login/index.php

   1 <?php
   2
   3 define("context","external");
   4
   5 require_once(dirname(dirname(__FILE__)).'/includes.php');
   6 global $CFG;
   7
   8 $redirect_url = trim(optional_param('passthru_url'));
   9 if (empty($redirect_url) || substr_count($redirect_url,$CFG->wwwroot) == 0) {
  10     $redirect_url = $CFG->wwwroot . "index.php";
  11 }
  12
  13 if (substr_count($redirect_url,$CFG->wwwroot) == 0) {
  14     $redirect_url = substr($CFG->wwwroot,0,strlen($CFG->wwwroot) - 1) . $redirect_url;
  15 }
  16
  17 $redirect_url = str_replace("@","",$redirect_url);
  18
  19 // if we're already logged in, redirect away again.
  20 if (logged_on) {
  21     $messages[] = __gettext("You are already logged on.");
  22     define('redirect_url', $redirect_url);
  23     $_SESSION['messages'] = $messages;
  24     header("Location: " . redirect_url);
  25     exit;
  26 }
  27
  28 $l = optional_param('username');
  29 $p = optional_param('password');
  30
  31 if (!empty($l) && !empty($p)) {
  32     $ok = authenticate_account($l, $p);
  33     if ($ok) {
  34         $messages[] = __gettext("You have been logged on.");
  35         if (md5($p) == md5("password")) {
  36             $messages[] = __gettext("The password for this account is extremely insecure and represents a major security risk. You should change it immediately.");
  37         }
  38         define('redirect_url', $redirect_url);
  39         $_SESSION['messages'] = $messages;
  40         header("Location: " . redirect_url);
  41         exit;
  42     } else {
  43         $messages[] = __gettext("Unrecognised username or password. The system could not log you on, or you may not have activated your account.");
  44     }
  45 } else if (!empty($l) || !empty($p)) { // if ONLY one was entered, make the error message.
  46     $messages[] = __gettext("Either the username or password were not specified. The system could not log you on.");
  47 }
  48
  49 $body = __gettext('Please log in');
  50 templates_page_setup();
  51 // display the form.
  52 echo templates_page_draw( array(
  53                                       sitename,
  54                                       templates_draw(array(
  55                                                            'body' => $body,
  56                                                            'title' => __gettext('Log On'),
  57                                                            'context' => 'contentholder'
  58                                                            )
  59                                                      )
  60                                       )
  61         );
  62
  63 ?>