Skip to content
This repository has been archived by the owner on Dec 13, 2022. It is now read-only.

Commit

Permalink
* refs #3835
Browse files Browse the repository at this point in the history 
     * Add Quickform to login page
  • Loading branch information
Lionel Assepo committed Oct 21, 2015
1 parent c1df94c commit 13b7ab7
Show file tree
Hide file tree
Showing 6 changed files with 262 additions and 151 deletions.
9 changes: 4 additions & 5 deletions www/header.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,10 @@
*
*/

if (!defined('SMARTY_DIR')) {
define('SMARTY_DIR', realpath('../GPL_LIB/Smarty/libs/') . '/');
}

/*
* Bench
*/
Expand All @@ -46,11 +50,6 @@ function microtime_float() {

$advanced_search = 0;

/*
* Define
*/
define('SMARTY_DIR', realpath('../GPL_LIB/Smarty/libs/') . '/');

/*
* Include
*/
Expand Down
63 changes: 5 additions & 58 deletions www/index.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,11 @@
*
* For more information : contact@centreon.com
*
*
/*
* Define
*/

define('SMARTY_DIR', realpath('../GPL_LIB/Smarty/libs/') . '/');

ini_set('display_errors', 'Off');

Expand Down Expand Up @@ -61,6 +64,7 @@
require_once "$classdir/centreonAuth.SSO.class.php";
require_once "$classdir/centreonLog.class.php";
require_once "$classdir/centreonDB.class.php";
require_once SMARTY_DIR."Smarty.class.php";

/*
* Get auth type
Expand Down Expand Up @@ -121,63 +125,6 @@
header('Location: main.php');
}

if (isset($_POST["submit"])
|| (isset($_GET["autologin"]) && $_GET["autologin"] && isset($_GET["p"]) && $_GET["autologin"] && isset($generalOptions["enable_autologin"]) && $generalOptions["enable_autologin"])
|| (isset($_POST["autologin"]) && $_POST["autologin"] && isset($_POST["p"]) && isset($generalOptions["enable_autologin"]) && $generalOptions["enable_autologin"])
|| (!isset($generalOptions['sso_enable']) || $generalOptions['sso_enable'] == 1)) {

/*
* Init log class
*/
$CentreonLog = new CentreonUserLog(-1, $pearDB);

if (isset($_POST['p'])) {
$_GET["p"] = $_POST["p"];
}

/*
* Get Connexion parameters
*/
isset($_GET["autologin"]) ? $autologin = $_GET["autologin"] : $autologin = 0;
isset($_GET["useralias"]) ? $useraliasG = $_GET["useralias"] : $useraliasG = NULL;
isset($_POST["useralias"]) ? $useraliasP = $_POST["useralias"] : $useraliasP = NULL;
$useraliasG ? $useralias = $useraliasG : $useralias = $useraliasP;

isset($_GET["password"]) ? $passwordG = $_GET["password"] : $passwordG = NULL;
isset($_POST["password"]) ? $passwordP = $_POST["password"] : $passwordP = NULL;
$passwordG ? $password = $passwordG : $password = $passwordP;

$token = "";
if (isset($_REQUEST['token']) && $_REQUEST['token']) {
$token = $_REQUEST['token'];
}

if (!isset($encryptType)) {
$encryptType = 1;
}

$centreonAuth = new CentreonAuthSSO($useralias, $password, $autologin, $pearDB, $CentreonLog, $encryptType, $token, $generalOptions);

if ($centreonAuth->passwdOk == 1) {

$centreon = new Centreon($centreonAuth->userInfos, $generalOptions["nagios_version"]);
$_SESSION["centreon"] = $centreon;
$pearDB->query("INSERT INTO `session` (`session_id` , `user_id` , `current_page` , `last_reload`, `ip_address`) VALUES ('".session_id()."', '".$centreon->user->user_id."', '1', '".time()."', '".$_SERVER["REMOTE_ADDR"]."')");
if (!isset($_POST["submit"])) {
$args = NULL;
foreach ($_GET as $key => $value) {
$args ? $args .= "&".$key."=".$value : $args = $key."=".$value;
}
header("Location: ./main.php?".$args."");
} else {
header("Location: ./main.php");
}
$connect = true;
} else {
$connect = false;
}
}

