public function login($frontend = '') { if (isset($_REQUEST['skip_remote']) && $_REQUEST['skip_remote']) { $GLOBALS['phpgw_remote_user_fallback'] = 'sql'; } if (isset($_GET['logout']) && $_GET['logout']) { $GLOBALS['phpgw_remote_user_fallback'] = 'sql'; $_REQUEST['skip_remote'] = true; } require_once dirname(realpath(__FILE__)) . '/sso/include_login.inc.php'; $lightbox = isset($_REQUEST['lightbox']) && $_REQUEST['lightbox'] ? true : false; $partial_url = "{$frontend}/login.php"; $phpgw_url_for_sso = 'phpgwapi/inc/sso/login_server.php'; if (isset($GLOBALS['phpgw_remote_user']) && !empty($GLOBALS['phpgw_remote_user'])) { $partial_url = 'phpgwapi/inc/sso/login_server.php'; } if ($frontend) { $GLOBALS['phpgw']->hooks->process('set_auth_type', array($frontend)); } if (isset($_REQUEST['skip_remote']) && $_REQUEST['skip_remote']) { $GLOBALS['phpgw_info']['server']['auth_type'] = $GLOBALS['phpgw_remote_user_fallback']; } /* Program starts here */ $uilogin = new phpgw_uilogin($tmpl, $GLOBALS['phpgw_info']['server']['auth_type'] == 'remoteuser' && !isset($GLOBALS['phpgw_remote_user'])); if ($GLOBALS['phpgw_info']['server']['auth_type'] == 'remoteuser' && isset($GLOBALS['phpgw_info']['server']['mapping']) && !empty($GLOBALS['phpgw_info']['server']['mapping']) && isset($_SERVER['REMOTE_USER'])) { $login = $GLOBALS['phpgw']->mapping->get_mapping($_SERVER['REMOTE_USER']); if ($login == '') { if (isset($GLOBALS['phpgw_info']['server']['auto_create_acct']) && $GLOBALS['phpgw_info']['server']['auto_create_acct'] == true) { // Redirection to create the new account : $GLOBALS['phpgw']->redirect_link('/phpgwapi/inc/sso/create_account.php'); } else { if ($GLOBALS['phpgw_info']['server']['mapping'] == 'table' || $GLOBALS['phpgw_info']['server']['mapping'] == 'all') { // Redirection to create a new mapping : $GLOBALS['phpgw']->redirect_link('/phpgwapi/inc/sso/create_mapping.php'); } else { if (!(isset($_GET['cd']) && $_GET['cd'] != '0')) { // An error occurs, bailed out $GLOBALS['phpgw']->redirect_link('/' . $partial_url, array('cd' => '20')); } } } } $passwd = $login; if (!(isset($_GET['cd']) && $_GET['cd'] != '0')) { $_POST['submitit'] = true; } } else { $login = phpgw::get_var('login', 'string', 'POST'); // remove entities to stop mangling $passwd = html_entity_decode(phpgw::get_var('passwd', 'string', 'POST')); } if ($GLOBALS['phpgw_info']['server']['auth_type'] == 'http' && isset($_SERVER['PHP_AUTH_USER'])) { $submit = true; $login = $_SERVER['PHP_AUTH_USER']; $passwd = $_SERVER['PHP_AUTH_PW']; } if ($GLOBALS['phpgw_info']['server']['auth_type'] == 'ntlm' && isset($_SERVER['REMOTE_USER']) && (!isset($_REQUEST['skip_remote']) || !$_REQUEST['skip_remote'])) { $login = $_SERVER['REMOTE_USER']; $passwd = ''; $GLOBALS['hook_values'] = array('account_lid' => $login); $GLOBALS['phpgw']->hooks->process('auto_addaccount', array('frontend')); //------------------Start login ntlm $GLOBALS['sessionid'] = $GLOBALS['phpgw']->session->create($login, $passwd); if (!isset($GLOBALS['sessionid']) || !