Пример #1
0
    $smarty = new TLSmarty();
    $smarty->assign('title', lang_get('fatal_page_title'));
    $smarty->assign('content', $op['dbms_msg']);
    $smarty->display('workAreaSimple.tpl');
    tLog('Connection fail page shown.', 'ERROR');
    exit;
}
$args = init_args();
$gui = init_gui($db, $args);
switch ($args->action) {
    case 'doLogin':
    case 'ajaxlogin':
        doSessionStart();
        unset($_SESSION['basehref']);
        setPaths();
        $op = doAuthorize($db, $args->login, $args->pwd);
        if ($op['status'] < tl::OK) {
            $gui->note = is_null($op['msg']) ? lang_get('bad_user_passwd') : $op['msg'];
            if ($args->action == 'ajaxlogin') {
                echo json_encode(array('success' => false, 'reason' => $gui->note));
            } else {
                $doRender = true;
            }
        } else {
            $args->currentUser = $_SESSION['currentUser'];
            logAuditEvent(TLS("audit_login_succeeded", $args->login, $_SERVER['REMOTE_ADDR']), "LOGIN", $args->currentUser->dbID, "users");
            if ($args->action == 'ajaxlogin') {
                echo json_encode(array('success' => true));
            } else {
                redirect($_SESSION['basehref'] . "index.php" . ($args->preqURI ? "?reqURI=" . urlencode($args->preqURI) : ""));
            }
Пример #2
0
$doRenderLoginScreen = false;
$doAuthPostProcess = false;
doDBConnect($db, database::ONERROREXIT);
$args = init_args();
$gui = init_gui($db, $args);
// if these checks fail => we will redirect to login screen with some message
doBlockingChecks($db, $gui);
switch ($args->action) {
    case 'doLogin':
    case 'ajaxlogin':
        doSessionStart(true);
        // When doing ajax login we need to skip control regarding session already open
        // that we use when doing normal login.
        // If we do not proceed this way we will enter an infinite loop
        $options = array('doSessionExistsCheck' => $args->action == 'doLogin');
        $op = doAuthorize($db, $args->login, $args->pwd, $options);
        $doAuthPostProcess = true;
        break;
    case 'ajaxcheck':
        processAjaxCheck($db);
        break;
    case 'loginform':
        $doRenderLoginScreen = true;
        // unfortunatelly we use $args->note in order to do some logic.
        if (trim($args->note) == "" && $gui->authCfg['SSO_enabled'] && $gui->authCfg['SSO_method'] == 'CLIENT_CERTIFICATE') {
            doSessionStart(true);
            $op = doSSOClientCertificate($db, $_SERVER, $gui->authCfg);
            $doAuthPostProcess = true;
        }
        break;
}