X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=login.php;h=d398794c4349c89d3368d7f2f14e6b8d7f2c5ac0;hb=3f7ed883e1c7d75aacc49900b403f8e84a68dc3f;hp=a6195b28617f78789bc9aa38d447bead4ce2ba8b;hpb=5ef582473f6b329be18ad83c61e053fdcd9c6ed5;p=timetracker.git diff --git a/login.php b/login.php index a6195b28..d398794c 100644 --- a/login.php +++ b/login.php @@ -32,56 +32,51 @@ import('ttTeamHelper'); import('ttUser'); $cl_login = $request->getParameter('login'); +if ($cl_login == null && $request->isGet()) $cl_login = @$_COOKIE['tt_login']; $cl_password = $request->getParameter('password'); -if ($cl_login == null && $request->getMethod() == 'GET') - $cl_login = @$_COOKIE['tt_login']; $form = new Form('loginForm'); $form->addInput(array('type'=>'text','size'=>'25','maxlength'=>'100','name'=>'login','style'=>'width: 220px;','value'=>$cl_login)); -$form->addInput(array('type'=>'text','size'=>'25','maxlength'=>'50','name'=>'password','style'=>'width: 220px;','aspassword'=>true,'value'=>$cl_password)); +$form->addInput(array('type'=>'password','size'=>'25','maxlength'=>'50','name'=>'password','style'=>'width: 220px;','value'=>$cl_password)); $form->addInput(array('type'=>'hidden','name'=>'browser_today','value'=>'')); // User current date, which gets filled in on btn_login click. $form->addInput(array('type'=>'submit','name'=>'btn_login','onclick'=>'browser_today.value=get_date()','value'=>$i18n->getKey('button.login'))); -if ($request->getMethod() == 'POST') { +if ($request->isPost()) { // Validate user input. - if (!ttValidString($cl_login)) $errors->add($i18n->getKey('error.field'), $i18n->getKey('label.login')); - if (!ttValidString($cl_password)) $errors->add($i18n->getKey('error.field'), $i18n->getKey('label.password')); - - if ($errors->isEmpty()) { - // Use the "limit" plugin if we have one. Ignore include errors. + if (!ttValidString($cl_login)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.login')); + if (!ttValidString($cl_password)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.password')); + + if ($err->no()) { + // Use the "limit" plugin if we have one. Ignore include errors. // The "limit" plugin is not required for normal operation of Time Tracker. @include('plugins/limit/access_check.php'); - + if ($auth->doLogin($cl_login, $cl_password)) { // Set current user date (as determined by user browser) into session. $current_user_date = $request->getParameter('browser_today', null); if ($current_user_date) $_SESSION['date'] = $current_user_date; - + // Remember user login in a cookie. setcookie('tt_login', $cl_login, time() + COOKIE_EXPIRE, '/'); - + $user = new ttUser(null, $auth->getUserId()); // Redirect, depending on user role. if ($user->isAdmin()) { header('Location: admin_teams.php'); - exit(); - } - else if ($user->isClient()) { + } elseif ($user->isClient()) { header('Location: reports.php'); - exit(); - } - else { + } else { header('Location: time.php'); - exit(); } + exit(); } else - $errors->add($i18n->getKey('error.auth')); + $err->add($i18n->getKey('error.auth')); } -} +} // isPost if(!isTrue(MULTITEAM_MODE) && !ttTeamHelper::getTeams()) - $errors->add($i18n->getKey('error.no_teams')); + $err->add($i18n->getKey('error.no_teams')); // Determine whether to show login hint. It is currently used only for Windows LDAP authentication. $show_hint = ('ad' == $GLOBALS['AUTH_MODULE_PARAMS']['type']);