Fixed error when log in as admin with saml login method.
This commit is contained in:
Arturo Gonzalez
parent
902c5371f9
commit
497e56510a
|
|
@ -36,7 +36,7 @@ if ($develop_bypass != 1) {
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (filesize("include/config.php") == 0) {
|
if (filesize("include/config.php") == 0) {
|
||||||
include ("install.php");
|
include ("install.php");
|
||||||
exit;
|
exit;
|
||||||
|
|
@ -99,7 +99,7 @@ if (!empty ($config["https"]) && empty ($_SERVER['HTTPS'])) {
|
||||||
if (sizeof ($_REQUEST))
|
if (sizeof ($_REQUEST))
|
||||||
//Some (old) browsers don't like the ?&key=var
|
//Some (old) browsers don't like the ?&key=var
|
||||||
$query .= '?1=1';
|
$query .= '?1=1';
|
||||||
|
|
||||||
//We don't clean these variables up as they're only being passed along
|
//We don't clean these variables up as they're only being passed along
|
||||||
foreach ($_GET as $key => $value) {
|
foreach ($_GET as $key => $value) {
|
||||||
if ($key == 1)
|
if ($key == 1)
|
||||||
|
|
@ -110,11 +110,11 @@ if (!empty ($config["https"]) && empty ($_SERVER['HTTPS'])) {
|
||||||
$query .= '&'.$key.'='.$value;
|
$query .= '&'.$key.'='.$value;
|
||||||
}
|
}
|
||||||
$url = ui_get_full_url($query);
|
$url = ui_get_full_url($query);
|
||||||
|
|
||||||
// Prevent HTTP response splitting attacks
|
// Prevent HTTP response splitting attacks
|
||||||
// http://en.wikipedia.org/wiki/HTTP_response_splitting
|
// http://en.wikipedia.org/wiki/HTTP_response_splitting
|
||||||
$url = str_replace ("\n", "", $url);
|
$url = str_replace ("\n", "", $url);
|
||||||
|
|
||||||
header ('Location: '.$url);
|
header ('Location: '.$url);
|
||||||
exit; //Always exit after sending location headers
|
exit; //Always exit after sending location headers
|
||||||
}
|
}
|
||||||
|
|
@ -140,10 +140,10 @@ echo '<head>' . "\n";
|
||||||
//This starts the page head. In the call back function, things from $page['head'] array will be processed into the head
|
//This starts the page head. In the call back function, things from $page['head'] array will be processed into the head
|
||||||
ob_start ('ui_process_page_head');
|
ob_start ('ui_process_page_head');
|
||||||
|
|
||||||
// Enterprise main
|
// Enterprise main
|
||||||
enterprise_include ('index.php');
|
enterprise_include ('index.php');
|
||||||
|
|
||||||
// This tag is included in the buffer passed to ui_process_page_head so
|
// This tag is included in the buffer passed to ui_process_page_head so
|
||||||
// technically it can be stripped
|
// technically it can be stripped
|
||||||
echo '</head>' . "\n";
|
echo '</head>' . "\n";
|
||||||
|
|
||||||
|
|
@ -165,12 +165,12 @@ $process_login = false;
|
||||||
$change_pass = get_parameter_post('renew_password', 0);
|
$change_pass = get_parameter_post('renew_password', 0);
|
||||||
|
|
||||||
if ($change_pass == 1) {
|
if ($change_pass == 1) {
|
||||||
|
|
||||||
$password_old = (string) get_parameter_post ('old_password', '');
|
$password_old = (string) get_parameter_post ('old_password', '');
|
||||||
$password_new = (string) get_parameter_post ('new_password', '');
|
$password_new = (string) get_parameter_post ('new_password', '');
|
||||||
$password_confirm = (string) get_parameter_post ('confirm_new_password', '');
|
$password_confirm = (string) get_parameter_post ('confirm_new_password', '');
|
||||||
$id = (string) get_parameter_post ('login', '');
|
$id = (string) get_parameter_post ('login', '');
|
||||||
|
|
||||||
$changed_pass = login_update_password_check ($password_old, $password_new, $password_confirm, $id);
|
$changed_pass = login_update_password_check ($password_old, $password_new, $password_confirm, $id);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -188,40 +188,40 @@ if (strlen($search) > 0) {
