Blame Identity/Models/Html/Mantis/1.1.2-1.fc9/login_page.php

d6e8d8
d6e8d8
# Mantis - a php based bugtracking system
d6e8d8
d6e8d8
# Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
d6e8d8
# Copyright (C) 2002 - 2007  Mantis Team   - mantisbt-dev@lists.sourceforge.net
d6e8d8
d6e8d8
# Mantis is free software: you can redistribute it and/or modify
d6e8d8
# it under the terms of the GNU General Public License as published by
d6e8d8
# the Free Software Foundation, either version 2 of the License, or
d6e8d8
# (at your option) any later version.
d6e8d8
#
d6e8d8
# Mantis is distributed in the hope that it will be useful,
d6e8d8
# but WITHOUT ANY WARRANTY; without even the implied warranty of
d6e8d8
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
d6e8d8
# GNU General Public License for more details.
d6e8d8
#
d6e8d8
# You should have received a copy of the GNU General Public License
d6e8d8
# along with Mantis.  If not, see <http://www.gnu.org/licenses/>.
d6e8d8
d6e8d8
	#------------------------------
d6e8d8
	#   $Revision: 2643 $
d6e8d8
	#     $Author: al $    
d6e8d8
	#       $Date: 2009-06-18 19:06:27 -0400 (Thu, 18 Jun 2009) $                                              
d6e8d8
	#------------------------------
d6e8d8
d6e8d8
	# Login page POSTs results to login.php
d6e8d8
	# Check to see if the user is already logged in
d6e8d8
d6e8d8
	require_once( 'core.php' );
d6e8d8
d6e8d8
	if ( auth_is_user_authenticated() && !current_user_is_anonymous() ) {
d6e8d8
		print_header_redirect( config_get( 'default_home_page' ) );
d6e8d8
	}
d6e8d8
d6e8d8
	$f_error	= gpc_get_bool( 'error' );
d6e8d8
	$f_cookie_error	= gpc_get_bool( 'cookie_error' );
d6e8d8
	$f_return	= gpc_get_string( 'return', '' );
d6e8d8
d6e8d8
	# Check for HTTP_AUTH. HTTP_AUTH is handled in login.php
d6e8d8
d6e8d8
	if ( HTTP_AUTH == config_get( 'login_method' ) ) {
d6e8d8
d6e8d8
		$t_uri = "login.php";
d6e8d8
d6e8d8
		if ( !$f_return && ON == config_get( 'allow_anonymous_login' ) ) {
d6e8d8
			$t_uri = "login_anon.php";
d6e8d8
		}
d6e8d8
d6e8d8
		if ( $f_return ) {
d6e8d8
			$t_uri .= "?return=" . urlencode( $f_return );
d6e8d8
		}
d6e8d8
d6e8d8
		print_header_redirect( $t_uri );
d6e8d8
		exit;
d6e8d8
	}
d6e8d8
d6e8d8
	html_page_top1();
d6e8d8
d6e8d8
	html_page_top2a();
d6e8d8
d6e8d8
	# Display short greeting message
d6e8d8
	# echo lang_get( 'login_page_info' ) . '
';
d6e8d8
d6e8d8
?>
d6e8d8
d6e8d8
d6e8d8
d6e8d8
d6e8d8
	# Only echo error message if error variable is set
d6e8d8
	if ( $f_error ) {
d6e8d8
		print '
';
d6e8d8
		print '

' . lang_get( 'login_error' ) . '

';
d6e8d8
		print '';
d6e8d8
	}
d6e8d8
d6e8d8
	if ( $f_cookie_error ) {
d6e8d8
		print '
';
d6e8d8
		print '

' . lang_get( 'login_cookies_disabled' ) . '

';
d6e8d8
		print '';
d6e8d8
	}
d6e8d8
d6e8d8
?>
d6e8d8
d6e8d8

d6e8d8
d6e8d8
d6e8d8
d6e8d8
d6e8d8
d6e8d8
	# Add Anonymous login link if it is set to ON in the config file.
d6e8d8
	if ( ON == config_get( 'allow_anonymous_login' ) ) {
d6e8d8
		print_bracket_link( 'login_anon.php', lang_get( 'login_anonymously' ) );
d6e8d8
		PRINT '
';
d6e8d8
	}
d6e8d8
d6e8d8
	print_signup_link();
d6e8d8
d6e8d8
	PRINT '
'. "\n";
d6e8d8
d6e8d8
	print_lost_password_link();
d6e8d8
d6e8d8
?>
d6e8d8
d6e8d8
d6e8d8
d6e8d8
d6e8d8
d6e8d8
<form name="login_form" method="post" action="login.php">
d6e8d8
d6e8d8
	
d6e8d8
	if ( !is_blank( $f_return ) ) { ?>
d6e8d8
	<input type="hidden" name="return" value="<?php echo string_html_specialchars( $f_return ) ?>" />
d6e8d8
	
d6e8d8
d6e8d8
	
d6e8d8
d6e8d8
		
d6e8d8
d6e8d8
			
d6e8d8
				:
d6e8d8
			
d6e8d8
d6e8d8
			
d6e8d8
				<input type="text" name="username" size="20" maxlength="32" />
d6e8d8
			
d6e8d8
d6e8d8
		
d6e8d8
d6e8d8
		
d6e8d8
d6e8d8
			
d6e8d8
				:
d6e8d8
			
d6e8d8
d6e8d8
			
d6e8d8
				<input type="password" name="password" size="20" maxlength="32" />
d6e8d8
			
