if (!include_config_exists('inc_connect')) {
header('Location: install.php');
exit;
}
include_lcm('inc_presentation');
include_lcm('inc_login');
global $lcm_lang_right;
lcm_html_start(_T('login_title_login'), 'login');
echo get_optional_html_login();
// Site name: mandatory
$site_name = _T(read_meta('site_name'));
if (!$site_name) {
$site_name = _T('title_software');
}
// Site description: may be empty
$site_desc = _T(read_meta('site_description'));
echo "\n";
echo "<div align='center'>\n";
echo "<div align='center' id='login_screen'>\n\n";
echo "<h3>" . $site_name;
if ($site_desc) {
echo "<br /><span style='font-size: 80%; font-weight: normal;'>" . $site_desc . "</span>";
}
echo "</h3>\n\n";
show_login('');
echo "\n\n";
echo "</div>\n";
echo "</div>\n\n";
echo "</body>\n</html>\n\n";
lcm_html_end();
function auth()
{
global $INSECURE, $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_COOKIE_VARS, $REMOTE_USER, $PHP_AUTH_USER, $PHP_AUTH_PW;
global $auth_can_disconnect;
global $connect_id_auteur, $connect_nom, $connect_bio, $connect_email;
global $connect_nom_site, $connect_url_site, $connect_login, $connect_pass;
global $connect_activer_imessage, $connect_activer_messagerie;
global $connect_status;
global $author_session, $prefs;
global $clean_link;
// This reloads $GLOBALS['db_ok'], just in case
include_config('inc_connect');
// If there is not SQL connection, quit.
if (!$GLOBALS['db_ok']) {
include_lcm('inc_presentation');
lcm_html_start("Technical problem", "install");
// annoy sql_errno()
echo "\n<!-- \n";
echo "\t* Flag connect: " . $GLOBALS['flag_connect'] . "\n\t";
lcm_query("SELECT count(*) from lcm_meta");
echo "\n-->\n\n";
echo "<div align='left' style='width: 600px;' class='box_error'>\n";
echo "\t<h3>" . _T('title_technical_problem') . "</h3>\n";
echo "\t<p>" . _T('info_technical_problem_database') . "</p>\n";
if (lcm_sql_errno()) {
echo "\t<p><tt>" . lcm_sql_errno() . " " . lcm_sql_error() . "</tt></p>\n";
} else {
echo "\t<p><tt>No error diagnostic was provided.</tt></p>\n";
}
echo "</div>\n";
lcm_html_end();
return false;
}
// Initialise variables (avoid URL hacks)
$auth_login = "";
$auth_pass = "";
$auth_pass_ok = false;
$auth_can_disconnect = false;
// Fetch identification data from authentication session
if (isset($_COOKIE['lcm_session'])) {
if (verifier_session($_COOKIE['lcm_session'])) {
if ($author_session['status'] == 'admin' or $author_session['status'] == 'normal') {
$auth_login = $author_session['username'];
$auth_pass_ok = true;
$auth_can_disconnect = true;
}
}
} else {
if ($_REQUEST['privet'] == 'yes') {
// Failed login attempt: cookie failed
$link = new Link("lcm_cookie.php?cookie_test_failed=yes");
$clean_link->delVar('privet');
$url = str_replace('/./', '/', $clean_link->getUrl());
$link->addVar('var_url', $url);
@header("Location: " . $link->getUrl());
exit;
}
}
// If not authenticated, ask for login / password
if (!$auth_login) {
$url = $clean_link->getUrl();
@header("Location: lcm_login.php?var_url=" . urlencode($url));
exit;
}
//
// Search for the login in the authors' table
//
$auth_login = addslashes($auth_login);
$query = "SELECT * FROM lcm_author WHERE username='******' AND status !='external' AND status !='6forum'";
$result = @lcm_query($query);
if ($row = lcm_fetch_array($result)) {
$connect_id_auteur = $row['id_author'];
$connect_nom = $row['name_first'];
$connect_login = $row['username'];
$connect_pass = $row['password'];
$connect_status = $row['status'];
$connect_activer_messagerie = "non";
//$row["messagerie"];
