function absent_dirs($bad_dirs, $test_dir)
{
install_html_start();
$titre = _T('directories_setup_start');
$bad_url = "lcm_test_dirs.php";
if ($test_dir) {
$bad_url .= '?test_dir=' . $test_dir;
}
echo "<h3>" . $titre . "</h3>\n";
echo "<div align='right'>" . menu_languages('var_lang_lcm') . "</div>\n";
echo "<div class='box_error'>\n";
echo "<p>" . _T('directories_missing') . _T('typo_column') . "</p>\n";
echo "<ul>" . $bad_dirs . "</ul>\n";
echo "<p>" . _T('directories_missing_possible_cause') . "</p>\n";
echo "</div>\n";
// if ($install)
// echo aide ("install0");
echo "<p>" . _T('directories_continue') . "</p>\n";
echo "<form action='{$bad_urls}' method='get'>\n";
echo "<div align='right'><input type='submit' class='fondl' name='Valider' value='" . _T('button_reload_page') . "'></div>";
echo "</form>";
install_html_end();
}
function show_author_form($tab)
{
global $author_session;
global $prefs;
// Referer not always set (bookmark, reload, etc.)
// [AG] This is to preserve page's referer in 'ref' GET value during tab transitions
// giving it higher priority than the actual page referer
if (isset($_GET['ref'])) {
$http_ref = urldecode(clean_input($_GET['ref']));
} else {
$http_ref = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
}
$http_ref_link = new Link($http_ref);
echo '<form name="upd_user_profile" method="post" action="config_author.php">' . "\n";
echo '<input type="hidden" name="referer" value="' . $http_ref_link->getUrl() . '" />' . "\n";
echo '<input type="hidden" name="author_' . ($tab == 'advanced' ? 'advanced_settings' : 'ui') . '_modified" value="yes" />' . "\n";
if ($tab == 'advanced') {
echo '<input type="hidden" name="tab" value="1" />' . "\n";
}
echo '<table width="99%" border="0" align="center" cellpadding="5" cellspacing="0" class="tbl_usr_dtl">' . "\n";
echo "<tr>\n";
echo '<td colspan="2" align="center" valign="middle" class="heading">';
echo '<h4>' . _T('authorconf_subtitle_' . $tab) . "</h4></td>\n";
echo "</tr>\n";
switch ($tab) {
//
// User interface
//
case 'interface':
if ($GLOBALS['all_langs']) {
echo "\n\t\t\t\t\t<tr>\n\t\t\t\t\t<td align=\"right\" valign=\"top\">" . _T('authorconf_input_language') . "</td>\n\t\t\t\t\t<td align=\"left\" valign=\"top\">\n\t\t\t\t\t<input type='hidden' name='old_language' value='" . $GLOBALS['lcm_lang'] . "'/>\n";
echo menu_languages('sel_language');
echo "\n\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n";
}
?>
<tr>
<td align="right" valign="top" width="50%"><?php
echo _T('authorconf_input_screen');
?>
</td>
<td align="left" valign="top">
<input type="hidden" name="old_screen" id="old_screen" value="<?php
echo $prefs['screen'];
?>
" />
<select name="sel_screen" class="sel_frm">
<?php
$screen_modes = array("wide", "narrow");
foreach ($screen_modes as $scrm) {
$selected_mode = $scrm == $prefs['screen'] ? " selected='selected'" : '';
echo "<option value='" . $scrm . "'" . $selected_mode . ">" . _T('authorconf_input_screen_' . $scrm) . "</option>\n";
}
?>
</select>
</td>
</tr>
<tr>
<td align="right" valign="top"><?php
echo _T('authorconf_input_theme');
?>
</td>
<td align="left" valign="top">
<input type="hidden" name="old_theme" id="old_theme" value="<?php
echo $prefs['theme'];
?>
" />
<select name="sel_theme" class="sel_frm" id="sel_theme">
<?php
