X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=access%2Flogin.php;h=c1d1ebf94c6bd429bc3f096eacd7f99e4778f7b2;hb=a41fc3d75af89ab616e17ec42a116fcf201e5040;hp=fa91f35252fb730667c92b82e6e96cc1867afeca;hpb=95ff74b5722826544743a01daf527aa3c9efe11a;p=fa-stable.git diff --git a/access/login.php b/access/login.php index fa91f352..c1d1ebf9 100644 --- a/access/login.php +++ b/access/login.php @@ -20,6 +20,7 @@ function defaultCompany() document.forms[0].company_login_name.options[".user_company()."].selected = true; } "; + add_js_file('login.js'); // Display demo user name and password within login form if allow_demo_mode option is true if ($SysPrefs->allow_demo_mode == true) @@ -36,13 +37,16 @@ function defaultCompany() if (check_faillog()) { - $blocked_msg = ''._('Too many failed login attempts.
Please wait a while or try later.').''; + $blocked = true; $js .= ""; - $demo_text = $blocked_msg; + $demo_text = ''._('Too many failed login attempts.
Please wait a while or try later.').''; + } elseif ($_SESSION["wa_current_user"]->login_attempt > 1) { + $demo_text = ''._("Invalid password or username. Please, try again.").''; } + flush_dir(user_js_cache()); if (!isset($def_coy)) $def_coy = 0; @@ -66,6 +70,7 @@ function defaultCompany() { echo $js; } + echo "\n"; echo "\n"; @@ -76,6 +81,7 @@ function defaultCompany() br();br(); start_form(false, false, $_SESSION['timeout']['uri'], "loginform"); start_table(false, "class='login'"); + start_row(); echo ""; if (!$login_timeout) { // FA logo @@ -85,41 +91,50 @@ function defaultCompany() } echo "\n"; end_row(); - if (!$login_timeout) table_section_title(_("Version")." $version Build ".$SysPrefs->build_version." - "._("Login")); + $value = $login_timeout ? $_SESSION['wa_current_user']->loginname : ($SysPrefs->allow_demo_mode ? "demouser":""); - text_row(_("User name"), "user_name_entry_field", $value, 20, 30); + $allow = SECURE_ONLY !== true ? true : (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_NAME'] === "localhost"; + + if ($allow) { - $password = $SysPrefs->allow_demo_mode ? "password":""; + text_row(_("User name"), "user_name_entry_field", $value, 20, 30); - password_row(_("Password:"), 'password', $password); + $password = $SysPrefs->allow_demo_mode ? "password":""; - if ($login_timeout) { - hidden('company_login_name', user_company()); - } else { - $coy = user_company(); - if (!isset($coy)) - $coy = $def_coy; - if (!@$SysPrefs->text_company_selection) { - echo ""._("Company")."\n"; - echo ""; + password_row(_("Password:"), 'password', $password); + + if ($login_timeout) { + hidden('company_login_name', user_company()); } else { - text_row(_("Company"), "company_login_nickname", "", 20, 50); + $coy = user_company(); + if (!isset($coy)) + $coy = $def_coy; + if (!@$SysPrefs->text_company_selection) { + echo ""._("Company")."\n"; + echo ""; + } else { + text_row(_("Company"), "company_login_nickname", "", 20, 50); + } } - start_row(); - label_cell($demo_text, "colspan=2 align='center' id='log_msg'"); - end_row(); - }; + } + else { + $demo_text = ''._("HTTP access is not allowed on this site. This is unsecure. If you really want to access this unsecure site then set the SECURE_ONLY to false in /includes/session.inc file.").''; + } + start_row(); + label_cell($demo_text, "colspan=2 align='center' id='log_msg'"); + end_row(); end_table(1); - echo "\n"; - echo "
\n"; - + echo "\n"; + if ($allow) { + echo "
\n"; + } foreach($_SESSION['timeout']['post'] as $p => $val) { // add all request variables to be resend together with login data if (!in_array($p, array('ui_mode', 'user_name_entry_field', @@ -131,7 +146,7 @@ function defaultCompany() echo ""; } end_form(1); - $Ajax->addScript(true, "document.forms[0].password.focus();"); + $Ajax->addScript(true, "if (document.forms.length) document.forms[0].password.focus();"); echo "