/** * Function to be called when a user is attempting to access a page that * he/she is not authorised to. This outputs an access denied message then * re-directs to the mainpage. * * @return void */ function access_denied() { if (!auth_is_user_authenticated()) { if (basename($_SERVER['SCRIPT_NAME']) != 'login_page.php') { $t_return_page = $_SERVER['SCRIPT_NAME']; if (isset($_SERVER['QUERY_STRING'])) { $t_return_page .= '?' . $_SERVER['QUERY_STRING']; } $t_return_page = string_url(string_sanitize_url($t_return_page)); print_header_redirect('login_page.php?return=' . $t_return_page); } } else { if (current_user_is_anonymous()) { if (basename($_SERVER['SCRIPT_NAME']) != 'login_page.php') { $t_return_page = $_SERVER['SCRIPT_NAME']; if (isset($_SERVER['QUERY_STRING'])) { $t_return_page .= '?' . $_SERVER['QUERY_STRING']; } $t_return_page = string_url(string_sanitize_url($t_return_page)); echo '<p class="center">' . error_string(ERROR_ACCESS_DENIED) . '</p><p class="center">'; print_bracket_link(helper_mantis_url('login_page.php') . '?return=' . $t_return_page, lang_get('click_to_login')); echo '</p><p class="center">'; print_bracket_link(helper_mantis_url(config_get('default_home_page')), lang_get('proceed')); echo '</p>'; } } else { echo '<p class="center">' . error_string(ERROR_ACCESS_DENIED) . '</p>'; echo '<p class="center">'; print_bracket_link(helper_mantis_url(config_get('default_home_page')), lang_get('proceed')); echo '</p>'; } } exit; }
function access_denied() { if (!auth_is_user_authenticated()) { if (basename($_SERVER['SCRIPT_NAME']) != 'login_page.php') { $t_return_page = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $t_return_page .= '?' . $_SERVER['QUERY_STRING']; } $t_return_page = string_url(string_sanitize_url($t_return_page)); print_header_redirect('login_page.php?return=' . $t_return_page); } } else { if (auth_get_current_user_id() == user_get_id_by_name(config_get_global('anonymous_account'))) { if (basename($_SERVER['SCRIPT_NAME']) != 'login_page.php') { $t_return_page = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $t_return_page .= '?' . $_SERVER['QUERY_STRING']; } $t_return_page = string_url(string_sanitize_url($t_return_page)); echo '<center>'; echo '<p>' . error_string(ERROR_ACCESS_DENIED) . '</p>'; print_bracket_link('login_page.php?return=' . $t_return_page, lang_get('click_to_login')); echo '<p></p>'; print_bracket_link('main_page.php', lang_get('proceed')); echo '</center>'; } } else { echo '<center>'; echo '<p>' . error_string(ERROR_ACCESS_DENIED) . '</p>'; print_bracket_link('main_page.php', lang_get('proceed')); echo '</center>'; } } exit; }
/** * Check that there is a user logged-in and authenticated * If the user's account is disabled they will be logged out * If there is no user logged in, redirect to the login page * If parameter is given it is used as a URL to redirect to following * successful login. If none is given, the URL of the current page is used * @param string $p_return_page Page to redirect to following successful logon, defaults to current page * @access public */ function auth_ensure_user_authenticated($p_return_page = '') { # if logged in if (auth_is_user_authenticated()) { # check for access enabled # This also makes sure the cookie is valid if (OFF == current_user_get_field('enabled')) { print_header_redirect('logout_page.php'); } } else { # not logged in if (is_blank($p_return_page)) { if (!isset($_SERVER['REQUEST_URI'])) { $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING']; } $p_return_page = $_SERVER['REQUEST_URI']; } $p_return_page = string_url($p_return_page); print_header_redirect('login_page.php?return=' . $p_return_page); } }
function access_denied() { if (!php_version_at_least('4.1.0')) { global $_SERVER; } if (!auth_is_user_authenticated()) { if (basename($_SERVER['SCRIPT_NAME']) != 'login_page.php') { if (!isset($_SERVER['REQUEST_URI'])) { if (!isset($_SERVER['QUERY_STRING'])) { $_SERVER['QUERY_STRING'] = ''; } $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING']; } $t_return_page = string_url($_SERVER['REQUEST_URI']); print_header_redirect('login_page.php?return=' . $t_return_page); } } else { echo '<center>'; echo '<p>' . error_string(ERROR_ACCESS_DENIED) . '</p>'; print_bracket_link('main_page.php', lang_get('proceed')); echo '</center>'; } exit; }