$GLOBALS['sessionid']) { $cd_array = array(); if ($GLOBALS['phpgw']->session->cd_reason) { $cd_array['cd'] = $GLOBALS['phpgw']->session->cd_reason; } $cd_array['skip_remote'] = true; $GLOBALS['phpgw']->redirect_link("/{$partial_url}", $cd_array); exit; } $forward = phpgw::get_var('phpgw_forward'); if ($forward) { $extra_vars['phpgw_forward'] = $forward; foreach ($_GET as $name => $value) { if (preg_match('/phpgw_/', $name)) { $name = urlencode($name); $extra_vars[$name] = urlencode($value); } } } if (!isset($GLOBALS['phpgw_info']['server']['disable_autoload_langfiles']) || !$GLOBALS['phpgw_info']['server']['disable_autoload_langfiles']) { // $uilogin->check_langs(); } $extra_vars['cd'] = 'yes'; $GLOBALS['phpgw']->hooks->process('login'); $GLOBALS['phpgw']->redirect_link("{$frontend}/home.php", $extra_vars); //----------------- End login ntlm } # Apache + mod_ssl style SSL certificate authentication # Certificate (chain) verification occurs inside mod_ssl if ($GLOBALS['phpgw_info']['server']['auth_type'] == 'sqlssl' && isset($_SERVER['SSL_CLIENT_S_DN']) && !isset($_GET['cd'])) { # an X.509 subject looks like: # /CN=john.doe/OU=Department/O=Company/C=xx/Email=john@comapy.tld/L=City/ # the username is deliberately lowercase, to ease LDAP integration $sslattribs = explode('/', $_SERVER['SSL_CLIENT_S_DN']); # skip the part in front of the first '/' (nothing) while ($sslattrib = next($sslattribs)) { list($key, $val) = explode('=', $sslattrib); $sslattributes[$key] = $val; } if (isset($sslattributes['Email'])) { $submit = true; # login will be set here if the user logged out and uses a different username with # the same SSL-certificate. if (!isset($_POST['login']) && isset($sslattributes['Email'])) { $login = $sslattributes['Email']; # not checked against the database, but delivered to authentication module $passwd = $_SERVER['SSL_CLIENT_S_DN']; } } unset($key); unset($val); unset($sslattributes); } if ($GLOBALS['phpgw_info']['server']['auth_type'] == 'customsso' && !isset($_GET['cd'])) { //Reset auth object $GLOBALS['phpgw']->auth = createObject('phpgwapi.auth'); $login = $GLOBALS['phpgw']->auth->get_username(); $GLOBALS['sessionid'] = $GLOBALS['phpgw']->session->create($login, ''); if (!isset($GLOBALS['sessionid']) || !$GLOBALS['sessionid']) { $cd_array = array(); if ($GLOBALS['phpgw']->session->cd_reason) { $cd_array['cd'] = $GLOBALS['phpgw']->session->cd_reason; } $cd_array['skip_remote'] = true; $GLOBALS['phpgw']->redirect_link("/{$partial_url}", $cd_array); exit; } $forward = phpgw::get_var('phpgw_forward'); if ($forward) { $extra_vars['phpgw_forward'] = $forward; foreach ($_GET as $name => $value) { if (preg_match('/phpgw_/', $name)) { $name = urlencode($name); $extra_vars[$name] = urlencode($value); } } } $extra_vars['cd'] = 'yes'; $GLOBALS['phpgw']->hooks->process('login'); $GLOBALS['phpgw']->redirect_link("{$frontend}/home.php", $extra_vars); } if (isset($_POST['submitit']) || isset($_POST['submit_x']) || isset($_POST['submit_y'])) { if ($_SERVER['REQUEST_METHOD'] != 'POST' && !isset($_SERVER['PHP_AUTH_USER']) && !isset($_SERVER['REMOTE_USER']) && !isset($_SERVER['SSL_CLIENT_S_DN'])) { $GLOBALS['phpgw']->redirect_link('/' . $partial_url, array('cd' => '5')); } $logindomain = phpgw::get_var('logindomain', 'string', 'POST'); if (strstr($login, '#') === false && $logindomain) { $login .