| 1 |
<?php |
|---|
| 2 |
|
|---|
| 3 |
define("context","external"); |
|---|
| 4 |
|
|---|
| 5 |
require_once(dirname(dirname(__FILE__)).'/../includes.php'); |
|---|
| 6 |
global $CFG; |
|---|
| 7 |
|
|---|
| 8 |
$redirect_url = trim(optional_param('passthru_url')); |
|---|
| 9 |
if (empty($redirect_url) || substr_count($redirect_url,$CFG->wwwroot) == 0) { |
|---|
| 10 |
$redirect_url = $CFG->wwwroot . "index.php"; |
|---|
| 11 |
} |
|---|
| 12 |
|
|---|
| 13 |
if (substr_count($redirect_url,$CFG->wwwroot) == 0) { |
|---|
| 14 |
$redirect_url = substr($CFG->wwwroot,0,strlen($CFG->wwwroot) - 1) . $redirect_url; |
|---|
| 15 |
} |
|---|
| 16 |
|
|---|
| 17 |
$redirect_url = str_replace("@","",$redirect_url); |
|---|
| 18 |
|
|---|
| 19 |
// if we're already logged in, redirect away again. |
|---|
| 20 |
if (logged_on) { |
|---|
| 21 |
$messages[] = __gettext("You are already logged on."); |
|---|
| 22 |
define('redirect_url', $redirect_url); |
|---|
| 23 |
$_SESSION['messages'] = $messages; |
|---|
| 24 |
header("Location: " . redirect_url); |
|---|
| 25 |
exit; |
|---|
| 26 |
} |
|---|
| 27 |
|
|---|
| 28 |
$l = optional_param('username'); |
|---|
| 29 |
$p = optional_param('password'); |
|---|
| 30 |
|
|---|
| 31 |
if (!empty($l) && !empty($p)) { |
|---|
| 32 |
$ok = authenticate_account($l, $p); |
|---|
| 33 |
if ($ok) { |
|---|
| 34 |
$messages[] = __gettext("You have been logged on."); |
|---|
| 35 |
if (md5($p) == md5("password")) { |
|---|
| 36 |
$messages[] = __gettext("The password for this account is extremely insecure and represents a major security risk. You should change it immediately."); |
|---|
| 37 |
} |
|---|
| 38 |
if(strpos($redirect_url,'register')>0 |
|---|
| 39 |
|| strpos($redirect_url,"login")>0 |
|---|
| 40 |
|| strpos($redirect_url,'password')){ |
|---|
| 41 |
$redirect_url = $CFG->wwwroot.$_SESSION['username']."/"; |
|---|
| 42 |
} |
|---|
| 43 |
define('redirect_url', $redirect_url); |
|---|
| 44 |
$_SESSION['messages'] = $messages; |
|---|
| 45 |
header("Location: " . redirect_url); |
|---|
| 46 |
exit; |
|---|
| 47 |
} else { |
|---|
| 48 |
$messages[] = __gettext("Unrecognised username or password. The system could not log you on, or you may not have activated your account."); |
|---|
| 49 |
} |
|---|
| 50 |
} else if (!empty($l) || !empty($p)) { // if ONLY one was entered, make the error message. |
|---|
| 51 |
$messages[] = __gettext("Either the username or password were not specified. The system could not log you on."); |
|---|
| 52 |
} |
|---|
| 53 |
|
|---|
| 54 |
$body = __gettext('Please log in'); |
|---|
| 55 |
templates_page_setup(); |
|---|
| 56 |
// display the form. |
|---|
| 57 |
templates_page_output(__gettext('Log On'), $body); |
|---|
| 58 |
|
|---|
| 59 |
?> |
|---|
