X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=access%2Flogin.php;h=c1d1ebf94c6bd429bc3f096eacd7f99e4778f7b2;hb=aec1717f263bf767543afa6bd0cb960ce53e0a0d;hp=df2cc695e6b80eb9c88a559295870683477e427c;hpb=e7fb3a02d86a3bc88387280561d802d4744e8885;p=fa-stable.git
diff --git a/access/login.php b/access/login.php
index df2cc695..c1d1ebf9 100644
--- a/access/login.php
+++ b/access/login.php
@@ -81,6 +81,7 @@ function defaultCompany()
br();br();
start_form(false, false, $_SESSION['timeout']['uri'], "loginform");
start_table(false, "class='login'");
+
start_row();
echo "
";
if (!$login_timeout) { // FA logo
@@ -95,36 +96,45 @@ function defaultCompany()
$value = $login_timeout ? $_SESSION['wa_current_user']->loginname : ($SysPrefs->allow_demo_mode ? "demouser":"");
- text_row(_("User name"), "user_name_entry_field", $value, 20, 30);
+ $allow = SECURE_ONLY !== true ? true : (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_NAME'] === "localhost";
+
+ if ($allow) {
+
+ text_row(_("User name"), "user_name_entry_field", $value, 20, 30);
- $password = $SysPrefs->allow_demo_mode ? "password":"";
+ $password = $SysPrefs->allow_demo_mode ? "password":"";
- password_row(_("Password:"), 'password', $password);
+ password_row(_("Password:"), 'password', $password);
- if ($login_timeout) {
- hidden('company_login_name', user_company());
- } else {
- $coy = user_company();
- if (!isset($coy))
- $coy = $def_coy;
- if (!@$SysPrefs->text_company_selection) {
- echo " "._("Company")." \n";
- for ($i = 0; $i < count($db_connections); $i++)
- echo "" . $db_connections[$i]["name"] . " ";
- echo " \n";
- echo " ";
+ if ($login_timeout) {
+ hidden('company_login_name', user_company());
} else {
- text_row(_("Company"), "company_login_nickname", "", 20, 50);
+ $coy = user_company();
+ if (!isset($coy))
+ $coy = $def_coy;
+ if (!@$SysPrefs->text_company_selection) {
+ echo ""._("Company")." \n";
+ for ($i = 0; $i < count($db_connections); $i++)
+ echo "" . $db_connections[$i]["name"] . " ";
+ echo " \n";
+ echo " ";
+ } else {
+ text_row(_("Company"), "company_login_nickname", "", 20, 50);
+ }
}
- };
+ }
+ else {
+ $demo_text = ''._("HTTP access is not allowed on this site. This is unsecure. If you really want to access this unsecure site then set the SECURE_ONLY to false in /includes/session.inc file.").' ';
+ }
start_row();
label_cell($demo_text, "colspan=2 align='center' id='log_msg'");
end_row();
end_table(1);
echo " \n";
- echo " \n";
-
+ if ($allow) {
+ echo " \n";
+ }
foreach($_SESSION['timeout']['post'] as $p => $val) {
// add all request variables to be resend together with login data
if (!in_array($p, array('ui_mode', 'user_name_entry_field',