2 // This program is free software; you can redistribute it and/or
3 // modify it under the terms of the GNU General Public License
4 // as published by the Free Software Foundation; either version 2
5 // of the License, or (at your option) any later version.
8 include_once("../globals.php");
9 include_once("$srcdir/sha1.js");
10 include_once("$srcdir/sql.inc");
11 include_once("$srcdir/md5.js");
15 <?php
html_header_show(); ?
>
16 <link rel
=stylesheet href
="<?php echo $css_header;?>" type
="text/css">
18 <script language
='JavaScript' src
="../../library/js/jquery-1.4.3.min.js"></script
>
19 <script language
='JavaScript'>
21 //VicarePlus :: Validation function for checking the hashing algorithm used for encrypting password
22 function chk_hash_fn()
24 var str
= document
.forms
[0].authUser
.value
;
26 url
: "validateUser.php?u="+str
,
27 context
: document
.body
,
28 success
: function(data
){
29 if(data
== 0) //VicarePlus :: If the hashing algorithm is 'MD5'
31 document
.forms
[0].authPass
.value
=MD5(document
.forms
[0].clearPass
.value
);
32 document
.forms
[0].authNewPass
.value
=SHA1(document
.forms
[0].clearPass
.value
);
34 else //VicarePlus :: If the hashing algorithm is 'SHA1'
36 document
.forms
[0].authPass
.value
=SHA1(document
.forms
[0].clearPass
.value
);
38 document
.forms
[0].clearPass
.value
='';
39 document
.login_form
.submit();
44 function imsubmitted() {
45 <?php
if (!empty($GLOBALS['restore_sessions'])) { ?
>
46 // Delete the session cookie by setting its expiration date in the past.
47 // This forces the server to create a new session ID.
48 var olddate
= new Date();
49 olddate
.setFullYear(olddate
.getFullYear() - 1);
50 document
.cookie
= '<?php echo session_name() . '=' . session_id() ?>; path=/; expires=' + olddate
.toGMTString();
52 return false; //Currently the submit action is handled by the chk_hash_fn() function itself.
57 <body
<?php
echo $login_body_line;?
> onload
="javascript:document.login_form.authUser.focus();" >
59 <span
class="text"></span
>
63 action
="../main/main_screen.php?auth=login&site=<?php echo htmlspecialchars($_SESSION['site_id']); ?>"
64 target
="_top" name
="login_form" onsubmit
="return imsubmitted();">
68 $res = sqlStatement("select distinct name from groups");
69 for ($iter = 0;$row = sqlFetchArray($res);$iter++
)
70 $result[$iter] = $row;
71 if (count($result) == 1) {
72 $resvalue = $result[0]{"name"};
73 echo "<input type='hidden' name='authProvider' value='$resvalue' />\n";
75 // collect default language id
76 $res2 = sqlStatement("select * from lang_languages where lang_description = '".$GLOBALS['language_default']."'");
77 for ($iter = 0;$row = sqlFetchArray($res2);$iter++
)
78 $result2[$iter] = $row;
79 if (count($result2) == 1) {
80 $defaultLangID = $result2[0]{"lang_id"};
81 $defaultLangName = $result2[0]{"lang_description"};
84 //default to english if any problems
86 $defaultLangName = "English";
88 // set session variable to default so login information appears in default language
89 $_SESSION['language_choice'] = $defaultLangID;
90 // collect languages if showing language menu
91 if ($GLOBALS['language_menu_login']) {
93 // sorting order of language titles depends on language translation options.
94 $mainLangID = empty($_SESSION['language_choice']) ?
'1' : $_SESSION['language_choice'];
95 if ($mainLangID == '1' && !empty($GLOBALS['skip_english_translation']))
97 $sql = "SELECT * FROM lang_languages ORDER BY lang_description, lang_id";
98 $res3=SqlStatement($sql);
101 // Use and sort by the translated language name.
102 $sql = "SELECT ll.lang_id, " .
103 "IF(LENGTH(ld.definition),ld.definition,ll.lang_description) AS trans_lang_description, " .
104 "ll.lang_description " .
105 "FROM lang_languages AS ll " .
106 "LEFT JOIN lang_constants AS lc ON lc.constant_name = ll.lang_description " .
107 "LEFT JOIN lang_definitions AS ld ON ld.cons_id = lc.cons_id AND " .
108 "ld.lang_id = '$mainLangID' " .