|
||||||
if (! isset ($config['id_user'])) {
|
if (! isset ($config['id_user'])) {
|
||||||
if (isset ($_GET["login"])) {
|
if (isset ($_GET["login"])) {
|
||||||
include_once('include/functions_db.php'); //Include it to use escape_string_sql function
|
include_once('include/functions_db.php'); //Include it to use escape_string_sql function
|
||||||
|
|
||||||
$config["auth_error"] = ""; //Set this to the error message from the authorization mechanism
|
$config["auth_error"] = ""; //Set this to the error message from the authorization mechanism
|
||||||
$nick = get_parameter_post ("nick"); //This is the variable with the login
|
$nick = get_parameter_post ("nick"); //This is the variable with the login
|
||||||
$pass = get_parameter_post ("pass"); //This is the variable with the password
|
$pass = get_parameter_post ("pass"); //This is the variable with the password
|
||||||
$nick = db_escape_string_sql($nick);
|
$nick = db_escape_string_sql($nick);
|
||||||
$pass = db_escape_string_sql($pass);
|
$pass = db_escape_string_sql($pass);
|
||||||
|
|
||||||
//Since now, only the $pass variable are needed
|
//Since now, only the $pass variable are needed
|
||||||
unset ($_GET['pass'], $_POST['pass'], $_REQUEST['pass']);
|
unset ($_GET['pass'], $_POST['pass'], $_REQUEST['pass']);
|
||||||
|
|
||||||
// If the auth_code exists, we assume the user has come through the double auth page
|
// If the auth_code exists, we assume the user has come through the double auth page
|
||||||
if (isset ($_POST['auth_code'])) {
|
if (isset ($_POST['auth_code'])) {
|
||||||
$double_auth_success = false;
|
$double_auth_success = false;
|
||||||
|
|
||||||
// The double authentication is activated and the user has surpassed the first step (the login).
|
// The double authentication is activated and the user has surpassed the first step (the login).
|
||||||
// Now the authentication code provided will be checked.
|
// Now the authentication code provided will be checked.
|
||||||
if (isset ($_SESSION['prepared_login_da'])) {
|
if (isset ($_SESSION['prepared_login_da'])) {
|
||||||
if (isset ($_SESSION['prepared_login_da']['id_user'])
|
if (isset ($_SESSION['prepared_login_da']['id_user'])
|
||||||
&& isset ($_SESSION['prepared_login_da']['timestamp'])) {
|
&& isset ($_SESSION['prepared_login_da']['timestamp'])) {
|
||||||
|
|
||||||
// The user has a maximum of 5 minutes to introduce the double auth code
|
// The user has a maximum of 5 minutes to introduce the double auth code
|
||||||
$dauth_period = SECONDS_2MINUTES;
|
$dauth_period = SECONDS_2MINUTES;
|
||||||
$now = time();
|
$now = time();
|
||||||
$dauth_time = $_SESSION['prepared_login_da']['timestamp'];
|
$dauth_time = $_SESSION['prepared_login_da']['timestamp'];
|
||||||
|
|
||||||
if ($now - $dauth_period < $dauth_time) {
|
if ($now - $dauth_period < $dauth_time) {
|
||||||
// Nick
|
// Nick
|
||||||
$nick = $_SESSION["prepared_login_da"]['id_user'];
|
$nick = $_SESSION["prepared_login_da"]['id_user'];
|
||||||
// Code
|
// Code
|
||||||
$code = (string) get_parameter_post ("auth_code");
|
$code = (string) get_parameter_post ("auth_code");
|
||||||
|
|
||||||
if (!empty($code)) {
|
if (!empty($code)) {
|
||||||
$result = validate_double_auth_code($nick, $code);
|
$result = validate_double_auth_code($nick, $code);
|
||||||
|
|
||||||
if ($result === true) {
|
if ($result === true) {
|
||||||
// Double auth success
|
// Double auth success
|
||||||
$double_auth_success = true;
|
$double_auth_success = true;
|
||||||
|
|
@ -231,7 +231,7 @@ if (! isset ($config['id_user'])) {
|
||||||