$themes = get_theme_list();
foreach ($themes as $t) {
// If a theme has no translation, show only the file name
$name = _T('authorconf_input_theme_' . $t);
if ($name == 'authorconf_input_theme_' . $t) {
$name = $t;
}
$selected = $t == $prefs['theme'] ? " selected='selected'" : '';
echo "<option value='" . $t . "'" . $selected . ">" . $name . "</option>\n";
}
?>
</select>
</td>
</tr>
<tr>
<td align="right" valign="top"><?php
echo _T('authorconf_input_font_size');
?>
</td>
<td align="left" valign="top">
<input type="hidden" name="old_font_size" id="old_font_size" value="<?php
echo $prefs['font_size'];
?>
" />
<!-- <input name="inc_fnt" type="button" class="search_form_btn" id="inc_fnt" value="A -" />
<input name="dec_fnt" type="button" class="search_form_btn" id="dec_fnt" value="A +" / >
(not working yet) -->
<select name="font_size" class="sel_frm" onchange="setActiveStyleSheet(document.upd_user_profile.font_size.options[document.upd_user_profile.font_size.options.selectedIndex].value)">
<?php
$fonts = array('small_font', 'medium_font', 'large_font');
// font_size gets default value in inc_auth.php
foreach ($fonts as $f) {
$sel = $f == $prefs['font_size'] ? 'selected="selected" ' : '';
echo '<option ' . $sel . 'value="' . $f . '">' . _T('authorconf_input_' . $f) . '</option>' . "\n";
}
?>
</select>
</td>
</tr>
<tr>
<td align="right" valign="top"><?php
echo _T('authorconf_input_results_per_page');
?>
</td>
<td align="left" valign="top">
<input type="hidden" name="old_page_rows" id="old_page_rows" value="<?php
echo $prefs['page_rows'];
?>
" />
<input name="page_rows" type="text" class="search_form_txt" id="page_rows" size="3" value="<?php
// page_rows gets default value in inc_auth.php
echo $prefs['page_rows'];
?>
" />
</td>
</tr>
</table>
<?php
break;
//
// Advanced settings
//
//
// Advanced settings
//
case 'advanced':
// Absolute/relative time intervals setting
echo "<tr>\n";
echo '<td align="left" valign="top">' . _T('authorconf_input_ui_time') . "</td>\n";
echo '<td align="left" valign="top">' . '<input type="hidden" name="old_time_intervals" id="old_time_intervals" value="' . $prefs['time_intervals'] . '" />' . '<select name="sel_time_intervals" class="sel_frm">';
$time_intervals = array("absolute", "relative");
foreach ($time_intervals as $ti) {
echo '<option value="' . $ti . '"' . isSelected($ti == $prefs['time_intervals']) . '>' . _T('authorconf_input_time_interval_' . $ti) . "</option>\n";
}
echo "</select>\n";
echo "</td>\n";
echo "</tr>\n";
// Relative time intervals notation setting (hours only / float days,hours,minutes / float days, float hours, minutes)
echo "<tr>\n";
echo '<td align="left" valign="top">' . _T('authorconf_input_time_intervals_notation') . "</td>\n";
echo '<td align="left" valign="top">' . '<input type="hidden" name="old_time_intervals_notation" id="old_time_intervals_notation" value="' . $prefs['time_intervals_notation'] . '" />' . '<select name="sel_time_intervals_notation" class="sel_frm">';
$time_intervals_notation = array("hours_only", "floatdays_hours_minutes");
foreach ($time_intervals_notation as $tin) {
echo "<option value='" . $tin . "'" . isSelected($tin == $prefs['time_intervals_notation']) . ">" . _T('authorconf_input_time_intervals_notation_' . $tin) . "</option>\n";
}
echo "</select>\n";
