# Copyright (C) 2014, 2016, 2017 Assaf Gordon # Copyright (C) 2001-2011, 2013, 2017 Sylvain Beucler # Copyright (C) 2013, 2014, 2017-2023 Ineiev # # This file is part of Savane. # # Code written before 2008-03-30 (commit 8b757b2565ff) is distributed # under the terms of the GNU General Public license version 3 or (at your # option) any later version; further contributions are covered by # the GNU Affero General Public license version 3 or (at your option) # any later version. The license notices for the AGPL and the GPL follow. # # Savane is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as # published by the Free Software Foundation, either version 3 of the # License, or (at your option) any later version. # # Savane is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . # # Savane is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as # published by the Free Software Foundation, either version 3 of the # License, or (at your option) any later version. # # Savane is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . require_once('../include/init.php'); require_once('../include/account.php'); require_once('../include/sane.php'); Header("Expires: Wed, 11 Nov 1998 11:11:11 GMT"); Header("Cache-Control: no-cache"); Header("Cache-Control: must-revalidate"); extract (sane_import ('request', ['true' => 'from_brother'])); # Logged users have no business here. if (user_isloggedin() && !$from_brother) session_redirect ($GLOBALS['sys_home'] . "my/"); # Input checks. extract(sane_import('request', [ 'true' => ['brotherhood', 'cookie_for_a_year', 'login', 'cookie_test'], 'name' => 'form_loginname', 'pass' => 'form_pw', 'internal_uri' => 'uri' ] )); $stay_in_ssl = isset ($GLOBALS['sys_https_host']); $uri_enc = utils_urlencode ($uri); # Check cookie support. if (!$from_brother && !isset ($_COOKIE["cookie_probe"])) { if ($cookie_test) { $msg = sprintf ( # TRANSLATORS: the first argument is a domain (like # "savannah.gnu.org" vs. "savannah.nongnu.org"); # the second argument is a URL ("[URL label]" transforms to a link). _("Savane thinks your cookies are not activated for %s. Please activate cookies in your web browser for this website and [%s try to login again]."), $sys_default_domain, $GLOBALS['sys_https_url'] . $GLOBALS['sys_home'] . "account/login.php?uri=$uri" ); fb ($msg, 1); } else { # Attempt to set a cookie to go to a new page to see # if the client will indeed send that cookie. session_cookie ('cookie_probe', 1); # $uri used to be not url-encoded, it caused login problems, # see sr#108277 (https://savannah.gnu.org/support/?108277). header ("Location: login.php?uri=$uri_enc&cookie_test=1"); } } if (!empty ($login)) { if ($from_brother) { extract (sane_import ('get', ['digits' => 'session_uid', 'xdigits' => 'session_hash'] )); } if (isset ($session_uid) && session_exists ($session_uid, $session_hash)) { $GLOBALS['session_hash'] = $session_hash; session_set_new_cookies ($session_uid, $cookie_for_a_year, $stay_in_ssl); $success = 1; } else $success = session_login_valid ($form_loginname, $form_pw, 0, $cookie_for_a_year, 0, $stay_in_ssl); if ($success) { # Set up the theme, if the user has selected any in the user # preferences -- but give priority to a cookie, if set. if (!isset($_COOKIE['SV_THEME'])) { $theme_result = user_get_result_set (user_getid ()); $theme = db_result ($theme_result, 0, 'theme'); if (strlen ($theme) > 0) utils_setcookie ('SV_THEME', $theme, time () + 60*60*24); } # We return to our brother 'my', where we login originally, # unless we are request to go to an uri. if (!$uri) { $uri = $GLOBALS['sys_home'] . 'my/'; $uri_enc = utils_urlencode ($uri); } # If a brother server exists, login there too, if we are not # already coming from there. if (!empty ($GLOBALS['sys_brother_domain']) && $brotherhood) { $root_url = session_issecure ()? "https": "http"; $root_url .= '://' . $GLOBALS['sys_brother_domain']; if (!$from_brother) { # Go there saying hello to your brother. header ( "Location: $root_url{$GLOBALS['sys_home']}" . "/account/login.php?session_uid=" . user_getid() . "&session_hash={$GLOBALS['session_hash']}&login=1" . "&cookie_for_a_year=$cookie_for_a_year&from_brother=1" . "&stay_in_ssl=$stay_in_ssl&brotherhood=1&uri=$uri_enc" ); exit; } else { header ("Location: $root_url$uri"); exit; } } else { # If No brother server exists, just go to 'my' page # unless we are request to go to an uri. # Optionally stay in TLS mode. if ($stay_in_ssl) { # Switch to requested HTTPs mode. header ("Location: {$GLOBALS['sys_https_url']}$uri"); } else { # Stay in current http mode (also avoids mentioning # hostname&port, which can be useful in test # environments with port forwarding). header ("Location: $uri"); } exit; } } # if ($success) } # if (!empty($login)) if (isset($session_hash)) { # Nuke their old session securely. session_delete_cookie ('session_hash'); if (isset ($user_id)) db_execute ("DELETE FROM session WHERE session_hash=? AND user=?", array($session_hash, $user_id)); } site_header (['title' => _("Login")]); if (!empty ($login) && !$success) { if (isset ($GLOBALS['signal_pending_account']) && $GLOBALS['signal_pending_account'] == 1) { print '

