WebSVN - travelsized - Rev 496

<?PHP
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* This file is part of Travelsized CMS
* A content management system with modules, based on wiki syntax
*
* Author: Dan Jensen <admin@leinir.dk>
* Copyright 2003/2004
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* The GNU General Public License is available at: http://www.gnu.org/copyleft/
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */

// Save the user ID into a global variable
if( array_key_exists( "user_id", $_REQUEST ) )
$viewUser = htmlspecialchars( $_REQUEST["user_id"] );

/**
* allUsersArray returns an array containing the usernames for all the users on the system
*
* @param bool associative Describes wether it should be an associative array with usernames as key and full name as value - default false
* @param bool sortByName Describes wether to sort the array by full names - default false
* @param bool ignoreHideme Describes wether he user's hiding setting is honoured
*
* @return array An array containing the usernames of all users on the system
*/
function allUsersArray( $associative = false, $sortByName = false, $ignoreHideme = false ) {
$fp = fopen("setup/password.txt", "r");
while (!feof($fp)) {
$line = trim(fgets($fp, 1000));
list($l, $p) = explode(",", $line);
$userlist[] = $l;
}
fclose($fp);

// We need to remove users requesting to be hidden from the userlist unless we are specifcally told not to do so
if( $ignoreHideme == false )
{
$newList = array();
foreach( $userlist as $key => $value )
{
if( getUserInfo( $value, "profiles_hideme" ) != 1 )
$newList[] = $value;
}
$userlist = $newList;
}

if( $associative )
{
foreach( $userlist as $key => $value )
$templist[$value] = getUserInfo($value, "name");

$userlist = $templist;

if( $sortByName )
asort($userlist);
else
ksort($userlist);
}
else
sort($userlist);

return $userlist;
}

/**
* Returns the current user's username
*
* @return string A string containing the username of the user currently logged in
*/
function currentUser()
{
$userName = "";
if( array_key_exists( siteURL(true), $_SESSION ) && array_key_exists( "login", $_SESSION[siteURL(true)] ) )
$userName = $_SESSION[siteURL(true)]["login"];
else
$userName = "";

return $userName;
}

/**
* Usergroup variables
*/
{
$usergroups = array();
// This is the system defaults
$usergroups_global_default["global_setup"] = true;
$usergroups_global_default["global_admin"] = false;
$usergroups_global_default["global_user_view"] = true;
$usergroups_global_default["global_user_edit"] = false;
$usergroups_global_default["global_user_new"] = false;
$usergroups_global_default["global_themes"] = false;
$usergroups_global_default["global_files"] = false;
$usergroups_global_default["global_frontpage_view"] = true;
$usergroups_global_default["global_frontpage_edit"] = false;
$usergroups_global_default["global_pages_create"] = false;
$usergroups_global_default["global_pages_edit"] = false;
$usergroups_global_default["global_menus"] = false;
$usergroups_global_default["global_menus_view"] = true;
$usergroups_global_default["global_menus_edit"] = false;

// This value is true, because we want to make sure this happens transparently accross the sites...
foreach( $profilemodules as $key => $value )
$usergroups_global_default["profile_" . substr( $value, 14 )] = true;

// Only load user-defined usergroups_default if it actually exists
if (file_exists("$setup_folder/usergroups_default.inc"))
include "$setup_folder/usergroups_default.inc";

if( is_array($usergroups_default) )
{
foreach ($usergroups_global_default as $key => $value)
if (!array_key_exists($key, $usergroups_default))
setAllowed($key, $value);
}
else
{
$usergroups_default = $usergroups_global_default;
$filename = "$setup_folder/usergroups_default.inc";
$content = "<?PHP\n\$usergroups_default = '" . serialize($usergroups_default) . "';\n\$usergroups_default = unserialize(\$usergroups_default);\n?>";
fileSave($filename, $content);
chmod($filename, 0664);// make sure the file is actually accessible...
}
}