/*
* Check PHP version
*
Expand Down
31 changes: 21 additions & 10 deletions www/lib/HTML/QuickForm.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -267,6 +267,12 @@ class HTML_QuickForm extends HTML_Common
* @access private
*/
var $_flagSubmitted = false;

/**
*
* @var type
*/
var $_tokenValidated = false;

// }}}
// {{{ constructor
Expand Down Expand Up @@ -326,7 +332,8 @@ function HTML_QuickForm($formName='', $method='post', $action='', $target='', $a
default:
$this->_maxFileSize = $matches['1'];
}
}
}
$this->addFormRule(array($this, 'checkSecurityToken'));
} // end constructor

// }}}
Expand Down Expand Up @@ -1577,7 +1584,7 @@ function validate()
}
}
}

// process the global rules now
foreach ($this->_formRules as $rule) {
if (true !== ($res = call_user_func($rule, $this->_submitValues, $this->_submitFiles))) {
Expand Down Expand Up @@ -1680,7 +1687,6 @@ function process($callback, $mergeFiles = true)
function accept(&$renderer)
{
$this->createSecurityToken();
$this->addFormRule(array($this, 'checkSecurityToken'));
$renderer->startForm($this);
foreach (array_keys($this->_elements) as $key) {
$element =& $this->_elements[$key];
Expand Down Expand Up @@ -2041,13 +2047,18 @@ function checkSecurityToken($submittedValues)
{
$success = false;

if (isset($submittedValues['centreon_token']) && isset($_SESSION['x-centreon-token']) && isset($_SESSION['x-centreon-token-generated-at'])) {
$elapsedTime = time() - $_SESSION['x-centreon-token-generated-at'];
if ($elapsedTime < (15 * 60)) {
if ($submittedValues['centreon_token'] == $_SESSION['x-centreon-token']) {
unset($_SESSION['x-centreon-token']);
unset($_SESSION['x-centreon-token-generated-at']);
$success = true;
if ($this->_tokenValidated) {
$success = true;
} else {
if (isset($submittedValues['centreon_token']) && isset($_SESSION['x-centreon-token']) && isset($_SESSION['x-centreon-token-generated-at'])) {
$elapsedTime = time() - $_SESSION['x-centreon-token-generated-at'];
if ($elapsedTime < (15 * 60)) {
if ($submittedValues['centreon_token'] == $_SESSION['x-centreon-token']) {
unset($_SESSION['x-centreon-token']);
unset($_SESSION['x-centreon-token-generated-at']);
$success = true;
$this->_tokenValidated = true;
}
}
}
}
Expand Down
76 changes: 76 additions & 0 deletions www/login.ihtml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Centreon - IT & Network Monitoring</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Centreon - Copyright (C) 2005 - 2015 Open Source Matters. All rights reserved." />
<meta name="robots" content="index, nofollow" />
<link href="{$skin}login.css" rel="stylesheet" type="text/css">
<link rel="shortcut icon" href="./img/favicon.ico">
</head>
<body OnLoad="document.login.useralias.focus();">

{foreach from=$loginMessages item=message}
<div style='padding-top: 60px;'><span class='msg'>{$message}</span></div>
{/foreach}

<form action="./index.php" method="post" name="login">
<div style='text-align:center;align:center;padding-top:90px;'>
<table id="logintab1" style="text-align:center;" align="center">
<tr>
<td class="LoginInvitLogo" colspan="2">
<img src="img/centreon.png" alt="Centreon Logo" title="Centreon Logo" style="" />
</td>
</tr>
<tr>
<td class="LoginInvitVersion">
<br />
{$centreonVersion}
</td>
<td class="LoginInvitDate">
<br />
{$currentDate}
</td>
</tr>
<tr>
<td colspan="2">
<table id="logintab2">
<tr>
<td style="grayLine"><td>
</tr>
<tr>
<td align='right'>
{$form.useralias.label}
</td>
<td>
{$form.useralias.html}
</td>
</tr>
<tr>
<td align='right'>
{$form.password.label}
</td>
<td>
{$form.password.html}
</td>
</tr>
<tr>
<td colspan="2" align='center'>
{$form.submitLogin.html}
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td id="LoginInvitcpy" colspan="2">
<br />
&copy; 2005-2015 <a href="mailto:infos@centreon.com">Centreon</a>
</td>
</tr>
</table>
</div>
{$form.hidden}
</form>
</body>
</html>
Loading

0 comments on commit 13b7ab7

Please sign in to comment.