summaryrefslogtreecommitdiff
path: root/bin/login.pl
blob: c52c3b9e35f8814d7c6ef5b111c35c18b35da736 (plain)
  1. #=====================================================================
  2. # LedgerSMB Small Medium Business Accounting
  3. # http://www.ledgersmb.org/
  4. #
  5. # Copyright (C) 2006
  6. # This work contains copyrighted information from a number of sources all used
  7. # with permission.
  8. #
  9. # This file contains source code included with or based on SQL-Ledger which
  10. # is Copyright Dieter Simader and DWS Systems Inc. 2000-2005 and licensed
  11. # under the GNU General Public License version 2 or, at your option, any later
  12. # version. For a full list including contact information of contributors,
  13. # maintainers, and copyright holders, see the CONTRIBUTORS file.
  14. #
  15. # Original Copyright Notice from SQL-Ledger 2.6.17 (before the fork):
  16. # Copyright (c) 2000
  17. #
  18. # Author: DWS Systems Inc.
  19. # Web: http://www.sql-ledger.org
  20. #
  21. #
  22. # This program is free software; you can redistribute it and/or modify
  23. # it under the terms of the GNU General Public License as published by
  24. # the Free Software Foundation; either version 2 of the License, or
  25. # (at your option) any later version.
  26. #
  27. # This program is distributed in the hope that it will be useful,
  28. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  29. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  30. # GNU General Public License for more details.
  31. # You should have received a copy of the GNU General Public License
  32. # along with this program; if not, write to the Free Software
  33. # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  34. #======================================================================
  35. 1;
  36. use DBI;
  37. use LedgerSMB::User;
  38. use LedgerSMB::Form;
  39. use LedgerSMB::Locale;
  40. ## will need this later when session_destroy will be used
  41. #use LedgerSMB::Session;
  42. $form = new Form;
  43. $locale = LedgerSMB::Locale->get_handle($language);
  44. $locale->encoding('UTF-8');
  45. $form->{charset} = 'UTF-8';
  46. #$form->{charset} = $locale->encoding;
  47. # customization
  48. if (-f "bin/custom/$form->{script}") {
  49. eval { require "bin/custom/$form->{script}"; };
  50. $form->error($@) if ($@);
  51. }
  52. # per login customization
  53. if (-f "bin/custom/$form->{login}_$form->{script}") {
  54. eval { require "bin/custom/$form->{login}_$form->{script}"; };
  55. $form->error($@) if ($@);
  56. }
  57. # window title bar, user info
  58. $form->{titlebar} = "LedgerSMB ".$locale->text('Version'). " $form->{version}";
  59. if ($form->{action}) {
  60. $form->{titlebar} .= " - $myconfig{name} - $myconfig{dbname}";
  61. &{ $form->{action} };
  62. } else {
  63. &login_screen;
  64. }
  65. 1;
  66. sub login_screen {
  67. $form->{stylesheet} = "ledger-smb.css";
  68. $form->{favicon} = "favicon.ico";
  69. $form->{endsession} = 1;
  70. if ($form->{login}) {
  71. $sf = q|function sf() { document.login.password.focus(); }|;
  72. } else {
  73. $sf = q|function sf() { document.login.login.focus(); }|;
  74. }
  75. my $headeradd = qq|
  76. <script language="JavaScript" type="text/javascript">
  77. <!--
  78. var agt = navigator.userAgent.toLowerCase();
  79. var is_major = parseInt(navigator.appVersion);
  80. var is_nav = ((agt.indexOf('mozilla') != -1) && (agt.indexOf('spoofer') == -1)
