search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix for deleting payments via the Front Office Receipts report.
[openemr.git] / interface / login / login.php
blob1d9cfcc4b883bb7c39b87f2c9ff78a31bf65217d
1 <?php
2 // This program is free software; you can redistribute it and/or
3 // modify it under the terms of the GNU General Public License
4 // as published by the Free Software Foundation; either version 2
5 // of the License, or (at your option) any later version.
6
7 $ignoreAuth=true;
8 include_once("../globals.php");
9 include_once("$srcdir/sha1.js");
10 include_once("$srcdir/sql.inc");
11 include_once("$srcdir/md5.js");
12 ?>
13 <html>
14 <head>
15 <?php html_header_show(); ?>
16 <link rel=stylesheet href="<?php echo $css_header;?>" type="text/css">
17 <link rel=stylesheet href="../themes/login.css" type="text/css">
18
19 <script language='JavaScript' src="../../library/js/jquery-1.4.3.min.js"></script>
20 <script language='JavaScript'>
21
22 //VicarePlus :: Validation function for checking the hashing algorithm used for encrypting password
23 function chk_hash_fn()
24 {
25 var str = document.forms[0].authUser.value;
26 $.ajax({
27 url: "validateUser.php?u="+str,
28 context: document.body,
29 success: function(data){
30 if(data == 0) //VicarePlus :: If the hashing algorithm is 'MD5'
31 {
32 document.forms[0].authPass.value=MD5(document.forms[0].clearPass.value);
33 document.forms[0].authNewPass.value=SHA1(document.forms[0].clearPass.value);
34 }
35 else //VicarePlus :: If the hashing algorithm is 'SHA1'
36 {
37 document.forms[0].authPass.value=SHA1(document.forms[0].clearPass.value);
38 }
39 document.forms[0].clearPass.value='';
40 document.login_form.submit();
41 }
42 });
43 }
44
45 function imsubmitted() {
46 <?php if (!empty($GLOBALS['restore_sessions'])) { ?>
47 // Delete the session cookie by setting its expiration date in the past.
48 // This forces the server to create a new session ID.
49 var olddate = new Date();
50 olddate.setFullYear(olddate.getFullYear() - 1);
51 document.cookie = '<?php echo session_name() . '=' . session_id() ?>; path=/; expires=' + olddate.toGMTString();
52 <?php } ?>
53 return false; //Currently the submit action is handled by the chk_hash_fn() function itself.
54 }
55 </script>
56
57 </head>
58 <body <?php echo $login_body_line;?> onload="javascript:document.login_form.authUser.focus();" >
59
60 <span class="text"></span>
61 <center>
62
63 <form method="POST"
64 action="../main/main_screen.php?auth=login&site=<?php echo htmlspecialchars($_SESSION['site_id']); ?>"
65 target="_top" name="login_form" onsubmit="return imsubmitted();">
66
67 <?php
68 // collect groups
69 $res = sqlStatement("select distinct name from groups");
70 for ($iter = 0;$row = sqlFetchArray($res);$iter++)
71 $result[$iter] = $row;
72 if (count($result) == 1) {
73 $resvalue = $result[0]{"name"};
74 echo "<input type='hidden' name='authProvider' value='$resvalue' />\n";
75 }
76 // collect default language id
77 $res2 = sqlStatement("select * from lang_languages where lang_description = '".$GLOBALS['language_default']."'");
78 for ($iter = 0;$row = sqlFetchArray($res2);$iter++)
79 $result2[$iter] = $row;
80 if (count($result2) == 1) {
81 $defaultLangID = $result2[0]{"lang_id"};
82 $defaultLangName = $result2[0]{"lang_description"};
83 }
84 else {
85 //default to english if any problems
86 $defaultLangID = 1;
87 $defaultLangName = "English";
88 }
89 // set session variable to default so login information appears in default language
90 $_SESSION['language_choice'] = $defaultLangID;
91 // collect languages if showing language menu
92 if ($GLOBALS['language_menu_login']) {
93
94 // sorting order of language titles depends on language translation options.
95 $mainLangID = empty($_SESSION['language_choice']) ? '1' : $_SESSION['language_choice'];
96 if ($mainLangID == '1' && !empty($GLOBALS['skip_english_translation']))
97 {
98 $sql = "SELECT * FROM lang_languages ORDER BY lang_description, lang_id";
99 $res3=SqlStatement($sql);
100 }
101 else {
102 // Use and sort by the translated language name.
103 $sql = "SELECT ll.lang_id, " .
104 "IF(LENGTH(ld.definition),ld.definition,ll.lang_description) AS trans_lang_description, " .
105 "ll.lang_description " .
106 "FROM lang_languages AS ll " .
107 "LEFT JOIN lang_constants AS lc ON lc.constant_name = ll.lang_description " .
108 "LEFT JOIN lang_definitions AS ld ON ld.cons_id = lc.cons_id AND " .
109 "ld.lang_id = '$mainLangID' " .
