looking up from sitemap
if (strstr($redirect, "?")) {
$queryString = substr($redirect, strpos($redirect, "?")+1, strlen($redirect));
$redirect = substr($redirect, 0, strpos($redirect, "?"));
}
// need to strip rootUrl off $redirect
if (strlen($default->rootUrl) > 0) {
$redirect = substr($redirect, strpos($redirect, $default->rootUrl)+strlen($default->rootUrl), strlen($redirect));
}
$action = $default->siteMap->getActionFromPage($redirect);
if ($action) {
$url = generateControllerUrl($action);
} else {
// default to the dashboard
$url = generateControllerUrl("dashboard");
}
// else redirect to the dashboard if there is none
} else {
$url = generateControllerUrl("dashboard");
}
break;
// login disabled
case 2:
$url = $url . "&errorMessage=" . urlencode(_("Account has been DISABLED, contact the System Adminstrator"));
break;
// too many sessions
case 3 :
$url = $url . "&errorMessage=" . urlencode(_("Maximum sessions for user reached. Contact the System Administrator"));
break;
// not a unit user
case 4 :
$url = $url . "&errorMessage=" . urlencode(_("This user does not belong to a group and is therefore not allowed to log in."));
break;
default :
$url = $url . "&errorMessage=" . urlencode(_("Login failure"));
}
} else {
// didn't receive any login parameters, so redirect login form
$default->log->error("login.php no login parameters received");
}
if (strlen($queryString) > 0) {
$url .= "&$queryString";
}
redirect($url);
} else {
// redirect to root
$url = generateLink("", "");
redirect($url);
}
?>