echo "</td>\n";
echo "</tr>\n";
echo "</table>\n";
break;
}
// Submit button
echo '<p align="' . $GLOBALS['lcm_lang_left'] . '">';
echo '<input name="validate" type="submit" class="search_form_btn" id="submit" value="' . _T('authorconf_button_update_preferences') . '" />';
echo "</p>\n";
echo "</form>\n";
}
$func = "install_step_" . $step;
$func();
// install_html_end($step);
// Clear error handling
$_SESSION['errors'] = array();
$_SESSION['form_data'] = array();
}
if (1 <= $step && $step <= 5) {
call_step($step);
} else {
if ($step == 'dirs') {
header("Location: lcm_test_dirs.php");
} else {
if (!$step) {
install_html_start('AUTO', '', "intro");
$menu_lang = menu_languages('var_lang_lcm_all');
echo "<div align='center'>\n";
echo "<table border='0' cellspacing='0' width='490' height='242' style=\"background-image: url('images/lcm/lcm_logo_install.png'); border: 0\">\n";
echo "<tr><td align='center' valign='top'>\n\t\t\t<div id='title'>\n\t\t\t\t<p><span style='font-size: 130%;'>" . _T('title_software') . "</span><br />\n\t\t\t\t<span style='font-size: 90%;'>" . _T('title_software_description') . "</span></p>\n\t\t\t</div>\n\t\t</td></tr>\n\t\t<tr><td align='center' valign='top'>\n\t\t\t<p id='license'>";
echo _T('info_free_software', array('distributed' => '<a href="http://www.lcm.ngo-bg.org/" class="prefs_normal_lnk">' . _T('info_free_software1') . '</a>', 'license' => lcm_help_string('about_license', _T('info_free_software2')))) . "</p>\n\t\t</td></tr>\n";
echo "</table>\n";
echo "</div>\n";
echo "<p class=\"simple_text\">" . _T('install_select_language') . "</p>\n";
echo "<div align='center'><p>" . $menu_lang . "</p></div>\n";
echo "<form action='install.php' method='get'>\n";
echo "<input type='hidden' name='step' value='dirs' />\n";
echo "<div align='" . $GLOBALS['lcm_lang_right'] . "'>" . "<button type='submit' name='Next'>" . _T('button_next') . " >></button> " . "</div>";
echo "</form>";
install_html_end("intro");
}
}
function show_login($cible, $prive = 'prive', $message_login = '')
{
$error = '';
$login = _request('var_login');
$logout = _request('var_logout');
// If the cookie fails, inc_auth tried to redirect to lcm_cookie who
// then tried to put a cookie. If it is not there, it is "cookie failed"
// who is there, and it's probably a bookmark on privet=yes and not
// a cookie failure.
$cookie_failed = "";
if (_request('var_cookie_failed')) {
$cookie_failed = $_COOKIE['lcm_session'] != 'cookie_test_failed';
}
global $author_session;
global $lcm_session;
global $clean_link;
if (!$cible) {
// cible = destination
$cible = new Link(_request('var_url', 'index.php'));
}
$cible->delVar('var_erreur');
$cible->delVar('var_url');
$cible->delVar('var_cookie_failed');
$clean_link->delVar('var_erreur');
$clean_link->delVar('var_login');
$clean_link->delVar('var_cookie_failed');
$url = $cible->getUrl();
// This populates the $author_session variable
include_lcm('inc_session');
verifier_visiteur();
if ($author_session and !$logout and ($author_session['status'] == 'admin' or $author_session['status'] == 'normal')) {
if ($url != $GLOBALS['clean_link']->getUrl()) {
lcm_header("Location: " . $cible->getUrlForHeader());
}
// [ML] This is making problems for no reason, we use login only
// for one mecanism (entering the system).
