$title

X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=access%2Flogin.php;h=c1d1ebf94c6bd429bc3f096eacd7f99e4778f7b2;hb=9242b29b0b78487a0c5b5c9a17a7caa80aeec296;hp=799c91c175ff7f102c3b473cc7c7a6542f77ea5b;hpb=0b63d898491b6577a5a5bf90e771dca0dcbbcf1f;p=fa-stable.git diff --git a/access/login.php b/access/login.php index 799c91c1..c1d1ebf9 100644 --- a/access/login.php +++ b/access/login.php @@ -17,39 +17,44 @@ $js = ""; + add_js_file('login.js'); - // Display demo user name and password within login form if "$allow_demo_mode" is true - if ($allow_demo_mode == true) + // Display demo user name and password within login form if allow_demo_mode option is true + if ($SysPrefs->allow_demo_mode == true) { $demo_text = _("Login as user: demouser and password: password"); } else { $demo_text = _("Please login here"); - if (@$allow_password_reset) { - $demo_text .= " "._("or")." "._("request new password").""; - } + if (@$SysPrefs->allow_password_reset) { + $demo_text .= " "._("or")." "._("request new password").""; + } } if (check_faillog()) { - $blocked_msg = ''._('Too many failed login attempts.
Please wait a while or try later.').''; + $blocked = true; $js .= ""; - $demo_text = $blocked_msg; + document.getElementById('log_msg').innerHTML='$demo_text'}, 1000*".$SysPrefs->login_delay.");"; + $demo_text = ''._('Too many failed login attempts.
Please wait a while or try later.').''; + } elseif ($_SESSION["wa_current_user"]->login_attempt > 1) { + $demo_text = ''._("Invalid password or username. Please, try again.").''; } + + flush_dir(user_js_cache()); if (!isset($def_coy)) $def_coy = 0; $def_theme = "default"; $login_timeout = $_SESSION["wa_current_user"]->last_act; - $title = $login_timeout ? _('Authorization timeout') : $app_title." ".$version." - "._("Login"); + $title = $login_timeout ? _('Authorization timeout') : $SysPrefs->app_title." ".$version." - "._("Login"); $encoding = isset($_SESSION['language']->encoding) ? $_SESSION['language']->encoding : "iso-8859-1"; $rtl = isset($_SESSION['language']->dir) ? $_SESSION['language']->dir : "ltr"; $onload = !$login_timeout ? "onload='defaultCompany()'" : ""; @@ -57,7 +62,7 @@ function defaultCompany() echo "\n"; echo "\n"; echo "$title\n"; - echo "\n"; + echo "\n"; echo " \n"; echo " \n"; send_scripts(); @@ -65,6 +70,7 @@ function defaultCompany() { echo $js; } + echo "\n"; echo "\n"; @@ -75,60 +81,72 @@ function defaultCompany() br();br(); start_form(false, false, $_SESSION['timeout']['uri'], "loginform"); start_table(false, "class='login'"); + start_row(); echo ""; if (!$login_timeout) { // FA logo - echo "

"; + echo "

"; } else { echo ""._('Authorization timeout').""; } echo "\n"; end_row(); - - echo "\n"; if (!$login_timeout) - table_section_title(_("Version")." $version Build $build_version - "._("Login")); - $value = $login_timeout ? $_SESSION['wa_current_user']->loginname : ($allow_demo_mode ? "demouser":""); - - text_row(_("User name"), "user_name_entry_field", $value, 20, 30); - - $password = $allow_demo_mode ? "password":""; - - password_row(_("Password:"), 'password', $password); - - if ($login_timeout) { - hidden('company_login_name', $_SESSION["wa_current_user"]->company); - } else { - if (isset($_SESSION['wa_current_user']->company)) - $coy = $_SESSION['wa_current_user']->company; - else - $coy = $def_coy; - if (!@$text_company_selection) { - echo ""._("Company")."\n"; - echo ""; + table_section_title(_("Version")." $version Build ".$SysPrefs->build_version." - "._("Login")); + + $value = $login_timeout ? $_SESSION['wa_current_user']->loginname : ($SysPrefs->allow_demo_mode ? "demouser":""); + + $allow = SECURE_ONLY !== true ? true : (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_NAME'] === "localhost"; + + if ($allow) { + + text_row(_("User name"), "user_name_entry_field", $value, 20, 30); + + $password = $SysPrefs->allow_demo_mode ? "password":""; + + password_row(_("Password:"), 'password', $password); + + if ($login_timeout) { + hidden('company_login_name', user_company()); } else { -// $coy = $def_coy; - text_row(_("Company"), "company_login_nickname", "", 20, 50); + $coy = user_company(); + if (!isset($coy)) + $coy = $def_coy; + if (!@$SysPrefs->text_company_selection) { + echo ""._("Company")."\n"; + echo ""; + } else { + text_row(_("Company"), "company_login_nickname", "", 20, 50); + } } - start_row(); - label_cell($demo_text, "colspan=2 align='center' id='log_msg'"); - end_row(); - }; + } + else { + $demo_text = ''._("HTTP access is not allowed on this site. This is unsecure. If you really want to access this unsecure site then set the SECURE_ONLY to false in /includes/session.inc file.").''; + } + start_row(); + label_cell($demo_text, "colspan=2 align='center' id='log_msg'"); + end_row(); end_table(1); - echo "\n"; - + echo "\n"; + if ($allow) { + echo "\n"; + } foreach($_SESSION['timeout']['post'] as $p => $val) { // add all request variables to be resend together with login data if (!in_array($p, array('ui_mode', 'user_name_entry_field', 'password', 'SubmitUser', 'company_login_name'))) - echo ""; + if (!is_array($val)) + echo ""; + else + foreach($val as $i => $v) + echo ""; } end_form(1); - $Ajax->addScript(true, "document.forms[0].password.focus();"); + $Ajax->addScript(true, "if (document.forms.length) document.forms[0].password.focus();"); echo "