function absent_dirs($bad_dirs, $test_dir) { install_html_start(); $titre = _T('directories_setup_start'); $bad_url = "lcm_test_dirs.php"; if ($test_dir) { $bad_url .= '?test_dir=' . $test_dir; } echo "<h3>" . $titre . "</h3>\n"; echo "<div align='right'>" . menu_languages('var_lang_lcm') . "</div>\n"; echo "<div class='box_error'>\n"; echo "<p>" . _T('directories_missing') . _T('typo_column') . "</p>\n"; echo "<ul>" . $bad_dirs . "</ul>\n"; echo "<p>" . _T('directories_missing_possible_cause') . "</p>\n"; echo "</div>\n"; // if ($install) // echo aide ("install0"); echo "<p>" . _T('directories_continue') . "</p>\n"; echo "<form action='{$bad_urls}' method='get'>\n"; echo "<div align='right'><input type='submit' class='fondl' name='Valider' value='" . _T('button_reload_page') . "'></div>"; echo "</form>"; install_html_end(); }
function show_author_form($tab) { global $author_session; global $prefs; // Referer not always set (bookmark, reload, etc.) // [AG] This is to preserve page's referer in 'ref' GET value during tab transitions // giving it higher priority than the actual page referer if (isset($_GET['ref'])) { $http_ref = urldecode(clean_input($_GET['ref'])); } else { $http_ref = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; } $http_ref_link = new Link($http_ref); echo '<form name="upd_user_profile" method="post" action="config_author.php">' . "\n"; echo '<input type="hidden" name="referer" value="' . $http_ref_link->getUrl() . '" />' . "\n"; echo '<input type="hidden" name="author_' . ($tab == 'advanced' ? 'advanced_settings' : 'ui') . '_modified" value="yes" />' . "\n"; if ($tab == 'advanced') { echo '<input type="hidden" name="tab" value="1" />' . "\n"; } echo '<table width="99%" border="0" align="center" cellpadding="5" cellspacing="0" class="tbl_usr_dtl">' . "\n"; echo "<tr>\n"; echo '<td colspan="2" align="center" valign="middle" class="heading">'; echo '<h4>' . _T('authorconf_subtitle_' . $tab) . "</h4></td>\n"; echo "</tr>\n"; switch ($tab) { // // User interface // case 'interface': if ($GLOBALS['all_langs']) { echo "\n\t\t\t\t\t<tr>\n\t\t\t\t\t<td align=\"right\" valign=\"top\">" . _T('authorconf_input_language') . "</td>\n\t\t\t\t\t<td align=\"left\" valign=\"top\">\n\t\t\t\t\t<input type='hidden' name='old_language' value='" . $GLOBALS['lcm_lang'] . "'/>\n"; echo menu_languages('sel_language'); echo "\n\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n"; } ?> <tr> <td align="right" valign="top" width="50%"><?php echo _T('authorconf_input_screen'); ?> </td> <td align="left" valign="top"> <input type="hidden" name="old_screen" id="old_screen" value="<?php echo $prefs['screen']; ?> " /> <select name="sel_screen" class="sel_frm"> <?php $screen_modes = array("wide", "narrow"); foreach ($screen_modes as $scrm) { $selected_mode = $scrm == $prefs['screen'] ? " selected='selected'" : ''; echo "<option value='" . $scrm . "'" . $selected_mode . ">" . _T('authorconf_input_screen_' . $scrm) . "</option>\n"; } ?> </select> </td> </tr> <tr> <td align="right" valign="top"><?php echo _T('authorconf_input_theme'); ?> </td> <td align="left" valign="top"> <input type="hidden" name="old_theme" id="old_theme" value="<?php echo $prefs['theme']; ?> " /> <select name="sel_theme" class="sel_frm" id="sel_theme"> <?php $themes = get_theme_list(); foreach ($themes as $t) { // If a theme has no translation, show only the file name $name = _T('authorconf_input_theme_' . $t); if ($name == 'authorconf_input_theme_' . $t) { $name = $t; } $selected = $t == $prefs['theme'] ? " selected='selected'" : ''; echo "<option value='" . $t . "'" . $selected . ">" . $name . "</option>\n"; } ?> </select> </td> </tr> <tr> <td align="right" valign="top"><?php echo _T('authorconf_input_font_size'); ?> </td> <td align="left" valign="top"> <input type="hidden" name="old_font_size" id="old_font_size" value="<?php echo $prefs['font_size']; ?> " /> <!-- <input name="inc_fnt" type="button" class="search_form_btn" id="inc_fnt" value="A -" /> <input name="dec_fnt" type="button" class="search_form_btn" id="dec_fnt" value="A +" / > (not working yet) --> <select name="font_size" class="sel_frm" onchange="setActiveStyleSheet(document.upd_user_profile.font_size.options[document.upd_user_profile.font_size.options.selectedIndex].value)"> <?php $fonts = array('small_font', 'medium_font', 'large_font'); // font_size gets default value in inc_auth.php foreach ($fonts as $f) { $sel = $f == $prefs['font_size'] ? 