コード例 #1
0
ファイル: LoginUI.php プロジェクト: PublicityPort/OpenCATS
    private function attemptLogin()
    {
        //FIXME: getTrimmedInput()!
        if (isset($_POST['siteName'])) {
            $siteName = $_POST['siteName'];
        } else {
            $siteName = '';
        }
        if (!isset($_POST['username']) || !isset($_POST['password'])) {
            $message = 'Invalid username or password.';
            if (isset($_GET['reloginVars'])) {
                $this->_template->assign('reloginVars', urlencode($_GET['reloginVars']));
            } else {
                $this->_template->assign('reloginVars', '');
            }
            $site = new Site(-1);
            $rs = $site->getSiteByUnixName($siteName);
            if (isset($rs['name'])) {
                $siteNameFull = $rs['name'];
            } else {
                $siteNameFull = $siteName;
            }
            $this->_template->assign('aspMode', false);
            if (!eval(Hooks::get('LOGIN_NO_CREDENTIALS'))) {
                return;
            }
            $this->_template->assign('message', $message);
            $this->_template->assign('messageSuccess', false);
            $this->_template->assign('siteName', $siteName);
            $this->_template->assign('siteNameFull', $siteNameFull);
            $this->_template->assign('dateString', date('l, F jS, Y'));
            if (ModuleUtility::moduleExists("asp")) {
                $this->_template->display('./modules/asp/AspLogin.tpl');
            } else {
                $this->_template->display('./modules/login/Login.tpl');
            }
            return;
        }
        $username = $this->getTrimmedInput('username', $_POST);
        $password = $this->getTrimmedInput('password', $_POST);
        if (strpos($username, '@') !== false) {
            $siteName = '';
        }
        if ($siteName != '') {
            $site = new Site(-1);
            $rs = $site->getSiteByUnixName($siteName);
            if (isset($rs['siteID'])) {
                $username .= '@' . $rs['siteID'];
            }
        }
        /* Make a blind attempt at logging the user in. */
        $_SESSION['CATS']->processLogin($username, $password);
        /* If unsuccessful, take the user back to the login page. */
        if (!$_SESSION['CATS']->isLoggedIn()) {
            $message = $_SESSION['CATS']->getLoginError();
            if (isset($_GET['reloginVars'])) {
                $this->_template->assign('reloginVars', urlencode($_GET['reloginVars']));
            } else {
                $this->_template->assign('reloginVars', '');
            }
            $site = new Site(-1);
            $rs = $site->getSiteByUnixName($siteName);
            if (isset($rs['name'])) {
                $siteNameFull = $rs['name'];
            } else {
                $siteNameFull = $siteName;
            }
            $this->_template->assign('aspMode', false);
            if (!eval(Hooks::get('LOGIN_UNSUCCESSFUL'))) {
                return;
            }
            $this->_template->assign('message', $message);
            $this->_template->assign('messageSuccess', false);
            $this->_template->assign('siteName', $siteName);
            $this->_template->assign('siteNameFull', $siteNameFull);
            $this->_template->assign('dateString', date('l, F jS, Y'));
            if (ModuleUtility::moduleExists("asp")) {
                $this->_template->display('./modules/asp/AspLogin.tpl');
            } else {
                $this->_template->display('./modules/login/Login.tpl');
            }
            return;
        }
        $systemInfoDb = new SystemInfo();
        $accessLevel = $_SESSION['CATS']->getAccessLevel();
        $mailerSettings = new MailerSettings($_SESSION['CATS']->getSiteID());
        $mailerSettingsRS = $mailerSettings->getAll();
        /***************************** BEGIN NEW WIZARD *****************************************/
        /**
         * Improved setup wizard using the Wizard library. If the user succeeds,
         * all old-style wizards will no longer be shown.