<fieldset> <legend><span><?php echo lang_get('login_title'); ?> </span></legend> <?php if (!is_blank($f_return)) { echo '<input type="hidden" name="return" value="', string_html_specialchars($f_return), '" />'; } if ($t_upgrade_required) { echo '<input type="hidden" name="install" value="true" />'; } # CSRF protection not required here - form does not result in modifications echo '<ul id="login-links">'; if (ON == config_get('allow_anonymous_login')) { echo '<li><a href="login_anon.php?return=' . string_url($f_return) . '">' . lang_get('login_anonymously') . '</a></li>'; } if (ON == config_get_global('allow_signup') && LDAP != config_get_global('login_method') && ON == config_get('enable_email_notification')) { echo '<li><a href="signup_page.php">', lang_get('signup_link'), '</a></li>'; } # lost password feature disabled or reset password via email disabled -> stop here! if (LDAP != config_get_global('login_method') && ON == config_get('lost_password_feature') && ON == config_get('send_reset_password') && ON == config_get('enable_email_notification')) { echo '<li><a href="lost_pwd_page.php">', lang_get('lost_password_link'), '</a></li>'; } ?> </ul> <div class="field-container"> <label for="username"><span><?php echo lang_get('username'); ?> </span></label>
/** * return the mailto: href string link instead of printing it * add subject line * * @param string $p_email Email Address. * @param string $p_text Link text to display to user. * @param string $p_subject Email subject line. * @return string */ function get_email_link_with_subject($p_email, $p_text, $p_subject) { # If we apply string_url() to the whole mailto: link then the @ # gets turned into a %40 and you can't right click in browsers to # do Copy Email Address. If we don't apply string_url() to the # subject text then an ampersand (for example) will truncate the text $t_subject = string_url($p_subject); $t_email = string_url($p_email); $t_mailto = string_attribute('mailto:' . $t_email . '?subject=' . $t_subject); $t_text = string_display($p_text); return '<a class="user" href="' . $t_mailto . '">' . $t_text . '</a>'; }
function html_login_info() { $t_username = current_user_get_field('username'); $t_access_level = get_enum_element('access_levels', current_user_get_access_level()); $t_now = date(config_get('complete_date_format')); $t_realname = current_user_get_field('realname'); print '<table class="hide">'; print '<tr>'; print '<td class="login-info-left">'; if (current_user_is_anonymous()) { $t_return_page = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $t_return_page .= '?' . $_SERVER['QUERY_STRING']; } $t_return_page = string_url($t_return_page); print lang_get('anonymous') . ' | <a href="login_page.php?return=' . $t_return_page . '">' . lang_get('login_link') . '</a>'; if (config_get('allow_signup') == ON) { print ' | <a href="signup_page.php">' . lang_get('signup_link') . '</a>'; } } else { echo lang_get('logged_in_as'), ": <span class=\"italic\">", string_display($t_username), "</span> <span class=\"small\">"; echo is_blank($t_realname) ? "({$t_access_level})" : "(" . string_display($t_realname) . " - {$t_access_level})"; echo "</span>"; } print '</td>'; print '<td class="login-info-middle">'; print "<span class=\"italic\">{$t_now}</span>"; print '</td>'; print '<td class="login-info-right">'; print '<form method="post" name="form_set_project" action="set_project.php">'; echo lang_get('email_project'), ': '; if (ON == config_get('show_extended_project_browser')) { print_extended_project_browser(helper_get_current_project_trace()); } else { if (ON == config_get('use_javascript')) { print '<select name="project_id" class="small" onchange="document.forms.form_set_project.submit();">'; } else { print '<select name="project_id" class="small">'; } print_project_option_list(join(';', helper_get_current_project_trace()), true, null, true); print '</select> '; } print '<input type="submit" class="button-small" value="' . lang_get('switch') . '" />'; if (OFF != config_get('rss_enabled')) { # Link to RSS issues feed for the selected project, including authentication details. print '<a href="' . rss_get_issues_feed_url() . '">'; print '<img src="images/rss.gif" alt="' . lang_get('rss') . '" style="border-style: none; margin: 5px; vertical-align: middle;" />'; print '</a>'; } print '</form>'; print '</td>'; print '</tr>'; print '</table>'; }