$login_screen = 'double_auth';
|
$login_screen = 'double_auth';
|
||||||
// Error message
|
// Error message
|
||||||
$config["auth_error"] = __("Invalid code");
|
$config["auth_error"] = __("Invalid code");
|
||||||
|
|
||||||
if (!isset($_SESSION['prepared_login_da']['attempts']))
|
if (!isset($_SESSION['prepared_login_da']['attempts']))
|
||||||
$_SESSION['prepared_login_da']['attempts'] = 0;
|
$_SESSION['prepared_login_da']['attempts'] = 0;
|
||||||
$_SESSION['prepared_login_da']['attempts']++;
|
$_SESSION['prepared_login_da']['attempts']++;
|
||||||
|
|
@ -242,7 +242,7 @@ if (! isset ($config['id_user'])) {
|
||||||
$login_screen = 'double_auth';
|
$login_screen = 'double_auth';
|
||||||
// Error message
|
// Error message
|
||||||
$config["auth_error"] = __("The code shouldn't be empty");
|
$config["auth_error"] = __("The code shouldn't be empty");
|
||||||
|
|
||||||
if (!isset($_SESSION['prepared_login_da']['attempts']))
|
if (!isset($_SESSION['prepared_login_da']['attempts']))
|
||||||
$_SESSION['prepared_login_da']['attempts'] = 0;
|
$_SESSION['prepared_login_da']['attempts'] = 0;
|
||||||
$_SESSION['prepared_login_da']['attempts']++;
|
$_SESSION['prepared_login_da']['attempts']++;
|
||||||
|
|
@ -251,7 +251,7 @@ if (! isset ($config['id_user'])) {
|
||||||
else {
|
else {
|
||||||
// Expired login
|
// Expired login
|
||||||
unset ($_SESSION['prepared_login_da']);
|
unset ($_SESSION['prepared_login_da']);
|
||||||
|
|
||||||
// Error message
|
// Error message
|
||||||
$config["auth_error"] = __('Expired login');
|
$config["auth_error"] = __('Expired login');
|
||||||
}
|
}
|
||||||
|
|
@ -259,7 +259,7 @@ if (! isset ($config['id_user'])) {
|
||||||
else {
|
else {
|
||||||
// If the code doesn't exist, remove the prepared login
|
// If the code doesn't exist, remove the prepared login
|
||||||
unset ($_SESSION['prepared_login_da']);
|
unset ($_SESSION['prepared_login_da']);
|
||||||
|
|
||||||
// Error message
|
// Error message
|
||||||
$config["auth_error"] = __('Login error');
|
$config["auth_error"] = __('Login error');
|
||||||
}
|
}
|
||||||
|
|
@ -269,10 +269,10 @@ if (! isset ($config['id_user'])) {
|
||||||
// Error message
|
// Error message
|
||||||
$config["auth_error"] = __('Login error');
|
$config["auth_error"] = __('Login error');
|
||||||
}
|
}
|
||||||
|
|
||||||
// Remove the authenticator code
|
// Remove the authenticator code
|
||||||
unset ($_POST['auth_code'], $code);
|
unset ($_POST['auth_code'], $code);
|
||||||
|
|
||||||
if (!$double_auth_success) {
|
if (!$double_auth_success) {
|
||||||
$login_failed = true;
|
$login_failed = true;
|
||||||
require_once ('general/login_page.php');
|
require_once ('general/login_page.php');
|
||||||
|
|
@ -288,15 +288,10 @@ if (! isset ($config['id_user'])) {
|
||||||
$nick_in_db = $_SESSION["prepared_login_da"]['id_user'];
|
$nick_in_db = $_SESSION["prepared_login_da"]['id_user'];
|
||||||
$expired_pass = false;
|
$expired_pass = false;
|
||||||
}
|
}
|
||||||
else if (($config['auth'] == 'saml') && $login_button_saml) {
|
else if (($config['auth'] == 'saml') && $login_button_saml && !is_user_admin($nick)) {
|
||||||
if (is_user_admin($nick)) {
|
include_once(ENTERPRISE_DIR . "/include/auth/saml.php");
|
||||||
$nick_in_db = $nick;
|
$saml_user_id = saml_process_user_login();
|
||||||
}
|
$nick_in_db = $saml_user_id;
|
||||||
else {
|
|
||||||
include_once(ENTERPRISE_DIR . "/include/auth/saml.php");
|
|
||||||
$saml_user_id = saml_process_user_login();
|
|
||||||
$nick_in_db = $saml_user_id;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
// process_user_login is a virtual function which should be defined in each auth file.
