function overload_lang($f)
{
$idx_lang_current = $GLOBALS['idx_lang'];
$GLOBALS['idx_lang'] .= '_temp';
include_config($f);
// Perhaps a bit excessive, but avoids PHP warnings.
if (isset($GLOBALS[$GLOBALS['idx_lang']]) && is_array($GLOBALS[$GLOBALS['idx_lang']])) {
foreach ($GLOBALS[$GLOBALS['idx_lang']] as $var => $val) {
$GLOBALS[$idx_lang_current][$var] = $val;
}
lcm_debug($f . ": " . count($GLOBALS[$GLOBALS['idx_lang']]) . " string(s)");
}
unset($GLOBALS[$GLOBALS['idx_lang']]);
$GLOBALS['idx_lang'] = $idx_lang_current;
}
function auth()
{
global $INSECURE, $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_COOKIE_VARS, $REMOTE_USER, $PHP_AUTH_USER, $PHP_AUTH_PW;
global $auth_can_disconnect;
global $connect_id_auteur, $connect_nom, $connect_bio, $connect_email;
global $connect_nom_site, $connect_url_site, $connect_login, $connect_pass;
global $connect_activer_imessage, $connect_activer_messagerie;
global $connect_status;
global $author_session, $prefs;
global $clean_link;
// This reloads $GLOBALS['db_ok'], just in case
include_config('inc_connect');
// If there is not SQL connection, quit.
if (!$GLOBALS['db_ok']) {
include_lcm('inc_presentation');
lcm_html_start("Technical problem", "install");
// annoy sql_errno()
echo "\n<!-- \n";
echo "\t* Flag connect: " . $GLOBALS['flag_connect'] . "\n\t";
lcm_query("SELECT count(*) from lcm_meta");
echo "\n-->\n\n";
echo "<div align='left' style='width: 600px;' class='box_error'>\n";
echo "\t<h3>" . _T('title_technical_problem') . "</h3>\n";
echo "\t<p>" . _T('info_technical_problem_database') . "</p>\n";
if (lcm_sql_errno()) {
echo "\t<p><tt>" . lcm_sql_errno() . " " . lcm_sql_error() . "</tt></p>\n";
} else {
echo "\t<p><tt>No error diagnostic was provided.</tt></p>\n";
}
echo "</div>\n";
lcm_html_end();
return false;
}
// Initialise variables (avoid URL hacks)
$auth_login = "";
$auth_pass = "";
$auth_pass_ok = false;
$auth_can_disconnect = false;
// Fetch identification data from authentication session
if (isset($_COOKIE['lcm_session'])) {
if (verifier_session($_COOKIE['lcm_session'])) {
if ($author_session['status'] == 'admin' or $author_session['status'] == 'normal') {
$auth_login = $author_session['username'];
$auth_pass_ok = true;
$auth_can_disconnect = true;
}
}
} else {
if ($_REQUEST['privet'] == 'yes') {
// Failed login attempt: cookie failed
$link = new Link("lcm_cookie.php?cookie_test_failed=yes");
$clean_link->delVar('privet');
$url = str_replace('/./', '/', $clean_link->getUrl());
$link->addVar('var_url', $url);
@header("Location: " . $link->getUrl());
exit;
}
}
// If not authenticated, ask for login / password
if (!$auth_login) {
$url = $clean_link->getUrl();
@header("Location: lcm_login.php?var_url=" . urlencode($url));
exit;
}
//
// Search for the login in the authors' table
//
$auth_login = addslashes($auth_login);
$query = "SELECT * FROM lcm_author WHERE username='******' AND status !='external' AND status !='6forum'";
$result = @lcm_query($query);
if ($row = lcm_fetch_array($result)) {
$connect_id_auteur = $row['id_author'];
$connect_nom = $row['name_first'];
$connect_login = $row['username'];
$connect_pass = $row['password'];
$connect_status = $row['status'];
$connect_activer_messagerie = "non";
//$row["messagerie"];
$connect_activer_imessage = "non ";
//$row["imessage"];
// Set the users' preferences
$prefs = unserialize(get_magic_quotes_runtime() ? stripslashes($row['prefs']) : $row['prefs']);
//
// Default values for some possibly unset preferences
//
if (!isset($prefs['page_rows']) || intval($prefs['page_rows']) < 1) {
$prefs['page_rows'] = 15;
}
if (!isset($prefs['theme']) || !$prefs['theme']) {
$prefs['theme'] = 'green';
}
if (!isset($prefs['screen']) || !$prefs['screen']) {
$prefs['screen'] = 'wide';
}
if (!isset($prefs['font_size']) || !$prefs['font_size']) {
$prefs['font_size'] = 'medium_font';
}
if (!isset($prefs['case_owner']) || !$prefs['case_owner']) {
$prefs['case_owner'] = 'my';
}
if (!isset($prefs['case_period']) || !$prefs['case_period']) {
$prefs['case_period'] = '91';
}
if (!isset($prefs['mode']) || !$prefs['mode']) {
$prefs['mode'] = 'simple';
}
if (!isset($prefs['time_intervals']) || !$prefs['time_intervals']) {
$prefs['time_intervals'] = 'relative';
$prefs['time_intervals_notation'] = 'hours_only';
}
} else {
// This case is a strange possibility: the author is authentified
// OK, but he does not exist in the authors table. Possible cause:
// the database was restaured and the author does not exist (and
// the user was authentified by another source, such as LDAP).
