/
index.php
113 lines (101 loc) · 3.94 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
<?php
// index.php - Welcome screen and login form
//
// SiT (Support Incident Tracker) - Support call tracking system
// Copyright (C) 2000-2009 Salford Software Ltd. and Contributors
//
// This software may be used and distributed according to the terms
// of the GNU General Public License, incorporated herein by reference.
//
// This Page Is Valid XHTML 1.0 Transitional! 31Oct05
if (!@include ('core.php'))
{
$msg = urlencode(base64_encode("Could not find database connection/config information (core.php)"));
header("Location: {$CONFIG['application_webpath']}setup.php?msg={$msg}");
exit;
}
session_name($CONFIG['session_name']);
session_start();
include (APPLICATION_LIBPATH . 'strings.inc.php');
require (APPLICATION_LIBPATH . 'functions.inc.php');
if ($_SESSION['auth'] != TRUE)
{
// External variables
$id = cleanvar($_REQUEST['id']);
$page = urldecode($_REQUEST['page']);
$page = str_replace(':','', $page);
$page = str_replace('//','', $page);
$page = str_replace('..','', $page);
$page = strip_tags($page);
$page = htmlentities($page, ENT_COMPAT, $GLOBALS['i18ncharset']);
// Invalid user, show log in form
include (APPLICATION_INCPATH . 'htmlheader.inc.php');
echo "<p class='error'>If you are not a developer, please under no circumstances run this version of SiT!, it is now destined for 4.0, at best it will be barely be useable, at worst it might injure you.</p>";
if ($id == 1)
{
echo "<p class='error'>";
echo sprintf($strEnterCredentials, $CONFIG['application_shortname']);
echo "</p><br />";
}
if ($id == 2)
{
echo user_alert($strSessionExpired, E_USER_ERROR);
}
if ($id == 3)
{
echo user_alert($strInvalidCredentials, E_USER_ERROR);
}
// Language selector
if (!empty($CONFIG['available_i18n']))
{
$available_languages = i18n_code_to_name($CONFIG['available_i18n']);
}
else
{
$available_languages = available_languages();
}
if (count($available_languages) == 1 AND array_key_exists($CONFIG['default_i18n'], $available_languages))
{
echo "<!-- Language: {$CONFIG['default_i18n']} -->";
}
else
{
$available_languages = array_merge(array('default'=>$strDefault),$available_languages);
echo "<div style='margin-left: auto; margin-right: auto; width: 380px;";
echo " text-align: center; margin-top: 3em;'>";
echo "<form id='langselectform' action='login.php' method='post'>";
echo icon('language', 16, $strLanguage)." <label for='lang'>";
echo "{$strLanguage}</label>: ";
if (!empty($_SESSION['lang'])) $setting = $_SESSION['lang'];
else $setting = 'default';
echo array_drop_down($available_languages, 'lang', $setting, "onchange='this.form.submit();'", TRUE);
echo "</form>";
echo "</div>";
}
echo "<div class='windowbox' style='width: 220px;'>\n";
echo "<div class='windowtitle'>{$CONFIG['application_shortname']} - ";
echo "{$strLogin}</div>\n";
echo "<div class='window'>\n";
echo "<form id='loginform' action='login.php' method='post'>";
echo "<label for='username'>{$strUsername}:<br /><input id='username' ";
echo "name='username' size='28' type='text' /></label><br />";
echo "<label for='password'>{$strPassword}:<br /><input id='password' ";
echo "name='password' size='28' type='password' /></label><br />";
echo "<input type='hidden' name='page' value='$page' />";
echo "<input type='submit' value='{$strLogIn}' /><br />";
echo "<br /><a href='forgotpwd.php'>{$strForgottenDetails}</a>";
if ($CONFIG['portal'] AND $CONFIG['portal_kb_enabled'] == 'Public')
{
echo "<br /><a href='portal/kb.php'>{$strKnowledgeBase}</a>";
}
echo "</form>\n";
echo "</div>\n</div>\n";
include (APPLICATION_INCPATH . 'htmlfooter.inc.php');
}
else
{
// User is validated, jump to main
header("Location: main.php");
exit;
}
?>