|
// process_user_login is a virtual function which should be defined in each auth file.
|
||||||
|
|
@ -304,27 +299,27 @@ if (! isset ($config['id_user'])) {
|
||||||
// The auth file can set $config["auth_error"] to an informative error output or reference their internal error messages to it
|
// The auth file can set $config["auth_error"] to an informative error output or reference their internal error messages to it
|
||||||
// process_user_login should return false in case of errors or invalid login, the nickname if correct
|
// process_user_login should return false in case of errors or invalid login, the nickname if correct
|
||||||
$nick_in_db = process_user_login ($nick, $pass);
|
$nick_in_db = process_user_login ($nick, $pass);
|
||||||
|
|
||||||
$expired_pass = false;
|
$expired_pass = false;
|
||||||
|
|
||||||
if (($nick_in_db != false) && ((!is_user_admin($nick)
|
if (($nick_in_db != false) && ((!is_user_admin($nick)
|
||||||
|| $config['enable_pass_policy_admin']))
|
|| $config['enable_pass_policy_admin']))
|
||||||
&& (defined('PANDORA_ENTERPRISE'))
|
&& (defined('PANDORA_ENTERPRISE'))
|
||||||
&& ($config['enable_pass_policy'])) {
|
&& ($config['enable_pass_policy'])) {
|
||||||
include_once(ENTERPRISE_DIR . "/include/auth/mysql.php");
|
include_once(ENTERPRISE_DIR . "/include/auth/mysql.php");
|
||||||
|
|
||||||
$blocked = login_check_blocked($nick);
|
$blocked = login_check_blocked($nick);
|
||||||
|
|
||||||
if ($blocked) {
|
if ($blocked) {
|
||||||
require_once ('general/login_page.php');
|
require_once ('general/login_page.php');
|
||||||
db_pandora_audit("Password expired", "Password expired: ".$nick, $nick);
|
db_pandora_audit("Password expired", "Password expired: ".$nick, $nick);
|
||||||
while (@ob_end_flush ());
|
while (@ob_end_flush ());
|
||||||
exit ("</html>");
|
exit ("</html>");
|
||||||
}
|
}
|
||||||
|
|
||||||
//Checks if password has expired
|
//Checks if password has expired
|
||||||
$check_status = check_pass_status($nick, $pass);
|
$check_status = check_pass_status($nick, $pass);
|
||||||
|
|
||||||
switch ($check_status) {
|
switch ($check_status) {
|
||||||
case PASSSWORD_POLICIES_FIRST_CHANGE: //first change
|
case PASSSWORD_POLICIES_FIRST_CHANGE: //first change
|
||||||
case PASSSWORD_POLICIES_EXPIRED: //pass expired
|
case PASSSWORD_POLICIES_EXPIRED: //pass expired
|
||||||
|
|
@ -334,10 +329,10 @@ if (! isset ($config['id_user'])) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (($nick_in_db !== false) && $expired_pass) {
|
if (($nick_in_db !== false) && $expired_pass) {
|
||||||
//login ok and password has expired
|
//login ok and password has expired
|
||||||
|
|
||||||
require_once ('general/login_page.php');
|
require_once ('general/login_page.php');
|
||||||
db_pandora_audit("Password expired",
|
db_pandora_audit("Password expired",
|
||||||
"Password expired: " . $nick, $nick);
|
"Password expired: " . $nick, $nick);
|
||||||
|
|
@ -346,7 +341,7 @@ if (! isset ($config['id_user'])) {
|
||||||
}
|
}
|
||||||
else if (($nick_in_db !== false) && (!$expired_pass)) {
|
else if (($nick_in_db !== false) && (!$expired_pass)) {
|
||||||
//login ok and password has not expired
|
//login ok and password has not expired
|
||||||
|
|
||||||
// Double auth check
|
// Double auth check
|
||||||