/**
* isAllowed queries for wether the user currently logged in (or default access rights) has access to a usergroup
*
* @param $groupname The usergroup that you wish to check for access to
*
* @return bool true if user is allowed, false if not
*/
function isAllowed($groupname) {
global $usergroups, $usergroups_default;
if (
currentUser() == "admin" || // admin is god
( array_key_exists( "global_admin", $usergroups ) && $usergroups["global_admin"] === true ) || // see above... user has been allowed the same rights as admin
( array_key_exists( $groupname, $usergroups ) && $usergroups[$groupname] === true ) || // current user access rights for this group
( array_key_exists( $groupname, $usergroups_default ) && $usergroups_default[$groupname] === true ) // default access rights for this group
)
return true;
else
return false;
}
/**
* userIsAllowed queries for wether a specified user (or default access rights) has access to a usergroup
*
* @param username The user you wish to check access rights for
* @param groupname The usergroup that you wish to check for access to
*
* @return bool - true if user is allowed, false if not
*/
function userIsAllowed($username, $groupname)
{
global $usergroups_default;
$usergroups = getPermissions($username);
if (
$username == "admin" || // admin is god
$usergroups["global_admin"] === true || // see above... user has been allowed the same rights as admin
$usergroups[$groupname] === true || // current user access rights for this group
$usergroups_default[$groupname] === true // default access rights for this group
)
return true;
else
return false;
}
/**
* getPermissions loads the permissions for a specific user, returning the information in an array
*
* @param $username The username for the user to fetch permissions for
*
* @return array the permissions array
*/
function getPermissions($username) {
global $userinfo_folder;
$usergroups = "";
if (file_exists("$userinfo_folder/$username/usergroups.inc")) include ("$userinfo_folder/$username/usergroups.inc");
return $usergroups;
}
/**
* setAllowed defines wether a user is in a usergroup or not. Defaults to true (as the function name suggests)
* If there is no username defined, it will set the default access rights
*
* @param $groupname The user group to set access rights for
* @param $allowed Optional. Wether to allow access or not
* @param $username Optional. Which user to set access rights for. If this is not specified it will be set as default
*
* @return bool Returns true if successful
*/
function setAllowed($groupname, $allowed = true, $username = "") {
global $usergroups, $usergroups_default, $userinfo_folder, $setup_folder;
if ($allowed == "false") $allowed = false;
if ($username == "") { // No username is defined, so this means that we're setting the default access
$usergroups_default[$groupname] = (bool) $allowed;
$filename = "$setup_folder/usergroups_default.inc";
$content = "<?PHP\n\$usergroups_default = '" . serialize($usergroups_default) . "';\n\$usergroups_default = unserialize(\$usergroups_default);\n?>";
} else {
$filename = "$userinfo_folder/$username/usergroups.inc";
if (file_exists($filename)) include $filename;
$usergroups[$groupname] = (bool) $allowed;
$content = "<?PHP\n\$usergroups = '" . serialize($usergroups) . "';\n\$usergroups = unserialize(\$usergroups);\n?>";
}

if (file_exists($filename)) { if (!unlink($filename)) return false; }
fileSave($filename, $content);
return chmod($filename, 0664);
}
/**
* removeUsergroup will entirely erase a particular usergroup from the system
*
* @param $groupname The user group you wish to remove from the system
*
* @return bool Returns true if successful
*/
function removeUsergroup($groupname) {
global $usergroups_default, $usergroups, $userinfo_folder, $setup_folder;

$userlist = allUsersArray(false, false, true); // get all users
foreach ($userlist as $key => $value) { // cycle through all users
$filename = "$userinfo_folder/$value/usergroups.inc"; // permissions file filename
if (file_exists($filename)) { // only remove this user's permissions if there are any
$temp_permissions = getPermissions($value); // load their permissions
if (array_key_exists($groupname, $temp_permissions)) { // only remove this permission if it really exists
unset($temp_permissions[$groupname]); // unset the groupname permission
$content = "<?PHP\n\$usergroups = '" . serialize($temp_permissions) . "';\n\$usergroups = unserialize(\$usergroups);\n?>"; // permissions file contents
if (unlink($filename)) { // remove permissions file if it already exists
if (!fileSave($filename, $content)) { //save permissions back to file
// if unsuccessful, return false!
return false;
}
}
}
}
}

unset($usergroups_default[$groupname]); // remove from $usergroups_default
$filename = "$setup_folder/usergroups_default.inc"; // default permissions file filename
$content = "<?PHP\n\$usergroups_default = '" . serialize($usergroups_default) . "';\n\$usergroups_default = unserialize(\$usergroups_default);\n?>"; //
if (file_exists($filename))
unlink($filename); // remove old default permissions file
fileSave($filename, $content);// save new default permissions file
chmod($filename, 0664);// make sure the file is actually accessible...