# # You should have received a copy of the GNU General Public License # along with MantisBT. If not, see <http://www.gnu.org/licenses/>. /** * login_anon.php logs a user in anonymously without having to enter a username * or password. * * Depends on two global configuration variables: * allow_anonymous_login - bool which must be true to allow anonymous login. * anonymous_account - name of account to login with. * * TODO: * Check how manage account is impacted. * Might be extended to allow redirects for bug links etc. * @package MantisBT * @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org * @copyright Copyright (C) 2002 - 2014 MantisBT Team - mantisbt-dev@lists.sourceforge.net * @link http://www.mantisbt.org */ /** * MantisBT Core API's */ require_once 'core.php'; $f_return = gpc_get_string('return', ''); $t_anonymous_account = config_get('anonymous_account'); if ($f_return !== '') { $t_return = string_url(string_sanitize_url($f_return)); print_header_redirect("login.php?username={$t_anonymous_account}&perm_login=false&return={$t_return}"); } else { print_header_redirect("login.php?username={$t_anonymous_account}&perm_login=false"); }
* @uses session_api.php * @uses string_api.php */ require_once 'core.php'; require_api('authentication_api.php'); require_api('config_api.php'); require_api('constant_inc.php'); require_api('gpc_api.php'); require_api('print_api.php'); require_api('session_api.php'); require_api('string_api.php'); $t_allow_perm_login = ON == config_get('allow_permanent_cookie'); $f_username = gpc_get_string('username', ''); $f_password = gpc_get_string('password', ''); $f_perm_login = $t_allow_perm_login && gpc_get_bool('perm_login'); $t_return = string_url(string_sanitize_url(gpc_get_string('return', config_get('default_home_page')))); $f_from = gpc_get_string('from', ''); $f_secure_session = gpc_get_bool('secure_session', false); $f_install = gpc_get_bool('install'); # If upgrade required, always redirect to install page. if ($f_install) { $t_return = 'admin/install.php'; } $f_username = auth_prepare_username($f_username); $f_password = auth_prepare_password($f_password); gpc_set_cookie(config_get_global('cookie_prefix') . '_secure_session', $f_secure_session ? '1' : '0'); if (auth_attempt_login($f_username, $f_password, $f_perm_login)) { session_set('secure_session', $f_secure_session); if ($f_username == 'administrator' && $f_password == 'root' && (is_blank($t_return) || $t_return == 'index.php')) { $t_return = 'account_page.php'; }
/** * return the complete URL link to the verify page including the confirmation hash * @param integer $p_user_id A valid user identifier. * @param string $p_confirm_hash The confirmation hash value to include in the link. * @return string */ function string_get_confirm_hash_url($p_user_id, $p_confirm_hash) { $t_path = config_get('path'); return $t_path . 'verify.php?id=' . string_url($p_user_id) . '&confirm_hash=' . string_url($p_confirm_hash); }
/** * (11) Print the user's account information * Also print the select box where users can switch projects * @return null */ function html_login_info() { $t_username = current_user_get_field('username'); $t_access_level = get_enum_element('access_levels', current_user_get_access_level()); $t_now = date(config_get('complete_date_format')); $t_realname = current_user_get_field('realname'); echo '<table class="hide">'; echo '<tr>'; echo '<td class="login-info-left">'; if (current_user_is_anonymous()) { $t_return_page = $_SERVER['SCRIPT_NAME']; if (isset($_SERVER['QUERY_STRING'])) { $t_return_page .= '?' . $_SERVER['QUERY_STRING']; } $t_return_page = string_url($t_return_page); echo lang_get('anonymous') . ' | <a href="' . helper_mantis_url('login_page.php?return=' . $t_return_page) . '">' . lang_get('login_link') . '</a>'; if (config_get_global('allow_signup') == ON) { echo ' | <a href="' . helper_mantis_url('signup_page.php') . '">' . lang_get('signup_link') . '</a>'; } } else { echo lang_get('logged_in_as'), ": <span class=\"italic\">", string_html_specialchars($t_username), "</span> <span class=\"small\">"; echo is_blank($t_realname) ? "({$t_access_level})" : "(" . string_html_specialchars($t_realname) . " - {$t_access_level})"; echo "</span>"; } echo '</td>'; echo '<td class="login-info-middle">'; echo "<span class=\"italic\">{$t_now}</span>"; echo '</td>'; echo '<td class="login-info-right">'; # Project Selector hidden if only one project visisble to user $t_show_project_selector = true; $t_project_ids = current_user_get_accessible_projects(); if (count($t_project_ids) == 1) { $t_project_id = (int) $t_project_ids[0]; if (count(current_user_get_accessible_subprojects($t_project_id)) == 0) { $t_show_project_selector = false; } } if ($t_show_project_selector) { echo '<form method="post" name="form_set_project" action="' . helper_mantis_url('set_project.php') . '">'; # CSRF protection not required here - form does not result in modifications echo lang_get('email_project'), ': '; if (ON == config_get('show_extended_project_browser')) { print_extended_project_browser(helper_get_current_project_trace()); } else { if (ON == config_get('use_javascript')) { echo '<select name="project_id" class="small" onchange="document.forms.form_set_project.submit();">'; } else { echo '<select name="project_id" class="small">'; } print_project_option_list(join(';', helper_get_current_project_trace()), true, null, true); echo '</select> '; } echo '<input type="submit" class="button-small" value="' . lang_get('switch') . '" />'; echo '</form>'; } else { # User has only one project, set it as both current and default if (ALL_PROJECTS == helper_get_current_project()) { helper_set_current_project($t_project_id); if (!current_user_is_protected()) { current_user_set_default_project($t_project_id); } # Force reload of current page, except if we got here after # creating the first project $t_redirect_url = str_replace(config_get('short_path'), '', $_SERVER['REQUEST_URI']); if ('manage_proj_create.php' != $t_redirect_url) { html_meta_redirect($t_redirect_url, 0, false); } } } if (OFF != config_get('rss_enabled')) { # Link to RSS issues feed for the selected project, including authentication details. echo '<a href="' . htmlspecialchars(rss_get_issues_feed_url()) . '">'; echo '<img src="' . helper_mantis_url('images/rss.png') . '" alt="' . lang_get('rss') . '" style="border-style: none; margin: 5px; vertical-align: middle;" />'; echo '</a>'; } echo '</td>'; echo '</tr>'; echo '</table>'; }
/** * (10) Print the user's account information * Also print the select box where users can switch projects * @return void */ function html_login_info() { $t_username = current_user_get_field('username'); $t_access_level = get_enum_element('access_levels', current_user_get_access_level()); $t_now = date(config_get('complete_date_format')); $t_realname = current_user_get_field('realname'); # Login information echo '<div id="login-info">' . "\n"; if (current_user_is_anonymous()) { $t_return_page = $_SERVER['SCRIPT_NAME']; if (isset($_SERVER['QUERY_STRING'])) { $t_return_page .= '?' . $_SERVER['QUERY_STRING']; } $t_return_page = string_url($t_return_page); echo "\t" . '<span id="logged-anon-label">' . lang_get('anonymous') . '</span>' . "\n"; echo "\t" . '<span id="login-link"><a href="' . helper_mantis_url('login_page.php?return=' . $t_return_page) . '">' . lang_get('login_link') . '</a></span>' . "\n"; if (config_get_global('allow_signup') == ON) { echo "\t" . '<span id="signup-link"><a href="' . helper_mantis_url('signup_page.php') . '">' . lang_get('signup_link') . '</a></span>' . "\n"; } } else { echo "\t" . '<span id="logged-in-label">' . lang_get('logged_in_as') . '</span>' . "\n"; echo "\t" . '<span id="logged-in-user">' . string_html_specialchars($t_username) . '</span>' . "\n"; echo "\t" . '<span id="logged-in">'; echo !is_blank($t_realname) ? "\t" . '<span id="logged-in-realname">' . string_html_specialchars($t_realname) . '</span>' . "\n" : ''; echo "\t" . '<span id="logged-in-accesslevel" class="' . $t_access_level . '">' . $t_access_level . '</span>' . "\n"; echo "\t" . '</span>' . "\n"; } echo '</div>' . "\n"; # RSS feed if (OFF != config_get('rss_enabled')) { echo '<div id="rss-feed">' . "\n"; # Link to RSS issues feed for the selected project, including authentication details. echo "\t" . '<a href="' . htmlspecialchars(rss_get_issues_feed_url()) . '">' . "\n"; echo "\t" . '<img src="' . helper_mantis_url('images/rss.png') . '" alt="' . lang_get('rss') . '" title="' . lang_get('rss') . '" />' . "\n"; echo "\t" . '</a>' . "\n"; echo '</div>' . "\n"; } # Project Selector (hidden if only one project visisble to