if ((!isset ($double_auth_success) || !$double_auth_success) && is_double_auth_enabled($nick_in_db)) {
|
if ((!isset ($double_auth_success) || !$double_auth_success) && is_double_auth_enabled($nick_in_db)) {
|
||||||
// Store this values in the session to know if the user login was correct
|
// Store this values in the session to know if the user login was correct
|
||||||
|
|
@ -355,24 +350,24 @@ if (! isset ($config['id_user'])) {
|
||||||
'timestamp' => time(),
|
'timestamp' => time(),
|
||||||
'attempts' => 0
|
'attempts' => 0
|
||||||
);
|
);
|
||||||
|
|
||||||
// Load the page to introduce the double auth code
|
// Load the page to introduce the double auth code
|
||||||
$login_screen = 'double_auth';
|
$login_screen = 'double_auth';
|
||||||
require_once ('general/login_page.php');
|
require_once ('general/login_page.php');
|
||||||
while (@ob_end_flush ());
|
while (@ob_end_flush ());
|
||||||
exit ("</html>");
|
exit ("</html>");
|
||||||
}
|
}
|
||||||
|
|
||||||
//login ok and password has not expired
|
//login ok and password has not expired
|
||||||
$process_login = true;
|
$process_login = true;
|
||||||
|
|
||||||
echo "<script type='text/javascript'>var process_login_ok = 1;</script>";
|
echo "<script type='text/javascript'>var process_login_ok = 1;</script>";
|
||||||
|
|
||||||
if (!isset($_GET["sec2"]) && !isset($_GET["sec"])) {
|
if (!isset($_GET["sec2"]) && !isset($_GET["sec"])) {
|
||||||
// Avoid the show homepage when the user go to
|
// Avoid the show homepage when the user go to
|
||||||
// a specific section of pandora
|
// a specific section of pandora
|
||||||
// for example when timeout the sesion
|
// for example when timeout the sesion
|
||||||
|
|
||||||
unset ($_GET["sec2"]);
|
unset ($_GET["sec2"]);
|
||||||
$_GET["sec"] = "general/logon_ok";
|
$_GET["sec"] = "general/logon_ok";
|
||||||
$home_page ='';
|
$home_page ='';
|
||||||
|
|
@ -424,24 +419,24 @@ if (! isset ($config['id_user'])) {
|
||||||
$_GET["sec"] = "general/logon_ok";
|
$_GET["sec"] = "general/logon_ok";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
db_logon ($nick_in_db, $_SERVER['REMOTE_ADDR']);
|
db_logon ($nick_in_db, $_SERVER['REMOTE_ADDR']);
|
||||||
$_SESSION['id_usuario'] = $nick_in_db;
|
$_SESSION['id_usuario'] = $nick_in_db;
|
||||||
$config['id_user'] = $nick_in_db;
|
$config['id_user'] = $nick_in_db;
|
||||||
|
|
||||||
//==========================================================
|
//==========================================================
|
||||||
//-------- SET THE CUSTOM CONFIGS OF USER ------------------
|
//-------- SET THE CUSTOM CONFIGS OF USER ------------------
|
||||||
|
|
||||||
config_user_set_custom_config();
|
config_user_set_custom_config();
|
||||||
//==========================================================
|
//==========================================================
|
||||||
|
|
||||||
//Remove everything that might have to do with people's passwords or logins
|
//Remove everything that might have to do with people's passwords or logins
|
||||||
unset ($pass, $login_good);
|
unset ($pass, $login_good);
|
||||||
|
|
||||||
$user_language = get_user_language($config['id_user']);
|
$user_language = get_user_language($config['id_user']);
|
||||||
|
|
||||||
$l10n = NULL;
|
$l10n = NULL;
|
||||||