// Note: we use to show a strange error message which would advice
// to logout, but since it occurs only after db upgrade, just logout
// brutally (with cookie_admin=no to forget the username).
lcm_header('Location: lcm_cookie.php?cookie_admin=no&logout=' . $auth_login);
exit;
}
if (!$auth_pass_ok) {
@header("Location: lcm_login.php?var_erreur=pass");
exit;
}
// [ML] Again, not sure how this is used, but we can ignore it for now
// TODO (note: nouveau == new)
if ($connect_status == 'nouveau') {
$query = "UPDATE lcm_author SET status = 'normal' WHERE id_author = {$connect_id_auteur}";
$result = lcm_query($query);
$connect_status = 'normal';
}
// PHP sessions are started here, and stopped at logout
session_start();
return true;
}
function install_step_4()
{
global $lcm_lang_left, $lcm_lang_right;
install_html_start('AUTO', '', 4);
echo "<h3><small>" . _T('install_step_four') . "</small> " . _T('install_title_admin_account') . "</h3>\n";
include_config('inc_connect_install');
echo '<p class="simple_text" align="center">' . _T('install_info_new_account_1') . '<br />' . _T('warning_field_mandatory_all') . ' ' . lcm_help('install_personal') . "</p>\n";
if (isset($_SESSION['errors'])) {
echo show_all_errors($_SESSION['errors']);
}
echo "<form action='install.php' method='post'>\n";
echo "<input type='hidden' name='step' value='5' />\n";
// Your contact information
echo "<fieldset class=\"fs_box\">\n";
echo "<p><b>" . _T('info_your_contact_information') . "</b></p>\n";
// [ML] Altough not most problematic, could be better. But if someone
// fixes here, please fix lcm_pass.php also (function print_registration_form())
$name_first = _session('name_first');
echo "<table border='0' cellpadding='0' cellspacing='5' width='80%'><tr>\n";
echo "<td>\n\t\t\t<strong><label for='name_first'>" . f_err_star('name_first') . _T('person_input_name_first') . "</label></strong><br />\n\t\t\t<input type='text' style='width: 100%;' id='name_first' name='name_first' value='{$name_first}' size='15' class='txt_lmnt' />\n\t\t</td>\n";
$name_last = _session('name_last');
echo "<td>\n\t\t\t<strong><label for='name_last'>" . f_err_star('name_last') . _T('person_input_name_last') . "</label></strong><br />\n\t\t\t<input style='width: 100%;' type='text' id='name_last' name='name_last' value='{$name_last}' size='15' class='txt_lmnt' />\n\t\t</td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td colspan='2'>";
$email = _session('email');
echo "<b><label for='email'>" . f_err_star('email') . _T('input_email') . "</label></b><br />\n";
echo "<input style='width: 100%;' type='text' id='email' name='email' value=\"{$email}\" size='40' class='txt_lmnt' />\n";
echo "</td>\n";
echo "</tr>\n";
echo "</table>\n\n";
// Identifiers
echo "<p><b>" . _T('input_connection_identifiers') . "</b></p>\n";
$username = _session('username');
$password = _session('password');
$password_confirm = _session('password_confirm');
echo "<table border='0' cellpadding='0' cellspacing='5' width='80%'>\n";
echo "<tr>\n";
echo "<td>";
echo "<b><label for='username'>" . f_err_star('username') . _T('authoredit_input_username') . "</label></b> \n";
echo "<small>" . _T('info_more_than_three') . "</small><br />\n";
echo "<input style='width: 100%;' type='text' id='username' name='username' value='{$username}' size='40' class='txt_lmnt' />\n";