if (file_exists("$userinfo_folder/" . currentUser() . "/usergroups.inc"))
include "$userinfo_folder/" . currentUser() . "/usergroups.inc"; //reload current user's permissions

return true;
}

/**
* Function returns user information
*
* @param login The username of the user you wish to fetch information for
* @param which_info Optional. What information you wish to fetch. Defaults to email
* @param defaultValue Optional. What is the default value?
*
* @return string The value of login's which_info
*/
function getUserInfo($login, $which_info = "email", $defaultValue = null )
{
global $userinfo_folder, $usermanager;

if( $defaultValue !== null )
$value = $defaultValue;
else
$value = i18n("No ##0## information\n", array($which_info));

if( $login != "" )
{
if( !$usermanager->userExists($login) )
$value = i18n("Unknown user");
else if( file_exists("$userinfo_folder/$login/$which_info.txt") )
{
if( $fp = fopen("$userinfo_folder/$login/$which_info.txt", "r") )
{
if( ($info = fread($fp, filesize("$userinfo_folder/$login/$which_info.txt"))) != "" )
{
if( $info == "" )
$value = i18n("Unknown") . " $which_info";
else
$value = $info;
}
}
}
}

return $value;
}
function saveUserInfo($login, $which_info, $info) {
global $userinfo_folder;
$filename = "$userinfo_folder/$login/$which_info.txt";
if ($info === false)
$info = 0;

/*if (file_exists($filename)) {
if (!unlink($filename)) {
return false;
}
}*/

if( is_array( $info ) )
$info = serialize( $info );
/*
if ($fp = fopen($filename, 'a')) {
if (fwrite($fp, $info) === FALSE) return false;
fclose($fp);
chmod($filename, 0664);// make sure the file is actually accessible...
} else {
return false;
}*/
if( !file_put_contents($filename, $info) )
return false;

if( strlen( $info ) == 0 )
unlink( $filename );

return true;
}

function auth( $login = '', $passwd = '', $pass_file = 'setup/password.txt' )
{
global $usergroups, $userinfo_folder, $setup_folder;
$login = strtolower($login);

if( array_key_exists( "login_sevenday", $_REQUEST ) )
{
ini_set("session.gc_maxlifetime", 3153600000);
ini_set("session.cookie_lifetime", 3153600000);
//ini_set("session.gc_maxlifetime", 31536000);
//setcookie(session_name(),session_id(),time()+3600*24*7);
}

if( !session_id() )
session_start();

if( array_key_exists( siteURL(true), $_SESSION ) && is_array( $_SESSION[ siteURL(true) ] ) )
{
if (file_exists("$userinfo_folder/" . currentUser() . "/usergroups.inc"))
include "$userinfo_folder/" . currentUser() . "/usergroups.inc";
return true;
}
else if( !empty($login) )
{
$fp = fopen($pass_file, 'r');
while (!feof($fp))
{
$line = trim(fgets($fp, 1000));
list($l, $p) = explode(",", $line);
$check_pass = crypt($passwd, $p);
if (($l == $login) && ($p == $check_pass))
{
$_SESSION[siteURL(true)] = array("login"=>$login);
$theme_user = getUserInfo($login, "theme");
if ($theme_user != i18n("No ##0## information\n", array("theme")))
$_SESSION["theme"] = $theme_user;
fclose($fp);
if (file_exists("$userinfo_folder/$login/usergroups.inc"))
include "$userinfo_folder/$login/usergroups.inc";
return true;
}
}
fclose($fp);
return false;
}
else
return false;
}

function isauth()
{
//no login
if (currentUser() == "")
return false;
else
return true;
}

//The unauth function logs out the current user
function unauth () {
session_start();
session_unset();
session_destroy();
}

/**
* setFriend sets another user as a friend, or unsets it as friend depending on wether isfriend is true
*
* @param login the user who has or does not have a friend
* @param friendswith the user who login is or is not friend with
* @param isfriend wether the user is a friend (default true)
*/
function setFriend($login, $friendwith, $isfriend = true) {
global $userinfo_folder;
$filename = "$userinfo_folder/$login/relationships.php";
if (file_exists($filename)) $relationships = fileGet($filename);
$relationships = unserialize(substr($relationships, strpos($relationships, "\n") + 1));

if ($isfriend) {
$relationships["friends"][$friendwith] = $friendwith;
} else {
if (is_array($relationships["friends"])) {
foreach($relationships["friends"] as $key => $value) {
if ($value == $friendwith) {
unset($relationships["friends"][$key]);
break; // No reason to check for more, since there's only going to be one entry per friend :)
}
}
}
}

