login.php3 4.12 KB
Newer Older
1 2
<?php
#
Leigh Stoller's avatar
Leigh Stoller committed
3
# EMULAB-COPYRIGHT
4
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
Leigh Stoller's avatar
Leigh Stoller committed
5 6
# All rights reserved.
#
7 8
require("defs.php3");

Leigh Stoller's avatar
Leigh Stoller committed
9 10 11 12 13 14 15 16 17 18 19 20 21 22
# Page arguments. First two are for verification passthru.
$key	   = $_GET['key'];
$vuid      = $_GET['vuid'];
# Allow adminmode to be passed along to new login. Handy for letting admins
# log in when NOLOGINS() is on. 
$adminmode = $_GET['adminmode'];
# Form arguments.
$login     = $_POST['login'];
$uid       = $_POST['uid'];
$password  = $_POST['password'];
# Allow referrer to be passed along to new login.
$referrer  = $_POST['referrer'];

# See if referrer page requested that it be passed along so that it can be
23
# redisplayed after login. Save the referrer for form below.
Leigh Stoller's avatar
Leigh Stoller committed
24 25 26
if (isset($_GET['refer']) && $_GET['refer'] &&
    isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER'] != "") {
    $referrer = $_SERVER['HTTP_REFERER'];
27
}
28

29
#
30 31 32
# Must not be logged in already!
# 
if (($known_uid = GETUID()) != FALSE) {
33 34
    if (CHECKLOGIN($known_uid) & CHECKLOGIN_LOGGEDIN) {
	#
Leigh Stoller's avatar
Leigh Stoller committed
35 36
	# If doing a verification for the logged in user, zap to that page.
	# If doing a verification for another user, then must login in again.
37
	#
Leigh Stoller's avatar
Leigh Stoller committed
38
	if (isset($key) && (!isset($vuid) || $vuid == $known_uid)) {
39 40 41 42
	    header("Location: $TBBASE/verifyusr.php3?key=$key");
	    return;
	}

43 44 45 46 47 48 49 50 51
	PAGEHEADER("Login");

	echo "<h3>
              You are still logged in. Please log out first if you want
              to log in as another user!
              </h3>\n";
	    
	PAGEFOOTER();
	die("");
52 53
    }
}
54 55 56 57

#
# Spit out the form.
# 
58
function SPITFORM($uid, $key, $referrer, $failed, $adminmode)
59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78
{
    global $TBDB_UIDLEN, $TBBASE;
    
    PAGEHEADER("Login");

    if ($failed) {
	echo "<center>
              <font size=+1 color=red>
	      Login attempt failed! Please try again.
              </font>
              </center><br>\n";
    }

    echo "<center>
          <font size=+1>
          Please login to our secure server.<br>
          (You must have cookies enabled)
          </font>
          </center>\n";

Leigh Stoller's avatar
Leigh Stoller committed
79 80 81
    $pagearg = "";
    if ($adminmode == 1)
	$pagearg  = "?adminmode=1";
82
    if ($key)
Leigh Stoller's avatar
Leigh Stoller committed
83
	$pagearg .= "&key=$key";
84

85
    echo "<table align=center border=1>
Leigh Stoller's avatar
Leigh Stoller committed
86
          <form action='${TBBASE}/login.php3${pagearg}' method=post>
87 88 89 90 91 92
          <tr>
              <td>Username:</td>
              <td><input type=text
                         value=\"$uid\"
                         name=uid size=$TBDB_UIDLEN></td>
          </tr>
93
          <tr>
94 95 96 97 98 99
              <td>Password:</td>
              <td><input type=password name=password size=12></td>
          </tr>
          <tr>
             <td align=center colspan=2>
                 <b><input type=submit value=Login name=login></b></td>
100 101 102 103 104 105 106
          </tr>\n";
    
    if ($referrer) {
	echo "<input type=hidden name=referrer value=$referrer>\n";
    }

    echo "</form>
107 108 109 110 111
          </table>\n";

    echo "<center><h2>
          <a href='password.php3'>Forgot your password?</a>
          </h2></center>\n";
112 113
}

114 115 116 117
#
# If not clicked, then put up a form.
#
if (! isset($login)) {
Leigh Stoller's avatar
Leigh Stoller committed
118 119 120
    # Allow page arg to override what we think is the UID to log in as. 
    SPITFORM((isset($vuid) ? $vuid : $known_uid),
	     $key, $referrer, 0, $adminmode);
121
    PAGEFOOTER();
122 123 124 125
    return;
}

#
126
# Login clicked.
127 128 129 130
#
$STATUS_LOGGEDIN  = 1;
$STATUS_LOGINFAIL = 2;
$login_status     = 0;
Leigh Stoller's avatar
Leigh Stoller committed
131
$adminmode        = (isset($adminmode) && $adminmode == 1);
132

Leigh Stoller's avatar
Leigh Stoller committed
133
if (!isset($uid) || $uid == "" || !isset($password) || $password == "") {
134 135 136
    $login_status = $STATUS_LOGINFAIL;
}
else {
137
    if (DOLOGIN($uid, $password, $adminmode)) {
138 139 140 141 142 143
	$login_status = $STATUS_LOGINFAIL;
    }
    else {
	$login_status = $STATUS_LOGGEDIN;
    }
}
144

145 146 147 148
#
# Failed, then try again with an error message.
# 
if ($login_status == $STATUS_LOGINFAIL) {
149
    SPITFORM($uid, $key, $referrer, 1, $adminmode);
150 151 152
    PAGEFOOTER();
    return;
}
153

Leigh Stoller's avatar
Leigh Stoller committed
154
if (isset($key)) {
155 156 157 158 159
    #
    # If doing a verification, zap to that page.
    #
    header("Location: $TBBASE/verifyusr.php3?key=$key");
}
Leigh Stoller's avatar
Leigh Stoller committed
160
elseif (isset($referrer)) {
161 162 163 164 165
    #
    # Zap back to page that started the login request.
    #
    header("Location: $referrer");
}
166 167 168 169 170 171
else {
    #
    # Zap back to front page in secure mode.
    # 
    header("Location: $TBBASE/");
}
172 173
return;

174
?>