// echo "<a href='$url'>"._T('login_this_way')."</a>\n";
echo "<a class='content_link' href='index.php'>" . _T('login_this_way') . "</a>\n";
return;
}
if (_request('var_erreur') == 'pass') {
$error = _T('login_password_incorrect');
}
// The login is memorized in the cookie for a possible future admin login
if (!$login && isset($_COOKIE['lcm_admin'])) {
if (preg_match("/^@(.*)\$/", $_COOKIE['lcm_admin'], $regs)) {
$login = $regs[1];
}
} else {
if ($login == '-1') {
$login = '';
}
}
// other sources for authentication
$flag_autres_sources = isset($GLOBALS['ldap_present']) ? $GLOBALS['ldap_present'] : '';
// What informations to pass?
if ($login) {
$status_login = 0;
// unknown status
$login = clean_input($login);
$query = "SELECT id_author, status, password, prefs, alea_actuel, alea_futur \n\t\t\t\t\tFROM lcm_author \n\t\t\t\t\tWHERE username='******'";
$result = lcm_query($query);
if ($row = lcm_fetch_array($result)) {
if ($row['status'] == 'trash' or $row['password'] == '') {
$status_login = -1;
// deny
} else {
$status_login = 1;
// known login
// Which infos to pass for the javascript ?
$id_author = $row['id_author'];
$alea_actuel = $row['alea_actuel'];
// for MD5
$alea_futur = $row['alea_futur'];
// Button for lenght of connection
if ($row['prefs']) {
$prefs = unserialize($row['prefs']);
$rester_checked = $prefs['cnx'] == 'perma' ? ' checked=\'checked\'' : '';
}
}
}
// Unknown login (except LDAP) or refused
if ($status_login == -1 or $status_login == 0 and !$flag_autres_sources) {
$error = _T('login_identifier_unknown', array('login' => htmlspecialchars(clean_output($login))));
$login = '';
// [ML] Not sure why this was here, but headers are already sent
// therefore it causes an error message (which is not shown, but
// might make a mess, knowing how PHP runs differently everywhere..)
// @lcm_setcookie('lcm_admin', '', time() - 3600);
}
}
// Javascript for the focus
if ($login) {
$js_focus = 'document.form_login.session_password.focus();';
} else {
$js_focus = 'document.form_login.var_login.focus();';
}
// [ML] we should probably add a help link here, since tech, but let's see
// how many users complain first, since this should affect only tech users
if ($cookie_failed == "yes") {
$error = _T('login_warning_cookie');
}
echo open_login();
// [ML] Looks like there is no reason why to use $clean_link (defined in inc_version.php)
// It would cause very strange bugs when the "feed_globals()" were removed from inc_version
// and in the end, well, it looks rather useless.
//
// Strange bugs were caused because $action would be "./" and therefore it
// would call index.php -> listcases.php -> includes inc_auth.php who then
// calls auth(), who redirects to the login page.
$action = $clean_link->getUrl();
// $action = "lcm_login.php";
if ($login) {
// Shows the login form, including the MD5 javascript
$flag_challenge_md5 = true;
if ($flag_challenge_md5) {
echo '<script type="text/javascript" src="inc/md5.js"></script>';
}
echo "\n";
echo '<form name="form_login" action="lcm_cookie.php" method="post"';
if ($flag_challenge_md5) {
echo " onsubmit='if (this.session_password.value) {\n\t\t\t\tthis.session_password_md5.value = calcMD5(\"{$alea_actuel}\" + this.session_password.value);\n\t\t\t\tthis.next_session_password_md5.value = calcMD5(\"{$alea_futur}\" + this.session_password.value);\n\t\t\t\tthis.session_password.value = \"\"; }'";
}
echo ">\n";
echo "<div class='main_login_box' style='text-align:" . $GLOBALS["lcm_lang_left"] . ";'>\n";
if ($error) {
echo "<div style='color:red;'><b>" . _T('login_access_denied') . " {$error}</b></div><br />\n";
}
if ($flag_challenge_md5) {
// This is printed with javascript so that it is hidden from navigators not
// using JS, since they will see the username field anyway.