$relationships = "<?php die(\"access denied\"); ?>\n" . serialize($relationships);
if (file_exists($filename)) { if (!unlink($filename)) return false; }
fileSave($filename, $relationships);
chmod($filename, 0664);// make sure the file is actually accessible...
return true;
}

/**
* isFriend returns true if $user has $peer set as friend
*/
function isFriend($user, $peer) {
global $userinfo_folder;
$filename = "$userinfo_folder/$user/relationships.php";

$relationships = "";
if (file_exists($filename))
$relationships = fileGet($filename);

$relationships = unserialize(substr($relationships, strpos($relationships, "\n") + 1));

if( is_array($relationships) && is_array( $relationships["friends"] ) )
return array_key_exists($peer, $relationships["friends"]);
else
return false;
}

/**
* setBlacklisted sets another user as blacklisted, depending on wether isblacklisted is true
*
* @param login the user who dislikes or does not dislike someone else
* @param blacklists the user who is (not) getting blacklisted
* @param isblacklisted wether the user is getting blacklisted (default true)
*/
function setBlacklisted($login, $blacklists, $isblacklisted = true) {
global $userinfo_folder;
$filename = "$userinfo_folder/$login/relationships.php";
if (file_exists($filename)) $relationships = fileGet($filename);
$relationships = unserialize(substr($relationships, strpos($relationships, "\n") + 1));

if ($isblacklisted) {
$relationships["blacklists"][$blacklists] = $blacklists;
} else {
if (is_array($relationships["blacklists"])) {
foreach($relationships["blacklists"] as $key => $value) {
if ($value == $blacklists) {
unset($relationships["blacklists"][$key]);
break; // No reason to check for more, since there's only going to be one entry per friend :)
}
}
}
}

$relationships = "<?php die(\"access denied\"); ?>\n" . serialize($relationships);
if (file_exists($filename)) { if (!unlink($filename)) return false; }
fileSave($filename, $relationships);
chmod($filename, 0664);// make sure the file is actually accessible...
return true;
}

/**
* isBlacklisting returns true if $user blacklists $peer
*/
function isBlacklisting($user, $peer) {
global $userinfo_folder;
$filename = "$userinfo_folder/$user/relationships.php";

$relationships = "";
if (file_exists($filename))
$relationships = fileGet($filename);

$relationships = unserialize(substr($relationships, strpos($relationships, "\n") + 1));

if( is_array($relationships) && array_key_exists( "blacklists", $relationships ) && is_array( $relationships["blacklists"] ) )
return array_key_exists($peer, $relationships["blacklists"]);
else
return false;
}

/**
* userAllows returns wether the currently logged in user is allowed to access to the access level defined by $username's $accesslevel
*/
function userAllows($username, $accesslevel) {
// admin is always allowed... even if user says otherwise... no need to check further
if (isAllowed("global_admin"))
return true;

$isfriend = isFriend($username, currentUser());
$isblacklisted = isBlacklisting($username, currentUser());

switch ($accesslevel) {
case 4: // No-one
if( isAuth() && $username == currentUser() ) return true; // is the user himself?
return false;
case 3: // Friends
if ($isfriend) return true; // is the user a friend?
return false; // otherwise you're not allowed
case 2: // Registered users, minus blacklisted
if (isauth() && !$isblacklisted) return true; // is the user logged in, and not blacklisted?
return false; // If the user is either not logged in, or blacklisted, you're not allowed
case 1: // Registered users
if (isauth()) return true; // is the user logged in?
return false; // otherwise you're not allowed
case 0: // All
default:
return true;
}
}

/**
* userAllowsContact returns wether the currently logged in user is allowed to contact the user $username through the profile system
*/
function userAllowsContact($username) {
global $profile_options;
$userinfo = getUserInfo($username, "profiles_contact");
if ($userinfo == i18n("No") . " profiles_contact " . i18n("information")) $userinfo = $profile_options["profiles_contact"];

return userAllows($username, $userinfo);
}

/**
* userAllowsContact returns wether the currently logged in user is allowed to view the user $username's profile
*/
function userAllowsView($username) {
global $profile_options;
$userinfo = getUserInfo($username, "profiles_view");
if ($userinfo == i18n("No ##0## information\n", array("profiles_view"))) $userinfo = $profile_options["profiles_view"];

return userAllows($username, $userinfo);
}

/**
* userAllowsMypage returns wether the currently logged in user is allowed to view the user $username's personal page
*/
function userAllowsMypage($username) {
global $profile_options;
$userinfo = getUserInfo($username, "profiles_mypage");
if ($userinfo == i18n("No ##0## information\n", array("profiles_mypage"))) $userinfo = $profile_options["profiles_mypage"];

return userAllows($username, $userinfo);
}

function profileEditAllowed($username)
{
if( isAllowed("global_user_edit") || ($username != "" && $username == currentUser()) )
return true;
else
return false;
}

