X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=bin%2Fmozilla%2Flogin.pl;h=82d50d7066b8a2dc9602a2c22a119e8ff4f961e5;hb=fe73e0d261229f181e8133283b530509773d2151;hp=f09b8825835462c1d0e0639216ee57c999774fdf;hpb=40782548cf82ac1e4c0fe417113a4cb3072e9390;p=kivitendo-erp.git diff --git a/bin/mozilla/login.pl b/bin/mozilla/login.pl index f09b88258..82d50d706 100644 --- a/bin/mozilla/login.pl +++ b/bin/mozilla/login.pl @@ -28,219 +28,178 @@ ####################################################################### use DBI; +use SL::Auth; use SL::User; use SL::Form; require "bin/mozilla/common.pl"; +require "bin/mozilla/todo.pl"; -$form = new Form; +use strict; -$locale = new Locale $language, "login"; +# This is required because the am.pl in the root directory +# is not scanned by locales.pl: +# $form->parse_html_template('login/password_error') + +our $form = new Form; + +if (! -f 'config/authentication.pl') { + show_error('login/authentication_pl_missing'); +} + +our $locale = new Locale $main::language, "login"; + +our $auth = SL::Auth->new(); +if (!$auth->session_tables_present()) { + show_error('login/auth_db_unreachable'); +} +$auth->expire_sessions(); +my $session_result = $main::auth->restore_session(); # customization -if (-f "$form->{path}/custom_$form->{script}") { - eval { require "$form->{path}/custom_$form->{script}"; }; +if (-f "bin/mozilla/custom_$form->{script}") { + eval { require "bin/mozilla/custom_$form->{script}"; }; $form->error($@) if ($@); } # per login customization -if (-f "$form->{path}/$form->{login}_$form->{script}") { - eval { require "$form->{path}/$form->{login}_$form->{script}"; }; +if (-f "bin/mozilla/$form->{login}_$form->{script}") { + eval { require "bin/mozilla/$form->{login}_$form->{script}"; }; $form->error($@) if ($@); } # window title bar, user info -$form->{titlebar} = - "Lx-Office " . $locale->text('Version') . " $form->{version}"; +$form->{titlebar} = "Lx-Office " . $locale->text('Version') . " $form->{version}"; -if ($form->{action}) { - $form->{titlebar} .= " - $myconfig{name} - $myconfig{dbname}"; - call_sub($locale->findsub($form->{action})); -} else { - &login_screen; +if (SL::Auth::SESSION_EXPIRED == $session_result) { + $form->{error_message} = $locale->text('The session is invalid or has expired.'); + login_screen(); + exit; } -1; - -sub login_screen { - $lxdebug->enter_sub(); - - if (-f "css/lx-office-erp.css") { - $form->{stylesheet} = "lx-office-erp.css"; - } - - $form->{fokus} = "loginscreen.login"; - $form->header; - - print qq| +my $action = $form->{action}; +if (!$action && $auth->{SESSION}->{login}) { + $action = 'login'; +} - - -

-
-

- - - - - - -

- +if ($action) { + our %myconfig = $auth->read_user($form->{login}) if ($form->{login}); -

+ if (!$myconfig{login} || (SL::Auth::OK != $auth->authenticate($form->{login}, $form->{password}, 0))) { + $form->{error_message} = $locale->text('Incorrect Password!'); + login_screen(); + exit; + } -

{script}> + $auth->set_session_value('login', $form->{login}, 'password', $form->{password}); + $auth->create_or_refresh_session(); - + $form->{titlebar} .= " - $myconfig{name} - $myconfig{dbname}"; + call_sub($locale->findsub($action)); - - - - -

- - - - - - - - - - {path}> -

\| . $locale->text('Login Name') . qq\|
\| . $locale->text('Password') . qq\|

+} else { + login_screen(); +} -
- +1; -

+sub login_screen { + $main::lxdebug->enter_sub(); + my ($msg) = @_; -

+ if (-f "css/lx-office-erp.css") { + $form->{stylesheet} = "lx-office-erp.css"; + } -

