Example #1
0
        case 'sendmail':
            if ($staff = Staff::lookup($_POST['userid'])) {
                if (!$staff->hasPassword()) {
                    $msg = 'Unable to reset password. Contact your administrator';
                } elseif (!$staff->sendResetEmail()) {
                    $tpl = 'pwreset.sent.php';
                }
            } else {
                $msg = 'Unable to verify username ' . Format::htmlchars($_POST['userid']);
            }
            break;
        case 'newpasswd':
            // TODO: Compare passwords
            $tpl = 'pwreset.login.php';
            $errors = array();
            if ($staff = StaffAuthenticationBackend::processSignOn($errors)) {
                $info = array('page' => 'index.php');
                Http::redirect($info['page']);
            } elseif (isset($errors['msg'])) {
                $msg = $errors['msg'];
            }
            break;
    }
} elseif ($_GET['token']) {
    $msg = 'Please enter your username or email';
    $_config = new Config('pwreset');
    if (($id = $_config->get($_GET['token'])) && ($staff = Staff::lookup($id))) {
        // TODO: Detect staff confirmation (for welcome email)
        $tpl = 'pwreset.login.php';
    } else {
        header('Location: index.php');
Example #2
0
$dest = $dest && (!strstr($dest, 'login.php') && !strstr($dest, 'ajax.php')) ? $dest : 'index.php';
$show_reset = false;
if ($_POST) {
    // Lookup support backends for this staff
    $username = trim($_POST['userid']);
    if ($user = StaffAuthenticationBackend::process($username, $_POST['passwd'], $errors)) {
        session_write_close();
        Http::redirect($dest);
        require_once 'index.php';
        //Just incase header is messed up.
        exit;
    }
    $msg = $errors['err'] ? $errors['err'] : 'Invalid login';
    $show_reset = true;
} elseif ($_GET['do']) {
    switch ($_GET['do']) {
        case 'ext':
            // Lookup external backend
            if ($bk = StaffAuthenticationBackend::getBackend($_GET['bk'])) {
                $bk->triggerAuth();
            }
    }
    Http::redirect('login.php');
} elseif (!$thisstaff || !($thisstaff->getId() || $thisstaff->isValid())) {
    if (($user = StaffAuthenticationBackend::processSignOn($errors, false)) && $user instanceof StaffSession) {
        @header("Location: {$dest}");
    }
}
define("OSTSCPINC", TRUE);
//Make includes happy!
include_once INCLUDE_DIR . 'staff/login.tpl.php';
Example #3
0
    if ($user = StaffAuthenticationBackend::process($username,
            $_POST['passwd'], $errors)) {
        session_write_close();
        Http::redirect($dest);
        require_once('index.php'); //Just incase header is messed up.
        exit;
    }

    $msg = $errors['err']?$errors['err']:__('Invalid login');
    $show_reset = true;
}
elseif ($_GET['do']) {
    switch ($_GET['do']) {
    case 'ext':
        // Lookup external backend
        if ($bk = StaffAuthenticationBackend::getBackend($_GET['bk']))
            $bk->triggerAuth();
    }
    Http::redirect('login.php');
}
// Consider single sign-on authentication backends
elseif (!$thisstaff || !($thisstaff->getId() || $thisstaff->isValid())) {
    if (($user = StaffAuthenticationBackend::processSignOn($errors, false))
            && ($user instanceof StaffSession))
       @header("Location: $dest");
}

define("OSTSCPINC",TRUE); //Make includes happy!
include_once(INCLUDE_DIR.'staff/login.tpl.php');
?>