110 "ORDER BY IF(LENGTH(ld.definition),ld.definition,ll.lang_description), ll.lang_id";
111 $res3=SqlStatement($sql);
112 }
113
114 for ($iter = 0;$row = sqlFetchArray($res3);$iter++)
115 $result3[$iter] = $row;
116 if (count($result3) == 1) {
117 //default to english if only return one language
118 echo "<input type='hidden' name='languageChoice' value='1' />\n";
119 }
120 }
121 else {
122 echo "<input type='hidden' name='languageChoice' value='".$defaultLangID."' />\n";
123 }
124 ?>
125
126 <table width="100%" height="90%">
127 <td align='center' valign='middle' width='34%'>
128 <div class="login-box">
129 <div class="logo-left"><?php echo $logocode;?></div>
130
131 <div class="table-right">
132 <table width="100%">
133 <?php if (count($result) != 1) { ?>
134 <tr>
135 <td><span class="text"><?php xl('Group:','e'); ?></span></td>
136 <td>
137 <select name=authProvider>
138 <?php
139 foreach ($result as $iter) {
140 echo "<option value='".$iter{"name"}."'>".$iter{"name"}."</option>\n";
141 }
142 ?>
143 </select>
144 </td></tr>
145 <?php } ?>
146
147 <?php if (isset($_SESSION['loginfailure']) && ($_SESSION['loginfailure'] == 1)): ?>
148 <tr><td colspan='2' class='text' style='color:red'>
149 Invalid username or password
150 </td></tr>
151 <?php endif; ?>
152
153 <?php if (isset($_SESSION['relogin']) && ($_SESSION['relogin'] == 1)): ?>
154 <tr><td colspan='2' class='text' style='color:red;background-color:#dfdfdf;border:solid 1px #bfbfbf;text-align:center'>
155 <b><?php echo xl('Password security has recently been upgraded.'); ?><br>
156 <?php echo xl('Please login again.'); ?></b>
157 <?php unset($_SESSION['relogin']); ?>
158 </td></tr>
159 <?php endif; ?>
160
161 <tr>
162 <td><span class="text"><?php xl('Username:','e'); ?></span></td>
163 <td>
164 <input class="entryfield" type="text" size="10" name="authUser">
165 </td></tr><tr>
166 <td><span class="text"><?php xl('Password:','e'); ?></span></td>
167 <td>
168 <input class="entryfield" type="password" size="10" name="clearPass">
169 </td></tr>
170
171 <?php
172 if ($GLOBALS['language_menu_login']) {
173 if (count($result3) != 1) { ?>
174 <tr>
175 <td><span class="text"><?php xl('Language','e'); ?>:</span></td>
176 <td>
177 <select class="entryfield" name=languageChoice size="1">
178 <?php
179 echo "<option selected='selected' value='".$defaultLangID."'>" . xl('Default','','',' -') . xl($defaultLangName,'',' ') . "</option>\n";
180 foreach ($result3 as $iter) {
181 if ($GLOBALS['language_menu_showall']) {
182 if ( !$GLOBALS['allow_debug_language'] && $iter[lang_description] == 'dummy') continue; // skip the dummy language
183 echo "<option value='".$iter['lang_id']."'>".$iter['trans_lang_description']."</option>\n";
184 }
185 else {
186 if (in_array($iter[lang_description], $GLOBALS['language_menu_show'])) {
187 if ( !$GLOBALS['allow_debug_language'] && $iter['lang_description'] == 'dummy') continue; // skip the dummy language
188 echo "<option value='".$iter['lang_id']."'>" . $iter['trans_lang_description'] . "</option>\n";
189 }
190 }
191 }
192 ?>
193 </select>
194 </td></tr>
195 <?php }} ?>
196
197 <tr><td>&nbsp;</td><td>
198 <input type="hidden" name="authPass">
199 <input type="hidden" name="authNewPass">
200 <?php if (isset($GLOBALS['use_adldap_auth']) && ($GLOBALS['use_adldap_auth']== true)): ?>
201 <!-- ViCareplus : As per NIST standard, the SHA1 encryption algorithm is used -->
202 <input class="button large" type="submit" onClick="javascript:this.form.authPass.value=SHA1(this.form.clearPass.value);" value="<?php xl('Login','e');?>">
203 <?php else: ?>
204 <input class="button large" type="submit" onClick="chk_hash_fn();" value="<?php xl('Login','e');?>">
205 <?php endif; ?>
206 </td></tr>
207 <tr><td colspan='2' class='text' style='color:red'>
208 <?php
209 $ip=$_SERVER['REMOTE_ADDR'];
210
211 // The following commented out because it is too slow when the log
212 // table is large. -- Rod 2009-11-11
213 /*********************************************************************
214 $query = "select user, date, comments from log where event like 'login' and comments like '%".$ip."' order by date desc limit 1";
215 $statement = sqlStatement($query);
216 if ($result = sqlFetchArray($statement)) {
217 if (strpos($result['comments'],"ailure")) {
218 echo $result['user']." attempted unauthorized login on this machine: ".$result['date'];
219 }
220 }
221 *********************************************************************/
222
223 ?>
224 </div>
225 </td></tr>
226 </table>
227
228 </div>
229 <div style="clear: both;"> </div>
230 <div class="version">
231 <?php echo "v$openemr_version" ?> | <a href="../../acknowledge_license_cert.html" target="main"><?php xl('Acknowledgments, Licensing and Certification','e'); ?></a>
232 </div>
233 </div>
234 <div class="demo">
235 <!-- Uncomment this for the OpenEMR demo installation
236 <p><center>login = admin
237 <br>password = pass
238 -->
239 </div>
240 </td>
241 </tr>
242 </table>
243 </form>
244 </center>
245 </body>
246 </html>
Mirror of official OpenEMR Sourceforge repository