if (file_exists ('./include/languages/' . $user_language . '.mo')) {
|
if (file_exists ('./include/languages/' . $user_language . '.mo')) {
|
||||||
$l10n = new gettext_reader (new CachedFileReader ('./include/languages/'.$user_language.'.mo'));
|
$l10n = new gettext_reader (new CachedFileReader ('./include/languages/'.$user_language.'.mo'));
|
||||||
|
|
@ -450,11 +445,11 @@ if (! isset ($config['id_user'])) {
|
||||||
}
|
}
|
||||||
else { //login wrong
|
else { //login wrong
|
||||||
$blocked = false;
|
$blocked = false;
|
||||||
|
|
||||||
if ((!is_user_admin($nick) || $config['enable_pass_policy_admin']) && defined('PANDORA_ENTERPRISE')) {
|
if ((!is_user_admin($nick) || $config['enable_pass_policy_admin']) && defined('PANDORA_ENTERPRISE')) {
|
||||||
$blocked = login_check_blocked($nick);
|
$blocked = login_check_blocked($nick);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$blocked) {
|
if (!$blocked) {
|
||||||
if (defined('PANDORA_ENTERPRISE')) {
|
if (defined('PANDORA_ENTERPRISE')) {
|
||||||
login_check_failed($nick); //Checks failed attempts
|
login_check_failed($nick); //Checks failed attempts
|
||||||
|
|
@ -477,7 +472,7 @@ if (! isset ($config['id_user'])) {
|
||||||
elseif (isset ($_GET["loginhash"])) {
|
elseif (isset ($_GET["loginhash"])) {
|
||||||
$loginhash_data = get_parameter("loginhash_data", "");
|
$loginhash_data = get_parameter("loginhash_data", "");
|
||||||
$loginhash_user = str_rot13(get_parameter("loginhash_user", ""));
|
$loginhash_user = str_rot13(get_parameter("loginhash_user", ""));
|
||||||
|
|
||||||
if ($config["loginhash_pwd"] != "" && $loginhash_data == md5($loginhash_user.io_output_password($config["loginhash_pwd"]))) {
|
if ($config["loginhash_pwd"] != "" && $loginhash_data == md5($loginhash_user.io_output_password($config["loginhash_pwd"]))) {
|
||||||
db_logon ($loginhash_user, $_SERVER['REMOTE_ADDR']);
|
db_logon ($loginhash_user, $_SERVER['REMOTE_ADDR']);
|
||||||
$_SESSION['id_usuario'] = $loginhash_user;
|
$_SESSION['id_usuario'] = $loginhash_user;
|
||||||
|
|
@ -530,12 +525,12 @@ extensions_load_extensions ($process_login);
|
||||||
if ($process_login) {
|
if ($process_login) {
|
||||||
/* Call all extensions login function */
|
/* Call all extensions login function */
|
||||||
extensions_call_login_function ();
|
extensions_call_login_function ();
|
||||||
|
|
||||||
unset($_SESSION['new_update']);
|
unset($_SESSION['new_update']);
|
||||||
|
|
||||||
require_once("include/functions_update_manager.php");
|
require_once("include/functions_update_manager.php");
|
||||||
enterprise_include_once("include/functions_update_manager.php");
|
enterprise_include_once("include/functions_update_manager.php");
|
||||||
|
|
||||||
if ($config["autoupdate"] == 1) {
|
if ($config["autoupdate"] == 1) {
|
||||||
if (enterprise_installed()) {
|
if (enterprise_installed()) {
|
||||||
$result = update_manager_check_online_enterprise_packages_available();
|
$result = update_manager_check_online_enterprise_packages_available();
|
||||||
|
|
@ -545,12 +540,12 @@ if ($process_login) {
|
||||||
}
|
}
|
||||||
if ($result)
|
if ($result)
|
||||||
$_SESSION['new_update'] = 'new';
|
$_SESSION['new_update'] = 'new';
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
//Set the initial global counter for chat.