/**
* The Userman class handles adding, changing and removing users, and setting blacklisting and friends for them
*/
class Userman {
function changeadd($login = "", $passwd = "", $pass_file = 'setup/password.txt'){
global $userinfo_folder;
if (!file_exists("$userinfo_folder/$login"))
RecursiveMkdir("$userinfo_folder/$login");

$passwd = crypt($passwd);

if (file_exists($pass_file)) {
//Read the current password file
$fp = fopen($pass_file, "r");
while (!feof($fp)) {
$tmp_line = trim(fgets($fp, 1000));
list($l, $p) = explode(",", $tmp_line);
$password_list[$l] = $p;
}
fclose($fp);
}

$password_list[$login] = $passwd;
$fp = fopen($pass_file, "w");
foreach ($password_list as $user => $password) {
if (!$user == "") $pass_content = "$pass_content$user,$password\n";
}
fputs($fp, trim($pass_content));
fclose($fp);

return true;
}

function rename($login, $newlogin, $pass_file = 'setup/password.txt') {
global $userinfo_folder;

rename("$userinfo_folder/$login", "$userinfo_folder/$newlogin");

if (file_exists($pass_file)) {
//Read the current password file
$fp = fopen($pass_file, "r");
while (!feof($fp)) {
$tmp_line = trim(fgets($fp, 1000));
list($l, $p) = explode(",", $tmp_line);
$password_list[$l] = $p;
}
fclose($fp);
}

$passwd = $password_list[$login]; // Get the old password
unset($password_list[$login]); // Delete the user
$password_list[$newlogin] = $passwd; // Set the same password for the new username

$fp = fopen($pass_file, "w");
foreach ($password_list as $user => $password) {
if (!$user == "") $pass_content = "$pass_content$user,$password\n";
}
fputs($fp, trim($pass_content));
fclose($fp);

return true;
}

function remove($login = "", $pass_file = 'setup/password.txt'){
global $usermanager, $userinfo_folder;
if (file_exists($pass_file)) {
//Read the current password file
$fp = fopen($pass_file, "r");
while (!feof($fp)) {
$tmp_line = trim(fgets($fp, 1000));
list($l, $p) = explode(",", $tmp_line);
$password_list[$l] = $p;
}
fclose($fp);
}
unset($password_list[$login]);
$fp = fopen($pass_file, "w");
foreach ($password_list as $user => $password) {
$pass_content = "$pass_content$user,$password\n";
}
fputs($fp, trim($pass_content));
fclose($fp);

rmdirr("$userinfo_folder/$login");

$userlist = allUsersArray(false, false, true);
foreach($userlist as $key => $value) {
setFriend($value, $login, false);
setBlacklisted($value, $login, false);
}

return true;
}

function userExists($login, $pass_file = 'setup/password.txt') {
$login = strtolower($login);
if (file_exists($pass_file)) {
$fp = fopen($pass_file, "r");
$value = false;
while (!feof($fp)) {
$tmp_line = trim(fgets($fp, 1000));
list($l, $p) = explode(",", $tmp_line);
if ($l == $login) $value = true;
}
fclose($fp);
return $value;
}
return false;
}
}

function globalID_auth( $splitID )
{
$pageID = null;

// Is the globalID directly aimed at this module?
if( $splitID[0] == "logout" )
{
$pageID = $_REQUEST["page_id"] = 0;
unauth();
}

return $pageID;
}

function loginform_small()
{
global $language, $profilemodules, $usermanager;
if( isAuth() )
{
$thisUser = $_SESSION[siteURL(true)]["login"];
$data = "
<div id=\"loginform_small\">
" . i18n("Welcome") . "<br /><a href=\"" . globalIDtoURL("user/$thisUser/mypage") . "\">" . getUserInfo($_SESSION[siteURL(true)]["login"], "name") . "</a>
<hr class=\"loginform\" />";

foreach( $profilemodules as $key => $value )
$data .= "
<a class=\"loginform\" href=\"" . globalIDtoURL("user/$thisUser/" . substr($value, 14)) . "\">" . i18n(substr($value, 14)) . "</a>";

$data .= "
</div>";
return $data;
}
else
{
$theUsername = "";
if( array_key_exists( "username", $_REQUEST ) )
$theUsername = $_REQUEST['username'];