  81. && (agt.indexOf('compatible') == -1) && (agt.indexOf('opera') == -1)
  82. && (agt.indexOf('webtv') == -1));
  83. var is_nav4lo = (is_nav && (is_major <= 4));
  84. function jsp() {
  85. if (is_nav4lo){
  86. document.login.js.value = "0";
  87. } else {
  88. document.login.js.value = "1";
  89. }
  90. }
  91. $sf
  92. // End -->
  93. </script>|;
  94. $form->header(1, $headeradd);
  95. print qq|
  96. <body class="login" onload="jsp(); sf();">
  97. <br /><br />
  98. <center>
  99. <table class="login" border="3" cellpadding="20">
  100. <tr>
  101. <td class="login" align="center">
  102. <a href="http://www.ledgersmb.org/" target="_top"><img src="ledger-smb.png" width="200" heith="100" border="0" alt="LedgerSMB Logo" /></a>
  103. <h1 class="login" align="center">|.$locale->text('Version').qq| $form->{version}</h1>
  104. <p>
  105. <form method="post" action="$form->{script}" name="login">
  106. <table width="100%">
  107. <tr>
  108. <td align="center">
  109. <table>
  110. <tr>
  111. <th align="right">|.$locale->text('Name').qq|</th>
  112. <td><input class="login" name="login" size="30" value="$form->{login}" /></td>
  113. </tr>
  114. <tr>
  115. <th align="right">|.$locale->text('Password').qq|</th>
  116. <td><input class="login" type="password" name="password" size="30" /></td>
  117. </tr>
  118. </table>
  119. <br />
  120. </td>
  121. </tr>
  122. </table>
  123. <input type="hidden" name="path" value="$form->{path}" />
  124. <input type="hidden" name="js" value="$form->{js}" />
  125. <button type="submit" name="action" value="login">|.$locale->text('Login').qq|</button>
  126. </form>
  127. </p>
  128. </td>
  129. </tr>
  130. </table>
  131. <p><a href="admin.pl"
  132. >|.$locale->text("Administrative login").qq|</a></p>
  133. </center>
  134. </body>
  135. </html>|;
  136. }
  137. sub selectdataset {
  138. my ($login) = @_;
  139. if (-f "css/ledger-smb.css") {
  140. $form->{stylesheet} = "ledger-smb.css";
  141. }
  142. $form->header(1);
  143. print qq|
  144. <body class="login" onload="document.forms[0].password.focus()" />
  145. <br /><br />
  146. <center>
  147. <table class="login" border="3" cellpadding="20">
  148. <tr>
  149. <td class="login" align="center">
  150. <a href="http://www.ledgersmb.org/" target="_top"><img src="ledger-smb.png" width="100" heith="100" border="0" alt="LedgerSMB Logo" /></a>
  151. <h1 class="login" align="center">|.$locale->text('Version').qq| $form->{version}</h1>
  152. <p>
  153. <form method="post" action="$form->{script}">
  154. <input type="hidden" name="beenthere" value="1" />
  155. <input type="hidden" name="js" value="$form->{js}" />
  156. <input type="hidden" name="path" value="$form->{path}" />
  157. <table width="100%">
  158. <tr>
  159. <td align="center">
  160. <table>
  161. <tr>
  162. <th align="right">|.$locale->text('Name').qq|</th>
  163. <td>$form->{login}</td>
  164. </tr>
  165. <tr>
  166. <th align="right">|.$locale->text('Password').qq|</th>
  167. <td><input class="login" type="password" name="password" size="30" value="$form->{password}" /></td>
  168. </tr>
  169. <tr>
  170. <th align="right">|.$locale->text('Company').qq|</th>
  171. <td>|;
  172. $checked = "checked";
  173. foreach $login (sort { $login{$a} cmp $login{$b} } keys %{ $login }) {
  174. print qq| <br /><input class="login" type="radio" name="login" value="$login" $checked>$login{$login} |;
  175. $checked = "";
  176. }
  177. print qq|
  178. </td>
  179. </tr>
  180. </table>