|
//Set the initial global counter for chat.
|
||||||
users_get_last_global_counter('session');
|
users_get_last_global_counter('session');
|
||||||
|
|
||||||
$config['logged'] = true;
|
$config['logged'] = true;
|
||||||
}
|
}
|
||||||
//----------------------------------------------------------------------
|
//----------------------------------------------------------------------
|
||||||
|
|
@ -564,7 +559,7 @@ if (isset($_SERVER['HTTP_REFERER']))
|
||||||
$chunks = explode('?', $old_page);
|
$chunks = explode('?', $old_page);
|
||||||
if (count($chunks) == 2) {
|
if (count($chunks) == 2) {
|
||||||
$chunks = explode('&', $chunks[1]);
|
$chunks = explode('&', $chunks[1]);
|
||||||
|
|
||||||
foreach ($chunks as $chunk) {
|
foreach ($chunks as $chunk) {
|
||||||
if (strstr($chunk, 'sec=') !== false) {
|
if (strstr($chunk, 'sec=') !== false) {
|
||||||
$old_sec = str_replace('sec=', '', $chunk);
|
$old_sec = str_replace('sec=', '', $chunk);
|
||||||
|
|
@ -599,15 +594,15 @@ if ($old_global_counter_chat != $now_global_counter_chat) {
|
||||||
if (get_parameter ('login', 0) !== 0) {
|
if (get_parameter ('login', 0) !== 0) {
|
||||||
// Display news dialog
|
// Display news dialog
|
||||||
include_once("general/news_dialog.php");
|
include_once("general/news_dialog.php");
|
||||||
|
|
||||||
// Display login help info dialog
|
// Display login help info dialog
|
||||||
// If it's configured to not skip this
|
// If it's configured to not skip this
|
||||||
if (!isset($config['skip_login_help_dialog']) ||
|
if (!isset($config['skip_login_help_dialog']) ||
|
||||||
$config['skip_login_help_dialog'] == 0) {
|
$config['skip_login_help_dialog'] == 0) {
|
||||||
|
|
||||||
include_once("general/login_help_dialog.php");
|
include_once("general/login_help_dialog.php");
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Header
|
// Header
|
||||||
|
|
@ -643,7 +638,7 @@ if ($searchPage) {
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if ($page != "") {
|
if ($page != "") {
|
||||||
|
|
||||||
$main_sec = get_sec($sec);
|
$main_sec = get_sec($sec);
|
||||||
if ($main_sec == false) {
|
if ($main_sec == false) {
|
||||||
if ($sec == 'extensions')
|
if ($sec == 'extensions')
|
||||||
|
|
@ -657,19 +652,19 @@ else {
|
||||||
$sec2 = '';
|
$sec2 = '';
|
||||||
}
|
}
|
||||||
$page .= '.php';
|
$page .= '.php';
|
||||||
|
|
||||||
// Enterprise ACL check
|
// Enterprise ACL check
|
||||||
if (enterprise_hook ('enterprise_acl',
|
if (enterprise_hook ('enterprise_acl',
|
||||||
array ($config['id_user'], $main_sec, $sec, true,$sec2)) == false) {
|
array ($config['id_user'], $main_sec, $sec, true,$sec2)) == false) {
|
||||||
|
|
||||||
require ("general/noaccess.php");
|
require ("general/noaccess.php");
|
||||||
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$sec = $main_sec;
|
$sec = $main_sec;
|
||||||
if (file_exists ($page)) {
|
if (file_exists ($page)) {
|
||||||
if (! extensions_is_extension ($page)) {
|
if (! extensions_is_extension ($page)) {
|
||||||
|
|
||||||
require_once($page);
|
require_once($page);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
|
@ -678,12 +673,12 @@ else {
|
||||||
else
|
else
|
||||||
extensions_call_main_function (basename ($page));
|