' . _("Pending Account") . "

\n"; print '

' . _("Your account is currently pending your email confirmation. Visiting the link sent to you in this email will activate your account.") . "

\n"; print '

[" . _("Resend Confirmation Email") . "]

\n"; } else { # Print helpful error message. print '
'; print '
' . _("Troubleshooting:") . "
\n
  • " . _("Is the “Caps Lock” or “A” light on your keyboard on?") . "
    \n" . _("If so, hit “Caps Lock” key before trying again.") . "
    • \n
  • " . _("Did you forget or misspell your password?") . "
    \n" . utils_link ( 'lostpw.php', _("You can recover your password using the lost password form.") ) . "
    • \n" .'
  • ' . _("Still having trouble?") . "
    \n" . utils_link ( "{$GLOBALS['sys_home']}support/?group=" . $GLOBALS['sys_unix_group_name'], _("Fill a support request.") ) . "
    • \n"; print "
\n
\n"; } } if (isset($GLOBALS['sys_https_host'])) utils_get_content("account/login"); print "
'; print form_input ('hidden', 'uri', $uri); # Shortcuts to New Account and Lost Password have a tabindex superior to # the rest of form, # so they dont mess with the normal order when you press TAB on the keyboard # (login -> password -> post). print '

' . _("Login Name:") . "
  \n"; print " [' . _("No account yet?") . "]

\n"; print '

' . _("Password:") . "
\n  "; print ' ' . '[' . _("Lost your password?") . "]

\n"; $attr_list = ['tabindex' => '1']; if (!isset ($GLOBALS['sys_https_host'])) { print '

'; print _("This server does not encrypt data (no https), so the password you sent may be viewed by other people. Do not use any important passwords.") . "

\n"; } print '

' . form_checkbox ('cookie_for_a_year', $cookie_for_a_year, $attr_list) . '' . _("Remember me") . "
\n"; print '' . _("For a year, your login information will be stored in a cookie. Use this only if you are using your own computer.") . ''; if (!empty ($GLOBALS['sys_brother_domain'])) { print '

' . form_checkbox ('brotherhood', $brotherhood || !$login, $attr_list) . ''; # TRANSLATORS: the argument is a domain (like "savannah.gnu.org" # vs. "savannah.nongnu.org"). printf (_("Login also in %s"), $GLOBALS['sys_brother_domain']); print "
\n"; } print form_footer (_("Login"), 'login'); $HTML->footer ([]); ?>