+ $form->{msg} = $msg; + $form->header(); - - -|; + print $form->parse_html_template('login/login_screen'); - $lxdebug->leave_sub(); + $main::lxdebug->leave_sub(); } sub login { - $lxdebug->enter_sub(); + $main::lxdebug->enter_sub(); - $form->error($locale->text('You did not enter a name!')) - unless ($form->{login}); + unless ($form->{login}) { + login_screen($locale->text('You did not enter a name!')); + exit; + } - $user = new User $memberfile, $form->{login}; + my $user = new User $form->{login}; # if we get an error back, bale out - if (($errno = $user->login(\%$form, $userspath)) <= -1) { - $errno *= -1; - $err[1] = $err[3] = $locale->text('Incorrect username or password!'); + my $result; + if (($result = $user->login($form)) <= -1) { + exit if $result == -2; + login_screen($locale->text('Incorrect username or password!')); + exit; + } - if ($errno == 2) { - exit; - } + my %style_to_script_map = ( 'v3' => 'v3', + 'neu' => 'new', + 'v4' => 'v4', + 'xml' => 'XML', + ); - $form->error($err[$errno]); - } + my $menu_script = $style_to_script_map{$user->{menustyle}} || ''; # made it this far, execute the menu - if ($user->{menustyle} eq "v3") { - $form->{callback} = - "menuv3.pl?login=$form->{login}&password=$form->{password}&path=$form->{path}&action=display"; - } elsif ($user->{menustyle} eq "neu") { - $form->{callback} = - "menunew.pl?login=$form->{login}&password=$form->{password}&path=$form->{path}&action=display"; - } else { - $form->{callback} = - "menu.pl?login=$form->{login}&password=$form->{password}&path=$form->{path}&action=display"; - } + $form->{callback} = build_std_url("script=menu${menu_script}.pl", 'action=display', "callback=" . $form->escape($form->{callback})); + + $main::auth->set_cookie_environment_variable(); - $form->redirect; + $form->redirect(); - $lxdebug->leave_sub(); + $main::lxdebug->leave_sub(); } sub logout { - $lxdebug->enter_sub(); + $main::lxdebug->enter_sub(); - unlink "$userspath/$form->{login}.conf"; + $main::auth->destroy_session(); # remove the callback to display the message - $form->{callback} = "login.pl?path=$form->{path}&action=&login="; + $form->{callback} = "login.pl?action="; $form->redirect($locale->text('You are logged out!')); - $lxdebug->leave_sub(); + $main::lxdebug->leave_sub(); } sub company_logo { - $lxdebug->enter_sub(); - - require "$userspath/$form->{login}.conf"; - $locale = new Locale $myconfig{countrycode}, "login" - unless ($language eq $myconfig{countrycode}); + $main::lxdebug->enter_sub(); - $myconfig{address} =~ s/\\n/
/g; - $myconfig{dbhost} = $locale->text('localhost') unless $myconfig{dbhost}; + my %myconfig = %main::myconfig; + $locale = new Locale $myconfig{countrycode}, "login" if ($main::language ne $myconfig{countrycode}); - map { $form->{$_} = $myconfig{$_} } qw(charset stylesheet); + $form->{todo_list} = create_todo_list('login_screen' => 1) if (!$form->{no_todo_list}); - $form->{title} = $locale->text('About'); + $form->{stylesheet} = $myconfig{stylesheet}; + $form->{title} = $locale->text('About'); # create the logo screen - $form->header unless $form->{noheader}; - - print qq| - - -

- - -| . $locale->text('Licensed to') . qq| -

- -$myconfig{company} -
$myconfig{address} - - - -
- - - - - - - - - - - - - - - - - - - - - - - -
| . $locale->text('User') . qq| $myconfig{name}
| . $locale->text('Dataset') . qq| $myconfig{dbname}
| . $locale->text('Database Host') . qq| $myconfig{dbhost}
http://lx-office.org
info@lx-office.org
- -

- - - -|; - - $lxdebug->leave_sub(); + $form->header() unless $form->{noheader}; + + print $form->parse_html_template('login/company_logo'); + + $main::lxdebug->leave_sub(); } + +sub show_error { + my $template = shift; + my %myconfig = %main::myconfig; + $locale = Locale->new($main::language, 'all'); + $myconfig{countrycode} = $main::language; + $form->{stylesheet} = 'css/lx-office-erp.css'; + + $form->header(); + print $form->parse_html_template($template); + + # $form->parse_html_template('login/auth_db_unreachable'); + # $form->parse_html_template('login/authentication_pl_missing'); + + exit; +} +

http://lx-office.org
\| . $locale->text('User') . qq\|	$myconfig{name}
\| . $locale->text('Dataset') . qq\|	$myconfig{dbname}
\| . $locale->text('Database Host') . qq\|	$myconfig{dbhost}
info@lx-office.org

| - . $locale->text('Version') . qq| $form->{version} -

| . $locale->text('Version') . qq| $form->{version}