#######################################################################
use DBI;
+use SL::Auth;
use SL::User;
use SL::Form;
+require "bin/mozilla/common.pl";
+require "bin/mozilla/todo.pl";
+
+# This is required because the am.pl in the root directory
+# is not scanned by locales.pl:
+# $form->parse_html_template('login/password_error')
+
$form = new Form;
+if (! -f 'config/authentication.pl') {
+ show_error('login/authentication_pl_missing');
+}
+
$locale = new Locale $language, "login";
+our $auth = SL::Auth->new();
+if (!$auth->session_tables_present()) {
+ show_error('login/auth_db_unreachable');
+}
+$auth->expire_sessions();
+my $session_result = $auth->restore_session();
+
# customization
-if (-f "$form->{path}/custom_$form->{script}") {
- eval { require "$form->{path}/custom_$form->{script}"; };
+if (-f "bin/mozilla/custom_$form->{script}") {
+ eval { require "bin/mozilla/custom_$form->{script}"; };
$form->error($@) if ($@);
}
# per login customization
-if (-f "$form->{path}/$form->{login}_$form->{script}") {
- eval { require "$form->{path}/$form->{login}_$form->{script}"; };
+if (-f "bin/mozilla/$form->{login}_$form->{script}") {
+ eval { require "bin/mozilla/$form->{login}_$form->{script}"; };
$form->error($@) if ($@);
}
# window title bar, user info
-$form->{titlebar} =
- "Lx-Office " . $locale->text('Version') . " $form->{version}";
+$form->{titlebar} = "Lx-Office " . $locale->text('Version') . " $form->{version}";
+
+if (SL::Auth::SESSION_EXPIRED == $session_result) {
+ $form->{error_message} = $locale->text('The session is invalid or has expired.');
+ login_screen();
+ exit;
+}
+
+my $action = $form->{action};
+
+if (!$action && $auth->{SESSION}->{login}) {
+ $action = 'login';
+}
+
+if ($action) {
+ our %myconfig = $auth->read_user($form->{login}) if ($form->{login});
+
+ if (!$myconfig{login} || (SL::Auth::OK != $auth->authenticate($form->{login}, $form->{password}, 0))) {
+ $form->{error_message} = $locale->text('Incorrect Password!');
+ login_screen();
+ exit;
+ }
+
+ $auth->set_session_value('login', $form->{login}, 'password', $form->{password});
+ $auth->create_or_refresh_session();
-if ($form->{action}) {
$form->{titlebar} .= " - $myconfig{name} - $myconfig{dbname}";
- &{ $locale->findsub($form->{action}) };
+ call_sub($locale->findsub($action));
+
} else {
- &login_screen;
+ login_screen();
}
1;
sub login_screen {
$lxdebug->enter_sub();
+ my ($msg) = @_;
if (-f "css/lx-office-erp.css") {
$form->{stylesheet} = "lx-office-erp.css";
}
- $form->{fokus} = "loginscreen.login";
- $form->header;
-
- print qq|
-
-
-<body class=login onLoad="fokus()">
-
-<pre>
-
-</pre>
-
-<center>
-<table class=login border=3 cellpadding=20>
- <tr>
- <td class=login align=center><a href="http://www.lx-office.org" target=_top><img src="image/lx-office-erp.png" border=0></a>
-<h1 class=login align=center>|
- . $locale->text('Version') . qq| $form->{version}
-</h1>
+ $form->{msg} = $msg;
+ $form->header();
-<p>
-
-<form method=post name=loginscreen action=$form->{script}>
-
- <input type="hidden" name="show_dbupdate_warning" value="1">
-
- <table width=100%>
- <tr>
- <td align=center>
- <table>
- <tr>
- <th align=right>| . $locale->text('Login Name') . qq|</th>
- <td><input class=login name=login size=30 tabindex="1"></td>
- </tr>
- <tr>
- <th align=right>| . $locale->text('Password') . qq|</th>
- <td><input class=login type=password name=password size=30 tabindex="2"></td>
- </tr>
- <input type=hidden name=path value=$form->{path}>
- </table>
-
- <br>
- <input type=submit name=action value="| . $locale->text('Login') . qq|" tabindex="3">
-
- </td>
- </tr>
- </table>
-
-</form>
-
- </td>
- </tr>
-</table>
-
-</body>
-</html>
-|;
+ print $form->parse_html_template('login/login_screen');
$lxdebug->leave_sub();
}
sub login {
$lxdebug->enter_sub();
- $form->error($locale->text('You did not enter a name!'))