  181. <br />
  182. <button type="submit" name="action" value="login">|.$locale->text('Login').qq|</button>
  183. </td>
  184. </tr>
  185. </table>
  186. </form>
  187. </td>
  188. </tr>
  189. </table>
  190. </center>
  191. </body>
  192. </html>|;
  193. }
  194. sub login {
  195. $form->{stylesheet} = "ledger-smb.css";
  196. $form->{favicon} = "favicon.ico";
  197. $form->error($locale->text('You did not enter a name!')) unless ($form->{login});
  198. if (! $form->{beenthere}) {
  199. open(FH, "$memberfile") or $form->error("$memberfile : $!");
  200. @a = <FH>;
  201. close(FH);
  202. foreach $item (@a) {
  203. if ($item =~ /^\[(.*?)\]/) {
  204. $login = $1;
  205. $found = 1;
  206. }
  207. if ($item =~ /^company=/) {
  208. if ($login =~ /$form->{login}\@/ && $found) {
  209. ($null, $name) = split /=/, $item, 2;
  210. $login{$login} = $name;
  211. }
  212. $found = 0;
  213. }
  214. }
  215. if (keys %login > 1) {
  216. &selectdataset(\%login);
  217. exit;
  218. }
  219. }
  220. $user = new User $memberfile, $form->{login};
  221. # if we get an error back, bale out
  222. if (($errno = $user->login(\%$form, $userspath)) <= -1) {
  223. $errno *= -1;
  224. $err[1] = $locale->text('Access Denied!');
  225. $err[2] = $locale->text('Incorrect Dataset version!');
  226. $err[3] = $locale->text('Dataset is newer than version!');
  227. if ($errno == 4) {
  228. # upgrade dataset and log in again
  229. open FH, ">$userspath/nologin" or $form->error($!);
  230. for (qw(dbname dbhost dbport dbdriver dbuser dbpasswd)) { $form->{$_} = $user->{$_} }
  231. $form->{dbpasswd} = unpack 'u', $form->{dbpasswd};
  232. $form->{dbupdate} = "db$user->{dbname}";
  233. $form->{$form->{dbupdate}} = 1;
  234. $form->header;
  235. print qq|<body>|;
  236. print $locale->text('Upgrading to Version')." $form->{version} ... ";
  237. # required for Oracle
  238. $form->{dbdefault} = $sid;
  239. $user->dbupdate(\%$form);
  240. # remove lock file
  241. unlink "$userspath/nologin";
  242. print $locale->text('done');
  243. print "<p><a href=\"menu.pl?login=$form->{login}&amp;sessionid=$form->{sessionid}&amp;path=$form->{path}&amp;action=display&amp;main=company_logo&amp;js=$form->{js}>\">".$locale->text('Continue')."</a>";
  244. print qq|</body>|;
  245. exit;
  246. }
  247. $form->error($err[$errno]);
  248. }
  249. # made it this far, setup callback for the menu
  250. $form->{callback} = "menu.pl?action=display&password=$form->{password}";
  251. for (qw(login path js)) { $form->{callback} .= "&$_=$form->{$_}" }
  252. # check for recurring transactions
  253. if ($user->{acs} !~ /Recurring Transactions/) {
  254. if ($user->check_recurring(\%$form)) {
  255. $form->{callback} .= "&main=recurring_transactions";
  256. } else {
  257. $form->{callback} .= "&main=company_logo";
  258. }
  259. } else {
  260. if ($user->{role} eq 'user') {
  261. $form->{callback} .= "&main=company_logo";
  262. } else {
  263. if ($user->check_recurring(\%$form)) {
  264. $form->{callback} .= "&main=recurring_transactions";
  265. } else {
  266. $form->{callback} .= "&main=company_logo";
  267. }
  268. }
  269. }
  270. $form->redirect;
  271. }
  272. sub logout {
  273. $form->{callback} = "$form->{script}?path=$form->{path}&login=$form->{login}";
  274. $form->{endsession} = 1;
  275. #delete the cookie in the browser manually (can't use session_destroy here unfortunately)
  276. print qq|Set-Cookie: LedgerSMB=; path=/;\n|;
  277. $form->redirect;
  278. }