$connect_activer_imessage = "non ";
//$row["imessage"];
// Set the users' preferences
$prefs = unserialize(get_magic_quotes_runtime() ? stripslashes($row['prefs']) : $row['prefs']);
//
// Default values for some possibly unset preferences
//
if (!isset($prefs['page_rows']) || intval($prefs['page_rows']) < 1) {
$prefs['page_rows'] = 15;
}
if (!isset($prefs['theme']) || !$prefs['theme']) {
$prefs['theme'] = 'green';
}
if (!isset($prefs['screen']) || !$prefs['screen']) {
$prefs['screen'] = 'wide';
}
if (!isset($prefs['font_size']) || !$prefs['font_size']) {
$prefs['font_size'] = 'medium_font';
}
if (!isset($prefs['case_owner']) || !$prefs['case_owner']) {
$prefs['case_owner'] = 'my';
}
if (!isset($prefs['case_period']) || !$prefs['case_period']) {
$prefs['case_period'] = '91';
}
if (!isset($prefs['mode']) || !$prefs['mode']) {
$prefs['mode'] = 'simple';
}
if (!isset($prefs['time_intervals']) || !$prefs['time_intervals']) {
$prefs['time_intervals'] = 'relative';
$prefs['time_intervals_notation'] = 'hours_only';
}
} else {
// This case is a strange possibility: the author is authentified
// OK, but he does not exist in the authors table. Possible cause:
// the database was restaured and the author does not exist (and
// the user was authentified by another source, such as LDAP).
// Note: we use to show a strange error message which would advice
// to logout, but since it occurs only after db upgrade, just logout
// brutally (with cookie_admin=no to forget the username).
lcm_header('Location: lcm_cookie.php?cookie_admin=no&logout=' . $auth_login);
exit;
}
if (!$auth_pass_ok) {
@header("Location: lcm_login.php?var_erreur=pass");
exit;
}
// [ML] Again, not sure how this is used, but we can ignore it for now
// TODO (note: nouveau == new)
if ($connect_status == 'nouveau') {
$query = "UPDATE lcm_author SET status = 'normal' WHERE id_author = {$connect_id_auteur}";
$result = lcm_query($query);
$connect_status = 'normal';
}
// PHP sessions are started here, and stopped at logout
session_start();
return true;
}
function lcm_page_end($credits = '')
{
global $lcm_version_shown;
global $connect_id_auteur;
global $author_session;
global $find_org_string;
global $find_case_string;
global $find_client_string;
global $prefs;
//[KM] The bottom of a single page
//
echo "\n\t\t\t\t<!-- End of 'main_column' content -->\n\t\t\t\t</div>\n\t\t\t</div>\n\t\t</div>\n";
// [KM] The right and the left column can be very long, so, we can put here a
// lot of additional information, some tiny help hints and so.
echo "<div id=\"prefs_column\">\n";
echo "<!-- Start of 'prefs_column' content -->\n";
// Checking for "wide/narrow" user screen
if ($prefs['screen'] == "wide") {
echo "<div class=\"prefs_column_menu_head\">\n\t\t\t\t<div class=\"sm_profile\">" . _T('menu_profile') . "</div>\n\t\t\t</div>\n\t\t\t<p class=\"prefs_column_text\">" . '<a href="author_det.php?author=' . $author_session['id_author'] . '" class="prefs_normal_lnk"' . ' title="' . _T('case_tooltip_view_author_details', array('author' => htmlspecialchars(get_person_name($author_session)))) . '">' . get_person_name($author_session) . "</a><br /><br />\n\t\t\t<a href=\"config_author.php\" class=\"prefs_myprefs\">" . _T('menu_profile_preferences') . "</a><br /><br />\n\t\t\t<a href=\"lcm_cookie.php?logout=" . htmlspecialchars($author_session['username']) . "\" class=\"prefs_logout\" title=\"" . _T('menu_profile_logout_tooltip') . "\">" . _T('menu_profile_logout') . "</a>\n\t\t\t</p><br />\n\t\t\t<div class=\"prefs_column_menu_head\">\n\t\t\t\t<div class=\"sm_search\">" . _T('menu_search') . "</div>\n\t\t\t</div>\n";