109 "ORDER BY IF(LENGTH(ld.definition),ld.definition,ll.lang_description), ll.lang_id";
110 $res3=SqlStatement($sql);
113 for ($iter = 0;$row = sqlFetchArray($res3);$iter++
)
114 $result3[$iter] = $row;
115 if (count($result3) == 1) {
116 //default to english if only return one language
117 echo "<input type='hidden' name='languageChoice' value='1' />\n";
121 echo "<input type='hidden' name='languageChoice' value='".$defaultLangID."' />\n";
125 <table width
=100% height
="90%">
127 <td valign
=middle width
=33%
>
128 <?php
echo $logocode;?
>
130 <td align
='center' valign
='middle' width
=34%
>
132 <?php
if (count($result) != 1) { ?
>
134 <td
><span
class="text"><?php
xl('Group:','e'); ?
></span
></td
>
136 <select name
=authProvider
>
138 foreach ($result as $iter) {
139 echo "<option value='".$iter{"name"}."'>".$iter{"name"}."</option>\n";
146 <?php
if (isset($_SESSION['loginfailure']) && ($_SESSION['loginfailure'] == 1)): ?
>
147 <tr
><td colspan
='2' class='text' style
='color:red'>
148 Invalid username
or password
152 <?php
if (isset($_SESSION['relogin']) && ($_SESSION['relogin'] == 1)): ?
>
153 <tr
><td colspan
='2' class='text' style
='color:red;background-color:#dfdfdf;border:solid 1px #bfbfbf;text-align:center'>
154 <b
><?php
echo xl('Password security has recently been upgraded.'); ?
><br
>
155 <?php
echo xl('Please login again.'); ?
></b
>
156 <?php
unset($_SESSION['relogin']); ?
>
161 <td
><span
class="text"><?php
xl('Username:','e'); ?
></span
></td
>
163 <input type
="text" size
="10" name
="authUser">
165 <td
><span
class="text"><?php
xl('Password:','e'); ?
></span
></td
>
167 <input type
="password" size
="10" name
="clearPass">
171 if ($GLOBALS['language_menu_login']) {
172 if (count($result3) != 1) { ?
>
174 <td
><span
class="text"><?php
xl('Language','e'); ?
>:</span
></td
>
176 <select name
=languageChoice size
="1">
178 echo "<option selected='selected' value='".$defaultLangID."'>" . xl('Default','','',' -') . xl($defaultLangName,'',' ') . "</option>\n";
179 foreach ($result3 as $iter) {
180 if ($GLOBALS['language_menu_showall']) {
181 if ( !$GLOBALS['allow_debug_language'] && $iter[lang_description
] == 'dummy') continue; // skip the dummy language
182 echo "<option value='".$iter['lang_id']."'>".$iter['trans_lang_description']."</option>\n";
185 if (in_array($iter[lang_description
], $GLOBALS['language_menu_show'])) {
186 if ( !$GLOBALS['allow_debug_language'] && $iter['lang_description'] == 'dummy') continue; // skip the dummy language
187 echo "<option value='".$iter['lang_id']."'>" . $iter['trans_lang_description'] . "</option>\n";
196 <tr
><td
> 
;</td
><td
>
197 <input type
="hidden" name
="authPass">
198 <input type
="hidden" name
="authNewPass">
199 <?php
if (isset($GLOBALS['use_adldap_auth']) && ($GLOBALS['use_adldap_auth']== true)): ?
>
200 <!-- ViCareplus
: As per NIST standard
, the SHA1 encryption algorithm is used
-->
201 <input type
="submit" onClick
="javascript:this.form.authPass.value=SHA1(this.form.clearPass.value);" value
=<?php
xl('Login','e');?
>>
203 <input type
="submit" onClick
="chk_hash_fn();" value
=<?php
xl('Login','e');?
>>
206 <tr
><td colspan
='2' class='text' style
='color:red'>
208 $ip=$_SERVER['REMOTE_ADDR'];
210 // The following commented out because it is too slow when the log
211 // table is large. -- Rod 2009-11-11
212 /*********************************************************************
213 $query = "select user, date, comments from log where event like 'login' and comments like '%".$ip."' order by date desc limit 1";
214 $statement = sqlStatement($query);
215 if ($result = sqlFetchArray($statement)) {
216 if (strpos($result['comments'],"ailure")) {
217 echo $result['user']." attempted unauthorized login on this machine: ".$result['date'];
220 *********************************************************************/
228 <!-- Uncomment this
for the OpenEMR demo installation
229 <p
><center
>login
= admin
241 <a href
="../../copyright_notice.html" target
="main"><?php
xl('Copyright Notice','e'); ?
></a
><br
/>