- unless ($form->{login});
+ unless ($form->{login}) {
+ login_screen($locale->text('You did not enter a name!'));
+ exit;
+ }
- $user = new User $memberfile, $form->{login};
+ $user = new User $form->{login};
# if we get an error back, bale out
- if (($errno = $user->login(\%$form, $userspath)) <= -1) {
- $errno *= -1;
- $err[1] = $err[3] = $locale->text('Incorrect username or password!');
+ if (($result = $user->login($form)) <= -1) {
+ exit if $result == -2;
+ login_screen($locale->text('Incorrect username or password!'));
+ exit;
+ }
- if ($errno == 2) {
- exit;
- }
+ my %style_to_script_map = ( 'v3' => 'v3',
+ 'neu' => 'new',
+ 'v4' => 'v4',
+ 'xml' => 'XML',
+ );
- $form->error($err[$errno]);
- }
+ my $menu_script = $style_to_script_map{$user->{menustyle}} || '';
# made it this far, execute the menu
- if ($user->{menustyle} eq "v3") {
- $form->{callback} =
- "menuv3.pl?login=$form->{login}&password=$form->{password}&path=$form->{path}&action=display";
- } elsif ($user->{menustyle} eq "neu") {
- $form->{callback} =
- "menunew.pl?login=$form->{login}&password=$form->{password}&path=$form->{path}&action=display";
- } else {
- $form->{callback} =
- "menu.pl?login=$form->{login}&password=$form->{password}&path=$form->{path}&action=display";
- }
+ $form->{callback} = build_std_url("script=menu${menu_script}.pl", 'action=display');
+
+ $auth->set_cookie_environment_variable();
- $form->redirect;
+ $form->redirect();
$lxdebug->leave_sub();
}
sub logout {
$lxdebug->enter_sub();
- unlink "$userspath/$form->{login}.conf";
+ $auth->destroy_session();
# remove the callback to display the message
- $form->{callback} = "login.pl?path=$form->{path}&action=&login=";
+ $form->{callback} = "login.pl?action=";
$form->redirect($locale->text('You are logged out!'));
$lxdebug->leave_sub();
sub company_logo {
$lxdebug->enter_sub();
- require "$userspath/$form->{login}.conf";
- $locale = new Locale $myconfig{countrycode}, "login"
- unless ($language eq $myconfig{countrycode});
-
- $myconfig{address} =~ s/\\n/<br>/g;
- $myconfig{dbhost} = $locale->text('localhost') unless $myconfig{dbhost};
+ $locale = new Locale $myconfig{countrycode}, "login" if ($language ne $myconfig{countrycode});
- map { $form->{$_} = $myconfig{$_} } qw(charset stylesheet);
+ $form->{todo_list} = create_todo_list('login_screen' => 1) if (!$form->{no_todo_list});
- $form->{title} = $locale->text('About');
+ $form->{stylesheet} = $myconfig{stylesheet};
+ $form->{title} = $locale->text('About');
# create the logo screen
- $form->header unless $form->{noheader};
-
- print qq|
-<body>
-<center>
-<a href="http://www.lx-office.org" target=_top><img src="image/lx-office-erp.png" border=0></a>
-<h2 class=login>| . $locale->text('Version') . qq| $form->{version}</h2>
-
-| . $locale->text('Licensed to') . qq|
-<p>
-<b>
-$myconfig{company}
-<br>$myconfig{address}
-</b>
-
-
-<br>
-<table border=0>
- <tr>
- <th align=left>| . $locale->text('User') . qq|</th>
- <td>$myconfig{name}</td>
- </tr>
- <tr>
- <th align=left>| . $locale->text('Dataset') . qq|</th>
- <td>$myconfig{dbname}</td>
- </tr>
- <tr>
- <th align=left>| . $locale->text('Database Host') . qq|</th>
- <td>$myconfig{dbhost}</td>
- </tr>
- <tr>
- </tr>
- <tr>
- </tr>
- <tr>
- <th colspan="2" align="center"><a href="http://lx-office.org" target="blank">http://lx-office.org</a></th>
- </tr>
- <tr>
- <th colspan="2" align="center"><a href="mailto:info@lx-office.org" target="blank">info@lx-office.org</a></th>
- </tr>
-</table>
-
-</center>
-
-</body>
-</html>
-|;
+ $form->header() unless $form->{noheader};
+
+ print $form->parse_html_template('login/company_logo');
$lxdebug->leave_sub();
}
+
+sub show_error {
+ my $template = shift;
+ $locale = Locale->new($language, 'all');
+ $myconfig{countrycode} = $language;
+ $form->{stylesheet} = 'css/lx-office-erp.css';
+
+ $form->header();
+ print $form->parse_html_template($template);
+
+ # $form->parse_html_template('login/auth_db_unreachable');
+ # $form->parse_html_template('login/authentication_pl_missing');
+
+ exit;
+}
+
projects / kivitendo-erp.git / blobdiff