$loginfrm = "<form action=\"" . thisPageURL() . "\" method=\"post\"><input type=\"hidden\" name=\"logout\" value=\"false\" /><div id=\"loginform_small\">";
if( $theUsername != "" )
{
$loginfrm .= "
<div id=\"login_text\">". i18n("Authorisation error, try again") . "<br />";

if( !$usermanager->userExists($theUsername) )
$loginfrm .= i18n("Unknown user!") . "</div>";
else
$loginfrm .= i18n("Incorrect password") . "<a href=\"" . globalIDtoURL("setup/requestpassword/$theUsername") . "\" class=\"command\" title=\"" . i18n("Get a new password sent by email") . "\">[?]</a></div>";
}
else
{
$loginfrm .= "
<div id=\"login_text\">" . i18n("Log in here") . "</div>";
}
$loginfrm .= "
<div id=\"login_username\"><span id=\"login_username_text\">" . i18n("Username:") . "</span><input id=\"login_username_box\" type=\"text\" name=\"username\" value=\"$theUsername\" /></div>
<div id=\"login_password\"><span id=\"login_password_text\">" . i18n("Password:") . "</span><input id=\"login_password_box\" type=\"password\" name=\"password\" /></div>
<div id=\"login_sevenday\"><label><input id=\"login_sevenday\" name=\"login_sevenday\" type=\"checkbox\" /><span id=\"login_sevenday_text\">" . i18n("Remember me") . "</span></label></div><input id=\"login_login_button\" type=\"submit\" value=\"" . i18n("Log in") . "\" />
</div>";

if( isAllowed("global_user_new") )
$loginfrm .= "<div id=\"login_new_button\"><a class=\"login_new_button\" href=\"" . globalIDtoURL("user/" . i18n("username") . "/new") . "\">" . i18n("Register a user") . "</a></div>";

$loginfrm .= "</form>";
return $loginfrm;
}
}

function loginform($language = "en", $submit_uri, $auth_messages = "") {
global $auth_messages, $usermanager, $globalID;
// THIS IS A VERY DIRTY HACK! Should really be fixed by making the setup globalID be called something else, but...
if( $globalID == "setup" )
$loginfrm = "<form action=\"" . thisPageURL() . "/?globalID=setup\" method=\"post\"><input type=\"hidden\" name=\"logout\" value=\"false\" /><div align=\"center\"><table width=\"300\" style=\"border: 1px solid gray;\"><tr><td colspan=\"2\" style=\"border-bottom: 1px solid gray;\">";
else
$loginfrm = "<form action=\"" . thisPageURL() . "\" method=\"post\"><input type=\"hidden\" name=\"logout\" value=\"false\" /><div align=\"center\"><table width=\"300\" style=\"border: 1px solid gray;\"><tr><td colspan=\"2\" style=\"border-bottom: 1px solid gray;\">";
if (isset($_REQUEST["username"])) {
$loginfrm .= "
<div align=\"left\">";
if (!$usermanager->userExists($_REQUEST["username"])) {
$loginfrm .= i18n("Unknown user!") . " ";
} else {
$loginfrm .= i18n("Incorrect password") . " - <a href=\"" . globalIDtoURL("setup/requestpassword/{$_REQUEST['username']}") . "\" class=\"command\">" . i18n("Get a new password sent by email") . "</a>. ";
}
$loginfrm .= i18n("The login information you provided was invalid. Please log in again below:") . "</div>";
} else {
$loginfrm = "$loginfrm
<div align=\"left\">" . i18n("Write username and password below to get access to the administration functions.") . "</div>";
}
$loginfrm = "$loginfrm
<tr><td width=\"50%\">" . i18n("Username:") . "</td><td width=\"50%\" align=\"right\"><input style=\"width: 100%\" type=\"text\" name=\"username\" /></td></tr>
<tr><td>" . i18n("Password:") . "</td><td align=\"right\"><input style=\"width: 100%\" type=\"password\" name=\"password\" /></td></tr>
<tr><td>" . i18n("Remember me") . "</td><td align=\"right\"><input style=\"width: 100%\" type=\"checkbox\" name=\"login_sevenday\" /></td></tr>
<tr><td colspan=\"2\" align=\"center\"><input type=\"submit\" value=\"" . i18n("Log in") . "\" /></td></tr>
</table></div></form>";
return $loginfrm;
}
?>

Subversion Repositories travelsized

(root)/auth.php - Rev 496