echo "<script type=\"text/javascript\"><!--\n" . "document.write('" . addslashes(_T('login_login')) . " <b>{$login}</b><br/>" . "<font size=\\'2\\'><a href=\\'lcm_cookie.php?cookie_admin=no&url=" . rawurlencode($action) . "\\' class=\\'link_btn\\'>" . _T('login_other_identifier') . "</a></font>');\n" . "//--></script>\n";
// If javascript is active, we pass the login in the hidden field
echo "<input type='hidden' name='session_login_hidden' value='{$login}' />";
// If javascript is not active, the login is still modifiable
// (since the challenge is not used)
echo "<noscript>";
}
echo "\t<label for='session_login'><b>" . _T('login_login') . "</b> (" . _T('login_info_login') . ")<br /></label>";
echo "\t<input type='text' name='session_login' id='session_login' class='forml' value=\"{$login}\" size='40' />\n";
if ($flag_challenge_md5) {
echo "</noscript>\n";
}
echo "\t<p />\n";
echo "\t<label for='session_password'><b>" . _T('login_password') . "</b><br /></label>";
echo "\t<input type='password' name='session_password' id='session_password' class='forml' value=\"\" size='40' />\n";
echo "\t<input type='hidden' name='essai_login' value='oui' />\n";
echo "\t<br /> <input type='checkbox' name='session_remember' value='yes' id='session_remember'{$rester_checked} /> ";
echo "\t<label for='session_remember'>" . _T('login_remain_logged_on') . "</label>";
echo "\t<input type='hidden' name='url' value='{$url}' />\n";
echo "\t<input type='hidden' name='session_password_md5' value='' />\n";
echo "\t<input type='hidden' name='next_session_password_md5' value='' />\n";
echo "<div align='right'><input class='button_login' type='submit' value='" . _T('button_validate') . "' /></div>\n";
echo "</div>";
echo "</form>";
} else {
// Ask only for the login/username
$action = quote_amp($action);
echo "<form name='form_login' action='{$action}' method='post'>\n";
echo "<div class='main_login_box' style='text-align:" . $GLOBALS["lcm_lang_left"] . ";'>";
if ($error) {
echo "<span style='color:red;'><b>" . _T('login_access_denied') . " {$error}</b></span><p />";
}
echo "<label><b>" . _T('login_login') . '</b> (' . _T('login_info_login') . ')' . "<br /></label>";
echo "<input type='text' name='var_login' class='forml' value=\"\" size='40' />\n";
echo "<input type='hidden' name='var_url' value='{$url}' />\n";
echo "<div align='right'><input class='button_login' type='submit' value='" . _T('button_validate') . "' /></div>\n";
echo "</div>";
echo "</form>";
}
// Focus management
echo "<script type=\"text/javascript\"><!--\n" . $js_focus . "\n//--></script>\n";
// Start the login footer
echo "<div align='left' style='font-size: 12px;' >";
echo "<div class='lang_combo_box'>" . menu_languages() . "</div>\n";
// button for "forgotten password"
include_lcm('inc_mail');
if (server_can_send_email()) {
echo '<a href="lcm_pass.php?pass_forgotten=yes" target="lcm_pass" onclick="' . "javascript:window.open(this.href, 'lcm_pass', 'scrollbars=yes, resizable=yes, width=640, height=280'); return false;\" class=\"link_btn\">" . _T('login_password_forgotten') . '</a>';
}
$register_popup = 'href="lcm_pass.php?register=yes" target="lcm_pass" ' . ' onclick="' . "javascript:window.open('lcm_pass.php?register=yes', 'lcm_pass', 'scrollbars=yes, resizable=yes, width=640, height=500'); return false;\"";
$open_subscription = read_meta("site_open_subscription");
if ($open_subscription == 'yes' || $open_subscription == 'moderated') {
echo " <a {$register_popup} class=\"link_btn\">" . _T('login_register') . '</a>';
}
echo "</div>\n";
echo close_login();
}