'selected="selected" ' : ''; echo '<option ' . $sel . 'value="' . $f . '">' . _T('authorconf_input_' . $f) . '</option>' . "\n"; } ?> </select> </td> </tr> <tr> <td align="right" valign="top"><?php echo _T('authorconf_input_results_per_page'); ?> </td> <td align="left" valign="top"> <input type="hidden" name="old_page_rows" id="old_page_rows" value="<?php echo $prefs['page_rows']; ?> " /> <input name="page_rows" type="text" class="search_form_txt" id="page_rows" size="3" value="<?php // page_rows gets default value in inc_auth.php echo $prefs['page_rows']; ?> " /> </td> </tr> </table> <?php break; // // Advanced settings // // // Advanced settings // case 'advanced': // Absolute/relative time intervals setting echo "<tr>\n"; echo '<td align="left" valign="top">' . _T('authorconf_input_ui_time') . "</td>\n"; echo '<td align="left" valign="top">' . '<input type="hidden" name="old_time_intervals" id="old_time_intervals" value="' . $prefs['time_intervals'] . '" />' . '<select name="sel_time_intervals" class="sel_frm">'; $time_intervals = array("absolute", "relative"); foreach ($time_intervals as $ti) { echo '<option value="' . $ti . '"' . isSelected($ti == $prefs['time_intervals']) . '>' . _T('authorconf_input_time_interval_' . $ti) . "</option>\n"; } echo "</select>\n"; echo "</td>\n"; echo "</tr>\n"; // Relative time intervals notation setting (hours only / float days,hours,minutes / float days, float hours, minutes) echo "<tr>\n"; echo '<td align="left" valign="top">' . _T('authorconf_input_time_intervals_notation') . "</td>\n"; echo '<td align="left" valign="top">' . '<input type="hidden" name="old_time_intervals_notation" id="old_time_intervals_notation" value="' . $prefs['time_intervals_notation'] . '" />' . '<select name="sel_time_intervals_notation" class="sel_frm">'; $time_intervals_notation = array("hours_only", "floatdays_hours_minutes"); foreach ($time_intervals_notation as $tin) { echo "<option value='" . $tin . "'" . isSelected($tin == $prefs['time_intervals_notation']) . ">" . _T('authorconf_input_time_intervals_notation_' . $tin) . "</option>\n"; } echo "</select>\n"; echo "</td>\n"; echo "</tr>\n"; echo "</table>\n"; break; } // Submit button echo '<p align="' . $GLOBALS['lcm_lang_left'] . '">'; echo '<input name="validate" type="submit" class="search_form_btn" id="submit" value="' . _T('authorconf_button_update_preferences') . '" />'; echo "</p>\n"; echo "</form>\n"; }
$func = "install_step_" . $step; $func(); // install_html_end($step); // Clear error handling $_SESSION['errors'] = array(); $_SESSION['form_data'] = array(); } if (1 <= $step && $step <= 5) { call_step($step); } else { if ($step == 'dirs') { header("Location: lcm_test_dirs.php"); } else { if (!$step) { install_html_start('AUTO', '', "intro"); $menu_lang = menu_languages('var_lang_lcm_all'); echo "<div align='center'>\n"; echo "<table border='0' cellspacing='0' width='490' height='242' style=\"background-image: url('images/lcm/lcm_logo_install.png'); border: 0\">\n"; echo "<tr><td align='center' valign='top'>\n\t\t\t<div id='title'>\n\t\t\t\t<p><span style='font-size: 130%;'>" . _T('title_software') . "</span><br />\n\t\t\t\t<span style='font-size: 90%;'>" . _T('title_software_description') . "</span></p>\n\t\t\t</div>\n\t\t</td></tr>\n\t\t<tr><td align='center' valign='top'>\n\t\t\t<p id='license'>"; echo _T('info_free_software', array('distributed' => '<a href="http://www.lcm.ngo-bg.org/" class="prefs_normal_lnk">' . _T('info_free_software1') . '</a>', 'license' => lcm_help_string('about_license', _T('info_free_software2')))) . "</p>\n\t\t</td></tr>\n"; echo "</table>\n"; echo "</div>\n"; echo "<p class=\"simple_text\">" . _T('install_select_language') . "</p>\n"; echo "<div align='center'><p>" . $menu_lang . "</p></div>\n"; echo "<form action='install.php' method='get'>\n"; echo "<input type='hidden' name='step' value='dirs' />\n"; echo "<div align='" . $GLOBALS['lcm_lang_right'] . "'>" . "<button type='submit' name='Next'>" . _T('button_next') . " >></button> " . "</div>"; echo "</form>"; install_html_end("intro"); } }