echo "</td>\n";
echo "</tr><tr>\n";
echo "<td>";
echo "<b><label for='password'>" . f_err_star('password') . _T('authorconf_input_password') . "</label></b> \n";
echo "<small>" . _T('info_more_than_five') . "</small><br />\n";
echo "<input style='width: 100%;' type='password' id='password' name='password' value='{$password}' size='40' class='txt_lmnt' />\n";
echo "</td>\n";
echo "</tr><tr>\n";
echo "<td>";
echo "<b><label for='password_confirm'>" . f_err_star('password') . _T('authorconf_input_password_confirm') . "</label></b> \n";
echo "<input style='width: 100%;' type='password' id='password_confirm' name='password_confirm' value='{$password_confirm}' size='40' class='txt_lmnt' />\n";
echo "</td>\n";
echo "</tr>\n";
echo "</table>\n";
// Offer to subscribe to the news/announcements mailing-list
if (server_can_send_email()) {
echo "<p align=\"{$lcm_lang_left}\">" . f_err_star('getnews') . get_yes_no('getnews', _session('getnews')) . '<label for="getnews">' . _T('install_info_subscribe_to_news_list') . '</label>' . "</p>\n";
}
echo "</fieldset>\n\n";
echo "<br /><div align=\"{$lcm_lang_right}\">" . "<button type='submit' name='validate'>" . _T('button_next') . " >></button> " . "</div>\n";
echo "</form>";
install_html_end();
$_SESSION['errors'] = array();
$_SESSION['form_data'] = array();
}
function lcm_query($query, $accept_fail = false)
{
include_lcm('inc_db');
// We silently fail if there is no database, this avoids
// many warnings while installation, for example.
if ($GLOBALS['flag_connect']) {
include_config('inc_connect');
if (!$GLOBALS['db_ok']) {
return;
}
}
$GLOBALS['db_query_count']++;
return lcm_query_db($query, $accept_fail);
}
if (_request('essai_login') == 'oui') {
// Get the username stored in a hidden field
$session_login_hidden = $_REQUEST['session_login_hidden'];
$session_login = $_REQUEST['session_login'];
$session_password = $_REQUEST['session_password'];
if ($session_login_hidden and !$session_login) {
$session_login = $session_login_hidden;
}
$login = $session_login;
// [ML] where from? -- html form
$pass = $session_password;
// [ML] not used?? -- html form
// Try different authentication methods, starting with "db" (database)
$auths = array('db');
// Test if LDAP is available
include_config('inc_connect');
if ($ldap_present) {
$auths[] = 'ldap';
}
// Add other methods here (with associated inc/inc_auth_NAME.php)
// ...
$ok = false;
reset($auths);
foreach ($auths as $nom_auth) {
include_lcm('inc_auth_' . $nom_auth);
$classe_auth = 'Auth_' . $nom_auth;
$auth = new $classe_auth();
if ($auth->init()) {
$session_password_md5 = $_REQUEST['session_password_md5'];
// Try with the md5 password (made by Javascript in the form)
// [ML] TODO: session_password_md5 + next_session_password_md5
function include_config()
{
if (file_exists("jh_conf.php") == true) {
include "jh_conf.php";
include "db.php";
} else {
if ($_GET["chmod"] != "setup") {
header("location:?chmod=setup");
}
}
}
function do_setup()
{
include "setupx.php";
}
include_config();
function color()
{
$color = $_GET["c"];
if ($color != NULL) {
return "#" . $color;
} else {
return "#FF0000;";
}
}
?>
<html>
<head>
<title>PHP-Test!</title>
<link rel="stylesheet" href="t1.css" type="text/css"/>
<?php