user) $t_show_project_selector = true; $t_project_ids = current_user_get_accessible_projects(); if (count($t_project_ids) == 1) { $t_project_id = (int) $t_project_ids[0]; if (count(current_user_get_accessible_subprojects($t_project_id)) == 0) { $t_show_project_selector = false; } } if ($t_show_project_selector) { echo '<div id="project-selector-div">'; echo '<form method="post" id="form-set-project" action="' . helper_mantis_url('set_project.php') . '">'; echo '<fieldset id="project-selector">'; # CSRF protection not required here - form does not result in modifications echo '<label for="form-set-project-id">' . lang_get('email_project') . '</label>'; echo '<select id="form-set-project-id" name="project_id">'; print_project_option_list(join(';', helper_get_current_project_trace()), true, null, true); echo '</select> '; echo '<input type="submit" class="button" value="' . lang_get('switch') . '" />'; echo '</fieldset>'; echo '</form>'; echo '</div>'; } else { # User has only one project, set it as both current and default if (ALL_PROJECTS == helper_get_current_project()) { helper_set_current_project($t_project_id); if (!current_user_is_protected()) { current_user_set_default_project($t_project_id); } # Force reload of current page, except if we got here after # creating the first project $t_redirect_url = str_replace(config_get('short_path'), '', $_SERVER['REQUEST_URI']); if ('manage_proj_create.php' != $t_redirect_url) { html_meta_redirect($t_redirect_url, 0, false); } } } # Current time echo '<div id="current-time">' . $t_now . '</div>'; }
<?php if (!is_blank($f_return)) { ?> <input type="hidden" name="return" value="<?php echo string_html_specialchars($f_return); ?> " /> <?php } echo lang_get('login_title'); ?> </td> <td class="right"> <?php if (ON == config_get('allow_anonymous_login')) { print_bracket_link('login_anon.php?return=' . string_url($f_return), lang_get('login_anonymously')); } ?> </td> </tr> <tr class="row-1"> <td class="category"> <?php echo lang_get('username'); ?> </td> <td> <input type="text" name="username" size="32" maxlength="<?php echo DB_FIELD_SIZE_USERNAME; ?> " value="<?php
require_once 'core.php'; require_api('authentication_api.php'); require_api('constant_inc.php'); require_api('current_user_api.php'); require_api('gpc_api.php'); require_api('html_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('string_api.php'); auth_ensure_user_authenticated(); $f_ref = string_sanitize_url(gpc_get_string('ref', '')); if (count(current_user_get_accessible_projects()) == 1) { $t_project_ids = current_user_get_accessible_projects(); $t_project_id = (int) $t_project_ids[0]; if (count(current_user_get_accessible_subprojects($t_project_id)) == 0) { $t_ref_urlencoded = string_url($f_ref); print_header_redirect("set_project.php?project_id={$t_project_id}&ref={$t_ref_urlencoded}", true); /* print_header_redirect terminates script execution */ } } html_page_top(lang_get('select_project_button')); ?> <!-- Project Select Form BEGIN --> <div id="select-project-div" class="form-container"> <form id="select-project-form" method="post" action="set_project.php"> <?php # CSRF protection not required here - form does not result in modifications ?> <fieldset> <legend><span><?php
/** * (11) Print the user's account information * Also print the select box where users can switch projects * @return null */ function html_login_info() { $t_username = current_user_get_field('username'); $t_access_level = get_enum_element('access_levels', current_user_get_access_level()); $t_now = date(config_get('complete_date_format')); $t_realname = current_user_get_field('realname'); echo '<div id="login-info">'; if (current_user_is_anonymous()) { $t_return_page = $_SERVER['SCRIPT_NAME']; if (isset($_SERVER['QUERY_STRING'])) { $t_return_page .