d6e8d8
d6e8d8
		
d6e8d8
d6e8d8
		
d6e8d8
d6e8d8
			
d6e8d8
				:
d6e8d8
			
d6e8d8
d6e8d8
			
d6e8d8
				<input type="checkbox" name="perm_login" />
d6e8d8
			
d6e8d8
d6e8d8
		
d6e8d8
d6e8d8
		
d6e8d8
d6e8d8
			
d6e8d8
d6e8d8
			
d6e8d8
				<input type="submit" class="button" value="<?php echo lang_get( 'login_button' ) ?>" />
d6e8d8
			
d6e8d8
d6e8d8
		
d6e8d8
d6e8d8
	
d6e8d8
d6e8d8
</form>
d6e8d8
d6e8d8
d6e8d8
d6e8d8
	#
d6e8d8
	# Do some checks to warn administrators of possible security holes.
d6e8d8
	# Since this is considered part of the admin-checks, the strings are not translated.
d6e8d8
	#
d6e8d8
d6e8d8
	# Warning, if plain passwords are selected
d6e8d8
	if ( config_get( 'login_method' ) === PLAIN ) {
d6e8d8
		print '

WARNING: Plain password authentication is used, this will expose your passwords to administrators.

';
d6e8d8
	}
d6e8d8
d6e8d8
	# Generate a warning if administrator/root is valid.
d6e8d8
	$t_admin_user_id = user_get_id_by_name( 'administrator' );
d6e8d8
	if ( $t_admin_user_id !== false ) {
d6e8d8
		if ( user_is_enabled( $t_admin_user_id ) && auth_does_password_match( $t_admin_user_id, 'root' ) ) {
d6e8d8
			print '

WARNING: You should disable the default "administrator" account or change its password.

';
d6e8d8
		}
d6e8d8
	}
d6e8d8
d6e8d8
	# Check if the admin directory is available and is readable.
d6e8d8
	$t_admin_dir = dirname( __FILE__ ) . DIRECTORY_SEPARATOR . 'admin' . DIRECTORY_SEPARATOR;
d6e8d8
	if ( 0 && is_dir( $t_admin_dir ) && is_readable( $t_admin_dir ) ) {
d6e8d8
		print '

WARNING: Admin directory should be removed.

' . "\n";
d6e8d8
			
d6e8d8
		# Since admin directory and db_upgrade lists are available check for missing db upgrades	
d6e8d8
		# Check for db upgrade for versions < 1.0.0 using old upgrader
d6e8d8
		$t_db_version = config_get( 'database_version' , 0 );
d6e8d8
d6e8d8
		# if db version is 0, we haven't moved to new installer.
d6e8d8
		if ( $t_db_version == 0 ) {
d6e8d8
d6e8d8
			if ( db_table_exists( config_get( 'mantis_upgrade_table' ) ) ) {
d6e8d8
d6e8d8
				$query = "SELECT COUNT(*) from " . config_get( 'mantis_upgrade_table' ) . ";";
d6e8d8
				$result = db_query( $query );
d6e8d8
d6e8d8
				if ( db_num_rows( $result ) < 1 ) {
d6e8d8
					$t_upgrade_count = 0;
d6e8d8
				} else {
d6e8d8
					$t_upgrade_count = (int)db_result( $result );
d6e8d8
				}
d6e8d8
d6e8d8
			} else {
d6e8d8
d6e8d8
				$t_upgrade_count = 0;
d6e8d8
			}
d6e8d8
d6e8d8
			if ( $t_upgrade_count > 0 ) { # table exists, check for number of updates
d6e8d8
d6e8d8
				if ( file_exists( 'admin/upgrade_inc.php' ) ) {
d6e8d8
d6e8d8
					require_once( 'admin/upgrade_inc.php' );
d6e8d8
d6e8d8
					$t_upgrades_reqd = $upgrade_set->count_items();
d6e8d8
d6e8d8
				} else {
d6e8d8
d6e8d8
					// can't find upgrade file, assume system is up to date
d6e8d8
					$t_upgrades_reqd = $t_upgrade_count;
d6e8d8
				}
d6e8d8
d6e8d8
			} else {
d6e8d8
d6e8d8
				$t_upgrades_reqd = 1000; # arbitrarily large number to force an upgrade
d6e8d8
			}
d6e8d8
d6e8d8
			if ( ( $t_upgrade_count != $t_upgrades_reqd ) &&
d6e8d8
					( $t_upgrade_count != ( $t_upgrades_reqd + 10 ) ) ) { # there are 10 optional data escaping fixes that may be present
d6e8d8
				print '

WARNING: The database structure may be out of date. Please upgrade here before logging in.

';
d6e8d8
			}
d6e8d8
		}
d6e8d8
d6e8d8
		# Check for db upgrade for versions > 1.0.0 using new installer and schema
d6e8d8
		require_once( 'admin/schema.php' );
d6e8d8
		$t_upgrades_reqd = sizeof( $upgrade ) - 1;
d6e8d8
d6e8d8
		if ( ( 0 < $t_db_version ) &&
d6e8d8
				( $t_db_version != $t_upgrades_reqd ) ) {
d6e8d8
d6e8d8
			if ( $t_db_version < $t_upgrades_reqd ) {
d6e8d8
				print '

WARNING: The database structure may be out of date. Please upgrade here before logging in.

';
d6e8d8
			} else {
d6e8d8
				print '

WARNING: The database structure is more up-to-date than the code installed. Please upgrade the code.

';
d6e8d8
			}
d6e8d8
		}
d6e8d8
	}
d6e8d8
?>
d6e8d8
d6e8d8
d6e8d8
d6e8d8
<script type="text/javascript" language="JavaScript">
d6e8d8
d6e8d8
	window.document.login_form.username.focus();
d6e8d8
// -->
d6e8d8
</script>
d6e8d8
d6e8d8
d6e8d8