mirrors/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2025-04-25 19:00:03 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
Piwigo/identification.php
HWFord f88472fa9c fixes #2345 create piwigo standard pages 
create new theme standard pages with tpl, css, js and images
update backend to handle pages
add config use_standard_pages
on update set config to false, on install set config to true
add standard pages to no be ingored in git
2025-03-18 16:46:41 +01:00

165 lines
5.3 KiB
PHP
Raw Blame History

<?php
// +-----------------------------------------------------------------------+
// | This file is part of Piwigo. |
// | |
// | For copyright and license information, please view the COPYING.txt |
// | file that was distributed with this source code. |
// +-----------------------------------------------------------------------+
//--------------------------------------------------------------------- include
define('PHPWG_ROOT_PATH','./');
include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
// +-----------------------------------------------------------------------+
// | Check Access and exit when user status is not ok |
// +-----------------------------------------------------------------------+
check_status(ACCESS_FREE);
// but if the user is already identified, we redirect to gallery home
// instead of displaying the log in form
if (!is_a_guest())
{
redirect(get_gallery_home_url());
}
trigger_notify('loc_begin_identification');
//-------------------------------------------------------------- identification
// security (level 1): the redirect must occur within Piwigo, so the
// redirect param must start with the relative home url
if (isset($_POST['redirect']))
{
$_POST['redirect_decoded'] = urldecode($_POST['redirect']);
}
check_input_parameter('redirect_decoded', $_POST, false, '{^'.preg_quote(cookie_path()).'}');
$redirect_to = '';
if ( !empty($_GET['redirect']) )
{
$redirect_to = urldecode($_GET['redirect']);
if ( $conf['guest_access'] and !isset($_GET['hide_redirect_error']))
{
$page['errors']['login_page_error'][] = l10n('You are not authorized to access the requested page');
}
}
if (isset($_POST['login']))
{
if (!isset($_COOKIE[session_name()]))
{
$page['errors']['login_page_error'][] = l10n('Cookies are blocked or not supported by your browser. You must enable cookies to connect.');
}
else
{
if ($conf['insensitive_case_logon'] == true)
{
$_POST['username'] = search_case_username($_POST['username']);
}
$redirect_to = isset($_POST['redirect']) ? urldecode($_POST['redirect']) : '';
$remember_me = isset($_POST['remember_me']) and $_POST['remember_me']==1;
if ( try_log_user($_POST['username'], $_POST['password'], $remember_me) )
{
// security (level 2): force redirect within Piwigo. We redirect to
// absolute root url, including http(s)://, without the cookie path,
// concatenated with $_POST['redirect'] param.
//
// example:
// {redirect (raw) = /piwigo/git/admin.php}
// {get_absolute_root_url = http://localhost/piwigo/git/}
// {cookie_path = /piwigo/git/}
// {host = http://localhost}
// {redirect (final) = http://localhost/piwigo/git/admin.php}
$root_url = get_absolute_root_url();
redirect(
empty($redirect_to)
? get_gallery_home_url()
: substr($root_url, 0, strlen($root_url) - strlen(cookie_path())).$redirect_to
);
}
else
{
$page['errors']['login_form_error'] = l10n('Invalid username or password!');
}
}
}
//----------------------------------------------------- template initialization
//
// Start output of page
//
$title = l10n('Identification');
$page['body_id'] = 'theIdentificationPage';
$template->set_filenames( array('identification'=>'identification.tpl') );
$template->assign(
array(
'U_REDIRECT' => $redirect_to,
'F_LOGIN_ACTION' => get_root_url().'identification.php',
'authorize_remembering' => $conf['authorize_remembering'],
));
if (!$conf['gallery_locked'] && $conf['allow_user_registration'])
{
$template->assign('U_REGISTER', get_root_url().'register.php' );
}
if (!$conf['gallery_locked'])
{
$template->assign('U_LOST_PASSWORD', get_root_url().'password.php' );
}
// include menubar
$themeconf = $template->get_template_vars('themeconf');
if (!$conf['gallery_locked'] && (!isset($themeconf['hide_menu_on']) OR !in_array('theIdentificationPage', $themeconf['hide_menu_on'])))
{
include( PHPWG_ROOT_PATH.'include/menubar.inc.php');
}
//Load language if cookie is set from login/register/password pages
if (isset($_COOKIE['lang']) and $user['language'] != $_COOKIE['lang'])
{
if (!array_key_exists($_COOKIE['lang'], get_languages()))
{
fatal_error('[Hacking attempt] the input parameter "'.$_COOKIE['lang'].'" is not valid');
}
$user['language'] = $_COOKIE['lang'];
load_language('common.lang', '', array('language'=>$user['language']));
}
//Get list of languages
foreach (get_languages() as $language_code => $language_name)
{
$language_options[$language_code] = $language_name;
}
$template->assign(array(
'language_options' => $language_options,
'current_language' => $user['language']
));
//Get link to doc
if ('fr' == substr($user['language'], 0, 2))
{
$help_link = "https://doc-fr.piwigo.org/les-utilisateurs/se-connecter-a-piwigo";
}
else
{
$help_link = "https://doc.piwigo.org/managing-users/log-in-to-piwigo";
}
$template->assign('HELP_LINK', $help_link);
//----------------------------------------------------------- html code display
include(PHPWG_ROOT_PATH.'include/page_header.php');
trigger_notify('loc_end_identification');
flush_page_messages();
$template->pparse('identification');
include(PHPWG_ROOT_PATH.'include/page_tail.php');
?>
Reference in a new issue View git blame Copy permalink