= '?' . $_SERVER['QUERY_STRING']; } $t_return_page = string_url($t_return_page); echo '<span id="logged-anon-label">' . lang_get('anonymous') . '</span>'; echo '<span id="login-link"><a href="' . helper_mantis_url('login_page.php?return=' . $t_return_page) . '">' . lang_get('login_link') . '</a></span>'; if (config_get_global('allow_signup') == ON) { echo '<span id="signup-link"><a href="' . helper_mantis_url('signup_page.php') . '">' . lang_get('signup_link') . '</a></span>'; } } else { echo '<span id="logged-in-label">' . lang_get('logged_in_as') . '</span>'; echo '<span id="logged-in-user">' . string_html_specialchars($t_username) . '</span>'; echo '<span id="logged-in">'; echo !is_blank($t_realname) ? '<span id="logged-in-realname">' . string_html_specialchars($t_realname) . '</span>' : ''; echo '<span id="logged-in-accesslevel" class="' . $t_access_level . '">' . $t_access_level . '</span>'; echo '</span>'; } echo '</div>'; $t_show_project_selector = true; if (count(current_user_get_accessible_projects()) == 1) { // >1 $t_project_ids = current_user_get_accessible_projects(); $t_project_id = (int) $t_project_ids[0]; if (count(current_user_get_accessible_subprojects($t_project_id)) == 0) { $t_show_project_selector = false; } } if (OFF != config_get('rss_enabled')) { echo '<div id="rss-feed">'; # Link to RSS issues feed for the selected project, including authentication details. echo '<a href="' . htmlspecialchars(rss_get_issues_feed_url()) . '">'; echo '<img src="' . helper_mantis_url('images/rss.png') . '" alt="' . lang_get('rss') . '" title="' . lang_get('rss') . '" />'; echo '</a>'; echo '</div>'; } if ($t_show_project_selector) { echo '<form method="post" id="form-set-project" action="' . helper_mantis_url('set_project.php') . '">'; echo '<fieldset id="project-selector">'; # CSRF protection not required here - form does not result in modifications echo '<label for="form-set-project-id">' . lang_get('email_project') . '</label>'; echo '<select id="form-set-project-id" name="project_id">'; print_project_option_list(join(';', helper_get_current_project_trace()), true, null, true); echo '</select> '; echo '<input type="submit" class="button" value="' . lang_get('switch') . '" />'; echo '</fieldset>'; echo '</form>'; echo '<div id="current-time">' . $t_now . '</div>'; } else { echo '<div id="current-time-centered">' . $t_now . '</div>'; } }
function get_email_link_with_subject($p_email, $p_text, $p_summary) { if (!access_has_project_level(config_get('show_user_email_threshold'))) { return $p_text; } # If we apply string_url() to the whole mailto: link then the @ # gets turned into a %40 and you can't right click in browsers to # do Copy Email Address. If we don't apply string_url() to the # summary text then an ampersand (for example) will truncate the text $t_summary = string_url($p_summary); $t_email = string_url($p_email); $t_mailto = string_attribute("mailto:{$t_email}?subject={$t_summary}"); $t_text = string_display($p_text); return "<a href=\"{$t_mailto}\">{$t_text}</a>"; }
function html_login_info() { $t_username = current_user_get_field('username'); $t_access_level = get_enum_element('access_levels', current_user_get_access_level()); $t_now = date(config_get('complete_date_format')); $t_realname = current_user_get_field('realname'); print '<table class="hide">'; print '<tr>'; print '<td class="login-info-left">'; if (current_user_is_anonymous()) { if (!php_version_at_least('4.1.0')) { global $_SERVER; } $t_return_page = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $t_return_page .= '?' . $_SERVER['QUERY_STRING']; } $t_return_page = string_url($t_return_page); print lang_get('anonymous') . ' | <a href="login_page.php?return=' . $t_return_page . '">' . lang_get('login_link') . '</a>'; if (config_get('allow_signup') == ON) { print ' | <a href="signup_page.php">' . lang_get('signup_link') . '</a>'; } } else { echo lang_get('logged_in_as'), ": <span class=\"italic\">", string_display($t_username), "</span> <span class=\"small\">"; echo is_blank($t_realname) ? "({$t_access_level})" : "(", string_display($t_realname), " - {$t_access_level})"; echo "</span>"; } print '</td>'; print '<td class="login-info-middle">'; print "<span class=\"italic\">{$t_now}</span>"; print '</td>'; print '<td class="login-info-right">'; print '<form method="post" name="form_set_project" action="set_project.php">'; echo lang_get('email_project'), ': '; if (ON == config_get('use_javascript')) { print '<select name="project_id" class="small" onchange="document.forms.form_set_project.submit();">'; } else { print '<select name="project_id" class="small">'; } print_project_option_list(join(';', helper_get_current_project_trace()), true, null, true); print '</select> '; print '<input type="submit" class="button-small" value="' . lang_get('switch') . '" />'; print '</form>'; print '</td>'; print '</tr>'; print '</table>'; }