X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=login.php;h=d398794c4349c89d3368d7f2f14e6b8d7f2c5ac0;hb=a46ca9f2c279305fc8a6c7456e23f4ef46fd6fe4;hp=c9ddc8170167548fe40a2a63e685e9f11128686c;hpb=098a79f0819ebb89b7d48df4a6b154af4560f68e;p=timetracker.git diff --git a/login.php b/login.php index c9ddc817..d398794c 100644 --- a/login.php +++ b/login.php @@ -32,56 +32,51 @@ import('ttTeamHelper'); import('ttUser'); $cl_login = $request->getParameter('login'); +if ($cl_login == null && $request->isGet()) $cl_login = @$_COOKIE['tt_login']; $cl_password = $request->getParameter('password'); -if ($cl_login == null && $request->getMethod() == 'GET') - $cl_login = @$_COOKIE['tt_login']; $form = new Form('loginForm'); $form->addInput(array('type'=>'text','size'=>'25','maxlength'=>'100','name'=>'login','style'=>'width: 220px;','value'=>$cl_login)); -$form->addInput(array('type'=>'text','size'=>'25','maxlength'=>'50','name'=>'password','style'=>'width: 220px;','aspassword'=>true,'value'=>$cl_password)); +$form->addInput(array('type'=>'password','size'=>'25','maxlength'=>'50','name'=>'password','style'=>'width: 220px;','value'=>$cl_password)); $form->addInput(array('type'=>'hidden','name'=>'browser_today','value'=>'')); // User current date, which gets filled in on btn_login click. $form->addInput(array('type'=>'submit','name'=>'btn_login','onclick'=>'browser_today.value=get_date()','value'=>$i18n->getKey('button.login'))); -if ($request->getMethod() == 'POST') { +if ($request->isPost()) { // Validate user input. - if (!ttValidString($cl_login)) $errors->add($i18n->getKey('error.field'), $i18n->getKey('label.login')); - if (!ttValidString($cl_password)) $errors->add($i18n->getKey('error.field'), $i18n->getKey('label.password')); - - if ($errors->isEmpty()) { - // Use the "limit" plugin if we have one. Ignore include errors. + if (!ttValidString($cl_login)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.login')); + if (!ttValidString($cl_password)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.password')); + + if ($err->no()) { + // Use the "limit" plugin if we have one. Ignore include errors. // The "limit" plugin is not required for normal operation of Time Tracker. @include('plugins/limit/access_check.php'); - + if ($auth->doLogin($cl_login, $cl_password)) { // Set current user date (as determined by user browser) into session. $current_user_date = $request->getParameter('browser_today', null); if ($current_user_date) $_SESSION['date'] = $current_user_date; - + // Remember user login in a cookie. setcookie('tt_login', $cl_login, time() + COOKIE_EXPIRE, '/'); - + $user = new ttUser(null, $auth->getUserId()); // Redirect, depending on user role. if ($user->isAdmin()) { header('Location: admin_teams.php'); - exit(); - } - else if ($user->isClient()) { + } elseif ($user->isClient()) { header('Location: reports.php'); - exit(); - } - else { + } else { header('Location: time.php'); - exit(); } + exit(); } else - $errors->add($i18n->getKey('error.auth')); + $err->add($i18n->getKey('error.auth')); } -} +} // isPost if(!isTrue(MULTITEAM_MODE) && !ttTeamHelper::getTeams()) - $errors->add($i18n->getKey('error.no_teams')); + $err->add($i18n->getKey('error.no_teams')); // Determine whether to show login hint. It is currently used only for Windows LDAP authentication. $show_hint = ('ad' == $GLOBALS['AUTH_MODULE_PARAMS']['type']); @@ -93,4 +88,3 @@ $smarty->assign('title', $i18n->getKey('title.login')); $smarty->assign('content_page_name', 'login.tpl'); $smarty->assign('about_text', $i18n->getKey('form.login.about')); $smarty->display('index.tpl'); -?> \ No newline at end of file