         */
        $wizard = new Wizard(CATSUtility::getIndexName() . '?m=home', './js/wizardIntro.js');
        if ($_SESSION['CATS']->isFirstTimeSetup()) {
            $wizard->addPage('Welcome!', './modules/login/wizard/Intro.tpl', '', false, true);
        }
        if (!$_SESSION['CATS']->isAgreedToLicense()) {
            $phpeval = '';
            if (!eval(Hooks::get('LICENSE_TERMS'))) {
                return;
            }
            $wizard->addPage('License', './modules/login/wizard/License.tpl', $phpeval, true, true);
        }
        if (!file_exists('modules/asp') || defined('CATS_TEST_MODE') && CATS_TEST_MODE) {
            // On-site wizard pages
            if (!LicenseUtility::isLicenseValid()) {
                if (defined('LICENSE_KEY') && LICENSE_KEY == '') {
                    $template = 'Register.tpl';
                    $templateName = 'Register';
                } else {
                    $template = 'Reregister.tpl';
                    $templateName = 'License Expired';
                }
                $wizard->addPage($templateName, './modules/login/wizard/' . $template, '', false, true);
            }
        }
        // if logged in for the first time, change password
        if (strtolower($username) == 'admin' && $password === DEFAULT_ADMIN_PASSWORD) {
            $wizard->addPage('Password', './modules/login/wizard/Password.tpl', '', false, true);
        }
        // make user set an e-mail address
        if (trim($_SESSION['CATS']->getEmail()) == '') {
            $wizard->addPage('E-mail', './modules/login/wizard/Email.tpl', '', false, true);
        }
        // if no site name set, make user set site name
        if ($accessLevel >= ACCESS_LEVEL_SA && $_SESSION['CATS']->getSiteName() === 'default_site') {
            $wizard->addPage('Site', './modules/login/wizard/SiteName.tpl', '', false, true);
        }
        // CATS Hosted Wizard Pages
        if (!eval(Hooks::get('ASP_WIZARD_PAGES'))) {
            return;
        }
        if ($_SESSION['CATS']->isFirstTimeSetup()) {
            $wizard->addPage('Setup Users', './modules/login/wizard/Users.tpl', '
                $users = new Users($siteID);
                $mp = $users->getAll();
                $data = $users->getLicenseData();

                $this->_template->assign(\'users\', $mp);
                $this->_template->assign(\'totalUsers\', $data[\'totalUsers\']);
                $this->_template->assign(\'userLicenses\', $data[\'userLicenses\']);
                $this->_template->assign(\'accessLevels\', $users->getAccessLevels());
            ');
            if (!eval(Hooks::get('ASP_WIZARD_IMPORT'))) {
                return;
            }
        }
        // The wizard will not display if no pages have been added.
        $wizard->doModal();
        /******************************* END NEW WIZARD *******************************************/
        /* Session is logged in, do we need to send the user to the wizard?
         * This should be done only on the first use, indicated by the
         * admin user's password still being set to the default.
         */
        /* If we have a specific page to go to, go there. */
        /* These hooks are for important things, like disabling the site based on criteria. */
        if (!eval(Hooks::get('LOGGED_IN'))) {
            return;
        }
        if (isset($_GET['reloginVars'])) {
            CATSUtility::transferRelativeURI($_GET['reloginVars']);
        }
        /* LOGGED_IN_MESSAGES hooks are only for messages which show up on initial login (warnings, etc) */
        if (!eval(Hooks::get('LOGGED_IN_MESSAGES'))) {
            return;
        } else {
            if ($accessLevel >= ACCESS_LEVEL_SA && $mailerSettingsRS['configured'] == '0') {
                NewVersionCheck::checkForUpdate();
                $this->_template->assign('inputType', 'conclusion');
                $this->_template->assign('title', 'E-Mail Disabled');
                $this->_template->assign('prompt', 'E-mail features are disabled. In order to enable e-mail features (such as e-mail notifications), please configure your e-mail settings by clicking on the Settings tab and then clicking on Administration.');
                $this->_template->assign('action', $this->getAction());
                $this->_template->assign('home', 'home');
                $this->_template->display('./modules/settings/NewInstallWizard.tpl');
            } else {
                if (!eval(Hooks::get('LOGGED_IN_HOME_PAGE'))) {
                    return;
                }
                CATSUtility::transferRelativeURI('m=home');
            }
        }
    }