function show_login($cible, $prive = 'prive', $message_login = '') { $error = ''; $login = _request('var_login'); $logout = _request('var_logout'); // If the cookie fails, inc_auth tried to redirect to lcm_cookie who // then tried to put a cookie. If it is not there, it is "cookie failed" // who is there, and it's probably a bookmark on privet=yes and not // a cookie failure. $cookie_failed = ""; if (_request('var_cookie_failed')) { $cookie_failed = $_COOKIE['lcm_session'] != 'cookie_test_failed'; } global $author_session; global $lcm_session; global $clean_link; if (!$cible) { // cible = destination $cible = new Link(_request('var_url', 'index.php')); } $cible->delVar('var_erreur'); $cible->delVar('var_url'); $cible->delVar('var_cookie_failed'); $clean_link->delVar('var_erreur'); $clean_link->delVar('var_login'); $clean_link->delVar('var_cookie_failed'); $url = $cible->getUrl(); // This populates the $author_session variable include_lcm('inc_session'); verifier_visiteur(); if ($author_session and !$logout and ($author_session['status'] == 'admin' or $author_session['status'] == 'normal')) { if ($url != $GLOBALS['clean_link']->getUrl()) { lcm_header("Location: " . $cible->getUrlForHeader()); } // [ML] This is making problems for no reason, we use login only // for one mecanism (entering the system). // echo "<a href='$url'>"._T('login_this_way')."</a>\n"; echo "<a class='content_link' href='index.php'>" . _T('login_this_way') . "</a>\n"; return; } if (_request('var_erreur') == 'pass') { $error = _T('login_password_incorrect'); } // The login is memorized in the cookie for a possible future admin login if (!$login && isset($_COOKIE['lcm_admin'])) { if (preg_match("/^@(.*)\$/", $_COOKIE['lcm_admin'], $regs)) { $login = $regs[1]; } } else { if ($login == '-1') { $login = ''; } } // other sources for authentication $flag_autres_sources = isset($GLOBALS['ldap_present']) ? $GLOBALS['ldap_present'] : ''; // What informations to pass? if ($login) { $status_login = 0; // unknown status $login = clean_input($login); $query = "SELECT id_author, status, password, prefs, alea_actuel, alea_futur \n\t\t\t\t\tFROM lcm_author \n\t\t\t\t\tWHERE username='******'"; $result = lcm_query($query); if ($row = lcm_fetch_array($result)) { if ($row['status'] == 'trash' or $row['password'] == '') { $status_login = -1; // deny } else { $status_login = 1; // known login // Which infos to pass for the javascript ? $id_author = $row['id_author']; $alea_actuel = $row['alea_actuel']; // for MD5 $alea_futur = $row['alea_futur']; // Button for lenght of connection if ($row['prefs']) { $prefs = unserialize($row['prefs']); $rester_checked = $prefs['cnx'] == 'perma' ? ' checked=\'checked\'' : ''; } } } // Unknown login (except LDAP) or refused if ($status_login == -1 or $status_login == 0 and !$flag_autres_sources) { $error = _T('login_identifier_unknown', array('login' => htmlspecialchars(clean_output($login)))); $login = ''; // [ML] Not sure why this was here, but headers are already sent // therefore it causes an error message (which is not shown, but // might make a mess, knowing how PHP runs differently everywhere..) // @lcm_setcookie('lcm_admin', '', time() - 3600); } } // Javascript for the focus if ($login) { $js_focus = 'document.form_login.session_password.focus();'; } else { $js_focus = 'document.form_login.var_login.focus();'; } // [ML] we should probably add a help link here, since tech, but let's see // how many users complain first, since this should affect only tech users if ($cookie_failed == "yes") { $error = _T('login_warning_cookie'); } echo open_login(); // [ML] Looks like there is no reason why to use $clean_link (defined in inc_version.php) // It would cause very strange bugs when the "feed_globals()" were removed from inc_version // and in the end, well, it looks rather useless. // // Strange bugs were caused because $action would be "./" and therefore it // would call index.php -> listcases.php -> includes inc_auth.php who then // calls auth(), who redirects to the login page. $action = $clean_link->getUrl(); // $action = "lcm_login.php"; if ($login) { // Shows the login form, including the MD5 javascript $flag_challenge_md5 = true; if ($flag_challenge_md5) { echo '<script type="text/javascript" src="inc/md5.js"></script>'; } echo "\n"; echo '<form name="form_login" action="lcm_cookie.php" method="post"'; if ($flag_challenge_md5) { echo " onsubmit='if (this.session_password.value) {\n\t\t\t\tthis.session_password_md5.value = calcMD5(\"{$alea_actuel}\" + this.session_password.value);\n\t\t\t\tthis.next_session_password_md5.value = calcMD5(\"{$alea_futur}\" + this.session_password.value);\n\t\t\t\tthis.session_password.value = \"\"; }'"; } echo ">\n"; echo "<div class='main_login_box' style='text-align:" . $GLOBALS["lcm_lang_left"] . ";'>\n"; if ($error) { echo "<div style='color:red;'><b>" . _T('login_access_denied') . " {$error}</b></div><br />\n"; } if ($flag_challenge_md5) { // This is printed with javascript so that it is hidden from navigators not // using JS, since they will see the username field anyway. echo "<script type=\"text/javascript\"><!--\n" . "document.write('" . addslashes(_T('login_login')) . " <b>{$login}</b><br/>" . "<font size=\\'2\\'><a href=\\'lcm_cookie.php?cookie_admin=no&url=" . rawurlencode($action) . "\\' class=\\'link_btn\\'>" . _T('login_other_identifier') . "</a></font>');\n" . "//--></script>\n"; // If javascript is active, we pass the login in the hidden field echo "<input type='hidden' name='session_login_hidden' value='{$login}' />"; // If javascript is not active, the login is still modifiable // (since the challenge is not used) echo "<noscript>"; } echo "\t<label for='session_login'><b>" . _T('login_login') . "</b> (" . _T('login_info_login') . ")<br /></label>"; echo "\t<input type='text' name='session_login' id='session_login' class='forml' value=\"{$login}\" size='40' />\n"; if ($flag_challenge_md5) { echo "</noscript>\n"; } echo "\t<p />\n"; echo "\t<label for='session_password'><b>" . _T('login_password') . "</b><br /></label>"; echo "\t<input type='password' name='session_password' id='session_password' class='forml' value=\"\" size='40' />\n"; echo "\t<input type='hidden' name='essai_login' value='oui' />\n"; echo "\t<br /> <input type='checkbox' name='session_remember' value='yes' id='session_remember'{$rester_checked} /> "; echo "\t<label for='session_remember'>" . _T('login_remain_logged_on') . "</label>"; echo "\t<input type='hidden' name='url' value='{$url}' />\n"; echo "\t<input type='hidden' name='session_password_md5' value='' />\n"; echo "\t<input type='hidden' name='next_session_password_md5' value='' />\n"; echo "<div align='right'><input class='button_login' type='submit' value='" . _T('button_validate') . "' /></div>\n"; echo "</div>"; echo "</form>"; } else { // Ask only for the login/username $action = quote_amp($action); echo "<form name='form_login' action='{$action}' method='post'>\n"; echo "<div class='main_login_box' style='text-align:" . $GLOBALS["lcm_lang_left"] . ";'>"; if ($error) { echo "<span style='color:red;'><b>" . _T('login_access_denied') . " {$error}</b></span><p />"; } echo "<label><b>" . _T('login_login') . '</b> (' . _T('login_info_login') . ')' . "<br /></label>"; echo "<input type='text' name='var_login' class='forml' value=\"\" size='40' />\n"; echo "<input type='hidden' name='var_url' value='{$url}' />\n"; echo "<div align='right'><input class='button_login' type='submit' value='" . _T('button_validate') . "' /></div>\n"; echo "</div>"; echo "</form>"; } // Focus management echo "<script type=\"text/javascript\"><!--\n" . $js_focus . "\n//--></script>\n"; // Start the login footer echo "<div align='left' style='font-size: 12px;' >"; echo "<div class='lang_combo_box'>" . menu_languages() . "</div>\n"; // button for "forgotten password" include_lcm('inc_mail'); if (server_can_send_email()) { echo '<a href="lcm_pass.php?pass_forgotten=yes" target="lcm_pass" onclick="' . "javascript:window.open(this.href, 'lcm_pass', 'scrollbars=yes, resizable=yes, width=640, height=280'); return false;\" class=\"link_btn\">" . _T('login_password_forgotten') . '</a>'; } $register_popup = 'href="lcm_pass.php?register=yes" target="lcm_pass" ' . ' onclick="' . "javascript:window.open('lcm_pass.php?register=yes', 'lcm_pass', 'scrollbars=yes, resizable=yes, width=640, height=500'); return false;\""; $open_subscription = read_meta("site_open_subscription"); if ($open_subscription == 'yes' || $open_subscription == 'moderated') { echo " <a {$register_popup} class=\"link_btn\">" . _T('login_register') . '</a>'; } echo "</div>\n"; echo close_login(); }