extensions_call_main_function (basename ($page));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
ui_print_error_message(__('Sorry! I can\'t find the page!'));
|
ui_print_error_message(__('Sorry! I can\'t find the page!'));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
//home screen chosen by the user
|
//home screen chosen by the user
|
||||||
$home_page ='';
|
$home_page ='';
|
||||||
|
|
@ -692,9 +687,9 @@ else {
|
||||||
$home_page = io_safe_output($user_info['section']);
|
$home_page = io_safe_output($user_info['section']);
|
||||||
$home_url = $user_info['data_section'];
|
$home_url = $user_info['data_section'];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
if ($home_page != '') {
|
if ($home_page != '') {
|
||||||
switch ($home_page) {
|
switch ($home_page) {
|
||||||
case 'Event list':
|
case 'Event list':
|
||||||
|
|
@ -726,7 +721,7 @@ else {
|
||||||
if (($home_url == '') || ($id_visualc == false)) {
|
if (($home_url == '') || ($id_visualc == false)) {
|
||||||
$str = 'sec=visualc&sec2=operation/visual_console/index&refr=60';
|
$str = 'sec=visualc&sec2=operation/visual_console/index&refr=60';
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
$str = 'sec=visualc&sec2=operation/visual_console/render_view&id='.$id_visualc .'&refr=60';
|
$str = 'sec=visualc&sec2=operation/visual_console/render_view&id='.$id_visualc .'&refr=60';
|
||||||
parse_str($str, $res);
|
parse_str($str, $res);
|
||||||
foreach ($res as $key => $param) {
|
foreach ($res as $key => $param) {
|
||||||
|
|
@ -742,7 +737,7 @@ else {
|
||||||
}
|
}
|
||||||
if (isset($_GET['sec2'])) {
|
if (isset($_GET['sec2'])) {
|
||||||
$file = $_GET['sec2'] . '.php';
|
$file = $_GET['sec2'] . '.php';
|
||||||
|
|
||||||
if (!file_exists ($file)) {
|
if (!file_exists ($file)) {
|
||||||
unset($_GET['sec2']);
|
unset($_GET['sec2']);
|
||||||
require('general/logon_ok.php');
|
require('general/logon_ok.php');
|
||||||
|
|
@ -803,15 +798,15 @@ require('include/php_to_js_values.php');
|
||||||
<script type="text/javascript" language="javascript">
|
<script type="text/javascript" language="javascript">
|
||||||
//Initial load of page
|
//Initial load of page
|
||||||
$(document).ready(adjustFooter);
|
$(document).ready(adjustFooter);
|
||||||
|
|
||||||
//Every resize of window
|
//Every resize of window
|
||||||
$(window).resize(adjustFooter);
|
$(window).resize(adjustFooter);
|
||||||
|
|
||||||
//Every show/hide call may need footer re-layout
|
//Every show/hide call may need footer re-layout
|
||||||
(function() {
|
(function() {
|
||||||
var oShow = jQuery.fn.show;
|
var oShow = jQuery.fn.show;
|
||||||
var oHide = jQuery.fn.hide;
|
var oHide = jQuery.fn.hide;
|
||||||
|
|
||||||
jQuery.fn.show = function () {
|
jQuery.fn.show = function () {
|
||||||
var rv = oShow.apply(this, arguments);
|
var rv = oShow.apply(this, arguments);
|
||||||
adjustFooter();
|
adjustFooter();
|
||||||
|
|
@ -823,7 +818,7 @@ require('include/php_to_js_values.php');
|
||||||
return rv;
|
return rv;
|
||||||
};
|
};
|
||||||
})();
|
})();
|
||||||
|
|
||||||
//Dynamically assign footer position and width.
|
//Dynamically assign footer position and width.
|
||||||
function adjustFooter() {
|
function adjustFooter() {
|
||||||
/*
|
/*
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue