global $arrLangMenu;
global $arrLang;
$arrLang = array_merge($arrLang, $arrLangMenu);
}
$pdbACL = new paloDB($arrConf['elastix_dsn']['elastix']);
$pACL = new paloACL($pdbACL);
if (!empty($pACL->errMsg)) {
echo "ERROR DE DB: {$pACL->errMsg} <br>";
}
// Load smarty
$smarty = getSmarty($arrConf['mainTheme']);
//- 1) SUBMIT. Si se hizo submit en el formulario de ingreso
//- autentico al usuario y lo ingreso a la sesion
if (isset($_POST['submit_login']) and !empty($_POST['input_user'])) {
$pass_md5 = md5(trim($_POST['input_pass']));
if ($pACL->authenticateUser($_POST['input_user'], $pass_md5)) {
session_regenerate_id(TRUE);
$_SESSION['elastix_user'] = trim($_POST['input_user']);
$_SESSION['elastix_pass'] = $pass_md5;
//fue necesario incluir esto aqui porque cuando te logueas en la interfaz
//de usario final haces uso de esta variable
$_SESSION['elastix_pass2'] = $_POST['input_pass'];
header("Location: index.php");
writeLOG("audit.log", "LOGIN {$_POST['input_user']}: Web Interface login successful. Accepted password for {$_POST['input_user']} from {$_SERVER['REMOTE_ADDR']}.");
update_theme();
exit;
} else {
$user = urlencode(substr($_POST['input_user'], 0, 20));
if (!$pACL->getIdUser($_POST['input_user'])) {
// not exists user?
writeLOG("audit.log", "LOGIN {$user}: Authentication Failure to Web Interface login. Invalid user {$user} from {$_SERVER['REMOTE_ADDR']}.");
/**
* Function that verifies if the user in the variable $_SERVER['PHP_AUTH_USER'] is correctly authenticated
*
* @return boolean True if the authentication was successfully, or false if not
*/
public function authentication()
{
global $arrConf;
// Obligar a pedir un usuario y contraseña de ACL
if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER'] == '') {
$this->errorMSG["fc"] = 'UNAUTHORIZED';
$this->errorMSG["fm"] = 'Not authorized';
$this->errorMSG["fd"] = 'This method requires username/password authentication.';
$this->errorMSG["cn"] = get_class($this);
return false;
}
$pDB = new paloDB($arrConf['elastix_dsn']['acl']);
$pACL = new paloACL($pDB);
if (!empty($pACL->errMsg)) {
$this->errorMSG["fc"] = 'UNAUTHORIZED';
$this->errorMSG["fm"] = 'Authentication failed';
$this->errorMSG["fd"] = 'Unable to authenticate due to DB error: ' . $pACL->errMsg;
$this->errorMSG["cn"] = get_class($this);
return false;
}
if (!$pACL->authenticateUser($_SERVER['PHP_AUTH_USER'], md5($_SERVER['PHP_AUTH_PW']))) {
$this->errorMSG["fc"] = 'UNAUTHORIZED';
$this->errorMSG["fm"] = 'Authentication failed';
$this->errorMSG["fd"] = 'Invalid username or password';
$this->errorMSG["cn"] = get_class($this);
return false;
}
return true;
}
function setUserPassword()
{
include_once "libs/paloSantoACL.class.php";
$old_pass = getParameter("oldPassword");
$new_pass = getParameter("newPassword");
$new_repass = getParameter("newRePassword");
$arrResult = array();
$arrResult['status'] = FALSE;
if ($old_pass == "") {
$arrResult['msg'] = _tr("Please write your current password.");
return $arrResult;
}
if ($new_pass == "" || $new_repass == "") {
$arrResult['msg'] = _tr("Please write the new password and confirm the new password.");
return $arrResult;
}
if ($new_pass != $new_repass) {
$arrResult['msg'] = _tr("The new password doesn't match with retype new password.");
return $arrResult;
}
$user = isset($_SESSION['elastix_user']) ? $_SESSION['elastix_user'] : "";
global $arrConf;
$pdbACL = new paloDB("sqlite3:///{$arrConf['elastix_dbdir']}/acl.db");
$pACL = new paloACL($pdbACL);
$uid = $pACL->getIdUser($user);
if ($uid === FALSE) {
$arrResult['msg'] = _tr("Please your session id does not exist. Refresh the browser and try again.");
} else {
// verificando la clave vieja
$val = $pACL->authenticateUser($user, md5($old_pass));
if ($val === TRUE) {
$status = $pACL->changePassword($uid, md5($new_pass));
if ($status) {
$arrResult['status'] = TRUE;
$arrResult['msg'] = _tr("Elastix password has been changed.");
$_SESSION['elastix_pass'] = md5($new_pass);
} else {
$arrResult['msg'] = _tr("Impossible to change your Elastix password.");
}
} else {
$arrResult['msg'] = _tr("Impossible to change your Elastix password. User does not exist or password is wrong");
}
}
return $arrResult;
}
session_start();
load_language();
$pDB = new paloDB($arrConf['elastix_dsn']['acl']);
if (!empty($pDB->errMsg)) {
echo "ERROR DE DB: {$pDB->errMsg} <br>";
}
$pACL = new paloACL($pDB);
if (!empty($pACL->errMsg)) {
echo "ERROR DE DB: {$pACL->errMsg} <br>";
}
// Load smarty
$arrConf['mainTheme'] = load_theme($arrConf['basePath'] . "/");
$smarty = getSmarty($arrConf['mainTheme']);
$pDBMenu = new paloDB($arrConf['elastix_dsn']['elastix']);
// 2) Autentico usuario
if (isset($_SESSION['elastix_user']) && isset($_SESSION['elastix_pass']) && $pACL->authenticateUser($_SESSION['elastix_user'], $_SESSION['elastix_pass']) or $developerMode == true) {
$idUser = $pACL->getIdUser($_SESSION['elastix_user']);
// rawmode es un modo de operacion que pasa directamente a la pantalla la salida
// del modulo. Esto es util en ciertos casos.