//
// Search/find boxes
//
show_find_box('case', $find_case_string, '', 'narrow');
show_find_box('client', $find_client_string, '', 'narrow');
show_find_box('org', $find_org_string, '', 'narrow');
echo "<br />\n\t\t\t<div class=\"prefs_column_menu_head\"><div class=\"sm_font_size\">" . _T('menu_fontsize') . "</div>\n\t\t\t</div>\n\t\t\t<ul class=\"font_size_buttons\">\n\t\t\t\t<li><a href=\"javascript:;\" title=\"Small Text\" onclick=\"setActiveStyleSheet('small_font')\">A-</a></li>\n\t\t\t\t<li><a href=\"javascript:;\" title=\"Normal Text\" onclick=\"setActiveStyleSheet('medium_font')\">A</a></li>\n\t\t\t\t<li><a href=\"javascript:;\" title=\"Large Text\" onclick=\"setActiveStyleSheet('large_font')\">A+</a></li>\n\t\t\t</ul>\n";
} else {
// Data from the refs_column - user name, links [My preferences] & [Logout]
echo "<div id=\"user_info_box_large_screen\">";
echo "<p class=\"prefs_column_text\">" . '<a href="author_det.php?author=' . $author_session['id_author'] . '" class="prefs_normal_lnk"' . ' title="' . _T('case_tooltip_view_author_details', array('author' => htmlspecialchars(get_person_name($author_session)))) . '">' . get_person_name($author_session) . "</a><br /><br />\n\t\t\t<a href=\"config_author.php\" class=\"prefs_myprefs\">" . _T('menu_profile_preferences') . "</a><br /><br /><a href=\"javascript:;\" title=\"Small Text\" onclick=\"setActiveStyleSheet('small_font')\" class=\"set_fnt_sz\"> A- </a> \n\t\t\t\t<a href=\"javascript:;\" title=\"Normal Text\" onclick=\"setActiveStyleSheet('medium_font')\" class=\"set_fnt_sz\"> A </a> \n\t\t\t\t<a href=\"javascript:;\" title=\"Large Text\" onclick=\"setActiveStyleSheet('large_font')\" class=\"set_fnt_sz\"> A+ </a> " . "<a href=\"lcm_cookie.php?logout=" . htmlspecialchars($author_session['username']) . "\" class=\"prefs_logout\" title=\"" . _T('menu_profile_logout_tooltip') . "\">" . _T('menu_profile_logout') . "</a>\n\t\t\t</p>";
// TRAD (Small, Normal, Large text)
echo "</div>";
}
echo "<!-- End of \"prefs_column\" content -->\n";
echo "</div>\n";
//just test...
echo "<div class=\"clearing\"> </div>\n";
echo "</div>\n";
if ($prefs['screen'] == "narrow") {
echo '<div id="footer_narrow">
<div class="prefs_column_menu_head"><div class="sm_search">' . _T('menu_search') . "</div></div>\n\t\t<table border=\"0\" align=\"center\" width=\"100%\">\n\t\t\t<tr>\n\t\t\t\t<td align=\"left\" width=\"33%\" valign=\"top\">\n";
//
// Search/find boxes
//
show_find_box('case', $find_case_string, '', 'narrow');
echo "</td>\n";
echo '<td align="left" width="33%" valign="top">';
show_find_box('client', $find_client_string, '', 'narrow');
echo "</td>\n";
echo '<td align="left" width="33%" valign="top">';
show_find_box('org', $find_org_string, '', 'narrow');
echo "</td>\n\t\t\t</tr>\n\t\t</table>\n\t\t</div><br />\n";
}
echo "<div id=\"footer\">" . _T('title_software') . " (" . $lcm_version_shown . ")<br/> ";
echo _T('info_free_software', array('distributed' => '<a href="http://www.lcm.ngo-bg.org/" class="prefs_normal_lnk">' . _T('info_free_software1') . '</a>', 'license' => lcm_help_string('about_license', _T('info_free_software2')))) . "</div>\n";
if ($GLOBALS['debug']) {
echo "<p align='left'>Debug (" . $GLOBALS['debug'] . "): SQL Queries: " . $GLOBALS['db_query_count'] . "</p>\n";
}
echo "</body>\n";
echo "</html>\n";
// [ML] Off-topic note, seen while removing code:
// http://www.dynamicdrive.com/dynamicindex11/abox.htm
lcm_html_end();
}