interface/login/login.php

   1 <?php
   2 $ignoreAuth=true;
   3 include_once("../globals.php");
   4 include_once("$srcdir/md5.js");
   5 include_once("$srcdir/sql.inc");
   6 ?>
   7 <html>
   8 <head>
   9 <?php html_header_show(); ?>
  10 <link rel=stylesheet href="<?php echo $css_header;?>" type="text/css">
  11
  12 <script language='JavaScript'>
  13
  14 function imsubmitted() {
  15 <?php if (!empty($GLOBALS['restore_sessions'])) { ?>
  16  // Delete the session cookie by setting its expiration date in the past.
  17  // This forces the server to create a new session ID.
  18  var olddate = new Date();
  19  olddate.setFullYear(olddate.getFullYear() - 1);
  20  document.cookie = '<?php echo session_name() . '=' . session_id() ?>; path=/; expires=' + olddate.toGMTString();
  21 <?php } ?>
  22  return true;
  23 }
  24
  25 </script>
  26
  27 </head>
  28 <body <?php echo $login_body_line;?> onload="javascript:document.login_form.authUser.focus();" >
  29
  30 <span class="text"></span>
  31
  32 <center>
  33
  34 <form method="POST" action="../main/main_screen.php?auth=login" target="_top"
  35  name="login_form" onsubmit="return imsubmitted();">
  36
  37 <?php
  38 $res = sqlStatement("select distinct name from groups");
  39 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
  40         $result[$iter] = $row;
  41 if (count($result) == 1) {
  42         $resvalue = $result[0]{"name"};
  43         echo "<input type='hidden' name='authProvider' value='$resvalue' />\n";
  44 }
  45 ?>
  46
  47 <table width=100% height="90%">
  48 <tr>
  49 <td valign=middle width=33%>
  50 <?php echo $logocode;?>
  51 </td>
  52 <td align='center' valign='middle' width=34%>
  53 <table>
  54 <?php if (count($result) != 1) { ?>
  55 <tr>
  56 <td><span class="text"><?php xl('Group:','e'); ?></span></td>
  57 <td>
  58 <select name=authProvider>
  59 <?php
  60         foreach ($result as $iter) {
  61                 echo "<option value='".$iter{"name"}."'>".$iter{"name"}."</option>\n";
  62         }
  63 ?>
  64 </select>
  65 </td></tr>
  66 <?php } ?>
  67
  68 <?php if ($_SESSION['loginfailure'] == 1): ?>
  69 <tr><td colspan='2' class='text' style='color:red'>
  70 Invalid username or password
  71 </td></tr>
  72 <?php endif; ?>
  73
  74 <tr>
  75 <td><span class="text"><?php xl('Username:','e'); ?></span></td>
  76 <td>
  77 <input type="text" size="10" name="authUser">
  78 </td></tr><tr>
  79 <td><span class="text"><?php xl('Password:','e'); ?></span></td>
  80 <td>
  81 <input type="password" size="10" name="clearPass">
  82 </td></tr>
  83 <tr><td>&nbsp;</td><td>
  84 <input type="hidden" name="authPass">
  85 <?php if ($GLOBALS['use_adldap_auth'] == true): ?>
  86 <input type="submit" onClick="javascript:this.form.authPass.value=MD5(this.form.clearPass.value);" value=<?php xl('Login','e');?>>
  87 <?php else: ?>
  88 <input type="submit" onClick="javascript:this.form.authPass.value=MD5(this.form.clearPass.value);this.form.clearPass.value='';" value=<?php xl('Login','e');?>>
  89 <?php endif; ?>
  90 </td></tr>
  91 <tr><td colspan='2' class='text' style='color:red'>
  92 <?php
  93 $ip=$_SERVER['REMOTE_ADDR'];
  94 $query = "select user, date, comments from log where event like 'login' and comments like '%".$ip."' order by date desc limit 1";
  95 $statement = sqlStatement($query);
  96 if ($result = sqlFetchArray($statement)) {
  97         if (strpos($result['comments'],"ailure")) {
  98                 echo $result['user']." attempted unauthorized login on this machine: ".$result['date'];
  99         }
 100 }
 101 ?>
 102 </td></tr>
 103 </table>
 104 </td>
 105 <td width=33%>
 106
 107 <!-- Uncomment this for the OpenEMR demo installation
 108 <p><center>login = admin
 109 <br>password = pass
 110 -->
 111
 112 </center></p>
 113
 114 </td>
 115 </table>
 116
 117 </form>
 118
 119 <address>
 120 <a href="copyright_notice.html" target="main"><?php xl('Copyright Notice','e'); ?></a><br />
 121 </address>
 122
 123 </center>
 124 </body>
 125 </html>