= "#{$logindomain}"; } $receipt = array(); if (isset($GLOBALS['phpgw_info']['server']['usecookies']) && $GLOBALS['phpgw_info']['server']['usecookies']) { if (isset($_COOKIE['domain']) && $_COOKIE['domain'] != $logindomain) { $GLOBALS['phpgw']->session->phpgw_setcookie('kp3'); $GLOBALS['phpgw']->session->phpgw_setcookie('domain'); // $GLOBALS['phpgw']->redirect_link("/{$partial_url}", array('cd' =>22)); // already within a session // exit; $receipt[] = lang('Info: you have changed domain from "%1" to "%2"', $_COOKIE['domain'], $logindomain); } } $GLOBALS['sessionid'] = $GLOBALS['phpgw']->session->create($login, $passwd); if (!isset($GLOBALS['sessionid']) || !$GLOBALS['sessionid']) { $cd_array = array(); if ($GLOBALS['phpgw']->session->cd_reason) { $cd_array['cd'] = $GLOBALS['phpgw']->session->cd_reason; } $cd_array['skip_remote'] = true; $cd_array['lightbox'] = $lightbox; $GLOBALS['phpgw']->redirect_link("/{$partial_url}", $cd_array); exit; } if ($receipt) { phpgwapi_cache::message_set($receipt, 'message'); } $forward = phpgw::get_var('phpgw_forward'); if ($forward) { $extra_vars['phpgw_forward'] = $forward; foreach ($_GET as $name => $value) { if (preg_match('/phpgw_/', $name)) { //$extra_vars[$name] = $value; $name = urlencode($name); $extra_vars[$name] = urlencode($value); } } } if (!isset($GLOBALS['phpgw_info']['server']['disable_autoload_langfiles']) || !$GLOBALS['phpgw_info']['server']['disable_autoload_langfiles']) { // $uilogin->check_langs(); } $extra_vars['cd'] = 'yes'; $GLOBALS['phpgw']->hooks->process('login'); if ($lightbox) { $GLOBALS['phpgw']->redirect_link("{$frontend}/login.php", array('hide_lightbox' => true)); } else { $GLOBALS['phpgw']->redirect_link("{$frontend}/home.php", $extra_vars); } } //Build vars : $variables = array(); $variables['lang_login'] = lang('login'); $variables['partial_url'] = $partial_url; $variables['lang_frontend'] = $frontend ? lang($frontend) : ''; if (isset($GLOBALS['phpgw_info']['server']['half_remote_user']) && $GLOBALS['phpgw_info']['server']['half_remote_user'] == 'remoteuser') { $variables['lang_additional_url'] = lang('use sso login'); $variables['additional_url'] = $GLOBALS['phpgw']->link('/' . $phpgw_url_for_sso); } $uilogin->phpgw_display_login($variables); }
$data = $account->read(); $data['account_firstname'] = $firstname; $data['account_lastname'] = $lastname; $account->update_data($data); $account->save_repository(); if ($GLOBALS['phpgw_info']['server']['mapping'] == 'table') { $GLOBALS['phpgw']->mapping->add_mapping($_SERVER['REMOTE_USER'], $loginn); } else { if ($GLOBALS['phpgw_info']['server']['mapping'] == 'all' && $loginn != $_SERVER['REMOTE_USER']) { $GLOBALS['phpgw']->mapping->add_mapping($_SERVER['REMOTE_USER'], $loginn); } } $GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] . $phpgw_url_for_sso); } } $uilogin = new phpgw_uilogin($tmpl, false); $variables = array(); if ($GLOBALS['phpgw_info']['server']['mapping'] == 'id') { $variables['login_read_only'] = true; } $variables['lang_message'] = lang('your account doesn\'t exist, please fill in infos !'); if (count($error)) { $variables['lang_message'] .= $GLOBALS['phpgw']->common->error_list($error); } $variables['lang_login'] = lang('new account and login'); $variables['login'] = $loginn; $variables['lang_firstname'] = lang('firstname'); $variables['lang_lastname'] = lang('lastname'); $variables['firstname'] = $firstname; $variables['lastname'] = $lastname; $variables['lang_confirm_password'] = lang('confirm password');