12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394 |
- <?php
- /**
- * Postfix Admin
- *
- * LICENSE
- * This source file is subject to the GPL license that is bundled with
- * this package in the file LICENSE.TXT.
- *
- * Further details on the project are available at http://postfixadmin.sf.net
- *
- * @version $Id$
- * @license GNU GPL v2 or later.
- *
- * File: login.php
- * Authenticates a user, and populates their $_SESSION as appropriate.
- * Template File: login.tpl
- *
- * Template Variables:
- *
- * none
- *
- * Form POST \ GET Variables:
- *
- * fUsername
- * fPassword
- * token
- * lang
- */
-
- require_once('common.php');
-
- if ($CONF['configured'] !== true) {
- print "Installation not yet configured; please edit config.inc.php or write your settings to config.local.php";
- exit;
- }
-
- check_db_version(); # check if the database layout is up to date (and error out if not)
-
- if ($_SERVER['REQUEST_METHOD'] == "POST") {
- if (safepost('token') != $_SESSION['PFA_token']) {
- die('Invalid token!');
- }
-
- $lang = safepost('lang');
- $fUsername = trim(safepost('fUsername'));
- $fPassword = safepost('fPassword');
-
- if ($lang != check_language(0)) { # only set cookie if language selection was changed
- setcookie('lang', $lang, time() + 60*60*24*30); # language cookie, lifetime 30 days
- # (language preference cookie is processed even if username and/or password are invalid)
- }
-
- $h = new AdminHandler;
- if ($h->login($fUsername, $fPassword)) {
- init_session($fUsername, true);
-
- # they've logged in, so see if they are a domain admin, as well.
-
- if (!$h->init($fUsername)) {
- flash_error($PALANG['pLogin_failed']);
- }
-
- if (!$h->view()) {
- flash_error($PALANG['pLogin_failed']);
- }
-
- $adminproperties = $h->result();
-
- if ($adminproperties['superadmin'] == 1) {
- $_SESSION['sessid']['roles'][] = 'global-admin';
- }
-
- header("Location: main.php");
- exit(0);
- } else { # $h->login failed
- error_log("PostfixAdmin login failed (username: $fUsername, ip_address: {$_SERVER['REMOTE_ADDR']})");
- flash_error($PALANG['pLogin_failed']);
- }
- }
-
-
- session_unset();
- session_destroy();
- session_start();
-
- $_SESSION['PFA_token'] = md5(uniqid(rand(), true));
-
- $smarty->assign('language_selector', language_selector(), false);
- $smarty->assign('smarty_template', 'login');
- $smarty->assign('logintype', 'admin');
- $smarty->assign('forgotten_password_reset', Config::read('forgotten_admin_password_reset'));
- $smarty->display('index.tpl');
-
- /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */
|