$rawmode = getParameter("rawmode");
if (isset($rawmode) && $rawmode == 'yes') {
// Autorizacion si es usuario admin
echo _moduleContent($smarty, $module);
}
} else {
$smarty->assign("THEMENAME", $arrConf['mainTheme']);
$smarty->assign("currentyear", date("Y"));
$smarty->assign("PAGE_NAME", _tr('Login page'));
$smarty->assign("WELCOME", _tr('Welcome to Elastix'));
$smarty->assign("ENTER_USER_PASSWORD", _tr('Please enter your username and password'));
$smarty->assign("USERNAME", _tr('Username'));
function setUserPassword()
{
global $arrConf;
include_once "libs/paloSantoACL.class.php";
include_once "libs/paloSantoOrganization.class.php";
$old_pass = getParameter("oldPassword");
$new_pass = getParameter("newPassword");
$new_repass = getParameter("newRePassword");
$arrResult = array();
$arrResult['status'] = FALSE;
if ($old_pass == "") {
$arrResult['msg'] = _tr("Please write your current password.");
return $arrResult;
}
if ($new_pass == "" || $new_repass == "") {
$arrResult['msg'] = _tr("Please write the new password and confirm the new password.");
return $arrResult;
}
if ($new_pass != $new_repass) {
$arrResult['msg'] = _tr("The new password doesn't match with retype new password.");
return $arrResult;
}
//verificamos que la nueva contraseña sea fuerte
if (!isStrongPassword($new_pass)) {
$arrResult['msg'] = _tr("The new password can not be empty. It must have at least 10 characters and contain digits, uppers and little case letters");
return $arrResult;
}
$user = isset($_SESSION['elastix_user']) ? $_SESSION['elastix_user'] : "";
$pDB = new paloDB($arrConf['elastix_dsn']['elastix']);
$pACL = new paloACL($pDB);
$uid = $pACL->getIdUser($user);
if ($uid === FALSE) {
$arrResult['msg'] = _tr("Please your session id does not exist. Refresh the browser and try again.");
} else {
// verificando la clave vieja
$val = $pACL->authenticateUser($user, md5($old_pass));
if ($val === TRUE) {
$pORG = new paloSantoOrganization($pDB);
$status = $pORG->changeUserPassword($user, $new_pass);
if ($status) {
$arrResult['status'] = TRUE;
$arrResult['msg'] = _tr("Elastix password has been changed.");
$_SESSION['elastix_pass'] = md5($new_pass);
$_SESSION['elastix_pass2'] = $new_pass;
} else {
$arrResult['msg'] = _tr("Impossible to change your Elastix password.") . " " . $pORG->errMsg;
}
} else {
$arrResult['msg'] = _tr("Impossible to change your Elastix password. User does not exist or password is wrong");
}
}
return $arrResult;
}
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="ElastixWebService"');
$json->set_status("ERROR");
$json->set_error("This method requires authentication");
echo $json->createJSON();
exit;
}
$pACL = new paloACL($arrConf['elastix_dsn']['acl']);
if (!empty($pACL->errMsg)) {
header("HTTP/1.1 500 Internal Server Error");
$json->set_status("ERROR");
$json->set_error("Unable to authenticate due to DB error: " . $pACL->errMsg);
echo $json->createJSON();
exit;
}
if (!$pACL->authenticateUser($_SERVER['PHP_AUTH_USER'], md5($_SERVER['PHP_AUTH_PW']))) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="ElastixWebService"');
$json->set_status("ERROR");
$json->set_error("Invalid username or password");
echo $json->createJSON();
exit;
}
/*************End of authentication*******************************************/
//Verifico si se ha pasado una ruta hacia un recurso
if (!isset($_SERVER["PATH_INFO"])) {
header('HTTP/1.1 400 Bad Request');
$json->set_status("ERROR");
$json->set_error("You need to specify a menu id");
echo $json->createJSON();
exit;
if (isset($_SESSION['elastix_user']) && isset($_SESSION['elastix_pass'])) {
$auth_user = $_SESSION['elastix_user'];
$auth_md5pass = $_SESSION['elastix_pass'];
$_SERVER['PHP_AUTH_USER'] = $_SESSION['elastix_user'];
} elseif (isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_USER'] != '') {
$auth_user = $_SERVER['PHP_AUTH_USER'];
$auth_md5pass = md5($_SERVER['PHP_AUTH_PW']);
} else {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="ElastixWebService"');
$json->set_status("ERROR");
$json->set_error("This method requires authentication");
echo $json->createJSON();
exit;
}
if (!$pACL->authenticateUser($auth_user, $auth_md5pass)) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="ElastixWebService"');
$json->set_status("ERROR");
$json->set_error("Invalid username or password");
echo $json->createJSON();
exit;
}
/*************End of authentication*******************************************/
//Verifico si se ha pasado una ruta hacia un recurso
if (!isset($_SERVER["PATH_INFO"])) {
header('HTTP/1.1 400 Bad Request');
$json->set_status("ERROR");
$json->set_error("You need to specify a menu id");
echo $json->createJSON();
exit;
