X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;ds=sidebyside;f=access%2Flogin.php;h=c1d1ebf94c6bd429bc3f096eacd7f99e4778f7b2;hb=a67b9dfc9f6932d5fe64ae21758f86bdb9250df2;hp=efdd276dad79b6ac6e4620b5294f0b0b30adcbe7;hpb=e447c36d73de6fefbc732c79730d6e9ebf286fc2;p=fa-stable.git
diff --git a/access/login.php b/access/login.php
index efdd276d..c1d1ebf9 100644
--- a/access/login.php
+++ b/access/login.php
@@ -12,106 +12,142 @@
if (!isset($path_to_root) || isset($_GET['path_to_root']) || isset($_POST['path_to_root']))
die(_("Restricted access"));
include_once($path_to_root . "/includes/ui.inc");
-
+ include_once($path_to_root . "/includes/page/header.inc");
+
$js = "";
- $js2 = "";
- // Display demo user name and password within login form if "$allow_demo_mode" is true
- if ($allow_demo_mode == true)
+ add_js_file('login.js');
+ // Display demo user name and password within login form if allow_demo_mode option is true
+ if ($SysPrefs->allow_demo_mode == true)
{
$demo_text = _("Login as user: demouser and password: password");
}
else
{
$demo_text = _("Please login here");
+ if (@$SysPrefs->allow_password_reset) {
+ $demo_text .= " "._("or")." "._("request new password")." ";
+ }
+ }
+
+ if (check_faillog())
+ {
+ $blocked = true;
+
+ $js .= "";
+ $demo_text = ''._('Too many failed login attempts. Please wait a while or try later.').' ';
+ } elseif ($_SESSION["wa_current_user"]->login_attempt > 1) {
+ $demo_text = ''._("Invalid password or username. Please, try again.").' ';
}
+
+ flush_dir(user_js_cache());
if (!isset($def_coy))
$def_coy = 0;
$def_theme = "default";
$login_timeout = $_SESSION["wa_current_user"]->last_act;
- $title = $login_timeout ? _('Authorization timeout') : $app_title." ".$version." - "._("Login");
+ $title = $login_timeout ? _('Authorization timeout') : $SysPrefs->app_title." ".$version." - "._("Login");
$encoding = isset($_SESSION['language']->encoding) ? $_SESSION['language']->encoding : "iso-8859-1";
$rtl = isset($_SESSION['language']->dir) ? $_SESSION['language']->dir : "ltr";
$onload = !$login_timeout ? "onload='defaultCompany()'" : "";
echo "\n";
echo "\n";
- echo "
$title \n";
- echo " \n";
- echo " \n";
- echo $js2;
+ echo "$title \n";
+ echo " \n";
+ echo " \n";
+ echo " \n";
+ send_scripts();
if (!$login_timeout)
{
echo $js;
- }
+ }
+
echo "\n";
- echo "\n";
+ echo "\n";
echo "\n";
+ div_start('_page_body');
br();br();
start_form(false, false, $_SESSION['timeout']['uri'], "loginform");
- start_table($table_style2);
+ start_table(false, "class='login'");
+
start_row();
echo "";
if (!$login_timeout) { // FA logo
- echo " ";
+ echo " ";
} else {
echo ""._('Authorization timeout')." ";
}
echo " \n";
end_row();
-
- echo " \n";
if (!$login_timeout)
- table_section_title(_("Version")." $version Build $build_version - "._("Login"));
- $value = $login_timeout ? $_SESSION['wa_current_user']->loginname : ($allow_demo_mode ? "demouser":"");
-
- text_row(_("User name"), "user_name_entry_field", $value, 20, 30);
-
- $password = $allow_demo_mode ? "password":"";
-
- echo ""._("Password")." \n";
-
- if ($login_timeout) {
- hidden('company_login_name', $_SESSION["wa_current_user"]->company);
- } else {
- if (isset($_SESSION['wa_current_user']->company))
- $coy = $_SESSION['wa_current_user']->company;
- else
- $coy = $def_coy;
- echo ""._("Company")." \n";
- for ($i = 0; $i < count($db_connections); $i++)
- echo "" . $db_connections[$i]["name"] . " ";
- echo " \n";
- start_row();
- label_cell($demo_text, "colspan=2 align='center'");
- end_row();
- };
- end_table(1);
- echo " \n";
- end_form(1);
+ table_section_title(_("Version")." $version Build ".$SysPrefs->build_version." - "._("Login"));
+ $value = $login_timeout ? $_SESSION['wa_current_user']->loginname : ($SysPrefs->allow_demo_mode ? "demouser":"");
+
+ $allow = SECURE_ONLY !== true ? true : (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_NAME'] === "localhost";
+
+ if ($allow) {
+
+ text_row(_("User name"), "user_name_entry_field", $value, 20, 30);
+
+ $password = $SysPrefs->allow_demo_mode ? "password":"";
+
+ password_row(_("Password:"), 'password', $password);
+
+ if ($login_timeout) {
+ hidden('company_login_name', user_company());
+ } else {
+ $coy = user_company();
+ if (!isset($coy))
+ $coy = $def_coy;
+ if (!@$SysPrefs->text_company_selection) {
+ echo ""._("Company")." \n";
+ for ($i = 0; $i < count($db_connections); $i++)
+ echo "" . $db_connections[$i]["name"] . " ";
+ echo " \n";
+ echo " ";
+ } else {
+ text_row(_("Company"), "company_login_nickname", "", 20, 50);
+ }
+ }
+ }
+ else {
+ $demo_text = ''._("HTTP access is not allowed on this site. This is unsecure. If you really want to access this unsecure site then set the SECURE_ONLY to false in /includes/session.inc file.").' ';
+ }
+ start_row();
+ label_cell($demo_text, "colspan=2 align='center' id='log_msg'");
+ end_row();
+ end_table(1);
+ echo " \n";
+ if ($allow) {
+ echo " \n";
+ }
foreach($_SESSION['timeout']['post'] as $p => $val) {
// add all request variables to be resend together with login data
if (!in_array($p, array('ui_mode', 'user_name_entry_field',
'password', 'SubmitUser', 'company_login_name')))
- echo " ";
+ if (!is_array($val))
+ echo " ";
+ else
+ foreach($val as $i => $v)
+ echo " ";
}
+ end_form(1);
+ $Ajax->addScript(true, "if (document.forms.length) document.forms[0].password.focus();");
+
echo "";
+ div_end();
echo "\n";
echo "";
if (isset($_SESSION['wa_current_user']))
@@ -130,12 +167,11 @@ function set_fullmode() {
echo "
\n";
echo " \n";
echo "\n";
-?>
\ No newline at end of file