#!/usr/bin/perl # MimerDesk # Web based groupware and eLearning environment # www.mimerdesk.org # # Copyright (C) 2001 Ionstream Ltd. # www.ionstream.fi # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the Free # Software Foundation; either version 2 of the License, or (at your option) # any later version. # # This program is distributed with a hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # for more details. # # You should have received a copy of the GNU General Public License along # with this program; if not, write to the Free Software Foundation, Inc., # 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # $Id: index.html,v 1.34 2002/07/21 12:03:40 inf Exp $ #"""""""""""""""""""""""""""""""""""""""""# # # # MimerDesk: Home - Desktop / login # # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # # (c) Ionstream Oy 1999 - 2001 # # # # Programmed by: Teemu Arina # # # #_________________________________________# # Begin ################################## use strict; use vars qw ($APPLICATION $ACTIVEGRP $USER $IP $LAST_ACT $trans @LANGUAGES $FORWARDED $TIME_USED $IDLE $form $ref $sth); use lib::MimerDesk; use CGI::Carp "fatalsToBrowser"; sub print_template; sub lue_login; sub create_id; $APPLICATION = "Home - Index"; # Program ################################## read_config('../config/mimerdesk.cfg'); initialize(); $form = decode_multipart(); $form->{'ID'} =~ tr/0-9//cd; $form->{'auth'} =~ tr/0-9a-z//cd; $trans = lib::MimerDesk->new_gettext(program => 'login',language => $config{'language'}); push @LANGUAGES, $_ foreach sort { $LANGUAGES{$a} cmp $LANGUAGES{$b} } keys %LANGUAGES; unshift @LANGUAGES, 'def'; $LANGUAGES{'def'} = $trans->gettext('Default'); $APPLICATION = $trans->gettext('Home - Index'); if ($form->{'timed_out'}) { print_template('front_template','
'. $trans->gettext("Your connection to the server timed out."). '


'.$trans->gettext("Please login again.").''); } elsif ($form->{'ip_misuse'}) { print_template('front_template','
'.$trans->gettext("WARNING!").'


'. $trans->gettext("Your session might have been hijacked!").'

'. $trans->gettext("This error might also occur when you have reconnected to the Internet and your IP address has changed. Some Internet service providers(ISP) have real-time dynamic IP addresses that change even while you are connected."). '

'. $trans->gettext("If you haven't reconnected then contact the system administrator immediately to prevent misuse!")); } lue_login() if ($form->{'password'} || $form->{'name'}); print_template('front_template') if (!$form->{'ID'} || !$form->{'auth'}); ($USER, $IP, $LAST_ACT, $FORWARDED, $TIME_USED, $IDLE, $ACTIVEGRP) = authenticate($form->{'ID'}, $form->{'auth'}, $form->{'changeGroup'}); $trans = lib::MimerDesk->new_gettext(program => 'login',language => $config{'language'}); $APPLICATION = $trans->gettext('Home - Index'); if ($form->{'quit'}) { delete_session($form->{'ID'}); write_log("$USER logged out!", 'ok'); print_template('front_template',''.$trans->gettext('Thank you for using MimerDesk.').'

'. $trans->gettext('Note:').'
'.$trans->gettext("Always remember to log out of MimerDesk when you're done! This way you can ensure your own privacy and prevent misuse.") ); } # Subs ################################## ############################## # create session ID and auth # ############################## # 1. Get session ID's from database # 2. Create unique ID containing 6 numbers # 3. Create random 32-bit auth key sub create_id { my ($ID,$auth,@chars,@ids); db_list("SELECT ID FROM sessions"); while (my $ref = $sth->fetchrow_hashref()) {push @ids, $ref->{'ID'};} do {$ID = (int rand 1000000)} while (grep {$_ eq $ID} @ids); db_end(); @chars = ("a" .. "f", 0 .. 9); $auth = join("", @chars[ map { rand @chars } (1 .. 32) ]); return ($ID,$auth); } ############### # Check login # ############### sub lue_login { my ($visitcount,$lastvisit); delete_old(); if (lc $config{'firewall'} eq 'on') { my @allowed = split / /, $config{'host_allow'}; if (!(firewall(\@allowed,get_ipaddress()))) { write_log("Firewall authentication failed!", 'warning'); print_template('front_template', $trans->gettext("You are not authorized to enter this site!")); } } my $check = check_password($form->{'name'}, $form->{'password'}); if ($check == '2') { write_log("Expired account $form->{'name'} tried to log in!", 'error'); print_template('front_template','
'. $trans->gettext("Your connection was refused. Your account is disabled."). '


'. $trans->gettext("Please contact your administrator.")); } elsif (!$check) { write_log("Account $form->{'name'} wrong password!", 'error'); print_template('front_template','
'. $trans->gettext("Your connection was refused. You entered the wrong username and/or password."). '


'. $trans->gettext("Please try again. (If you don't have an account please contact your administrator).")); } ($form->{'ID'}, $form->{'auth'}) = create_id(); my $time = time(); $IP = get_ipaddress(); lock_tables('WRITE', 'sessions','users'); db_list("insert into sessions (USER, ID, IP, LAST_ACT, AUTH, LOGIN_DATE2, FORWARDED, LAST_PAGE) values ('$form->{'name'}', '$form->{'ID'}', '$IP', '$time', '$form->{'auth'}', '$time', '$ENV{'HTTP_X_FORWARDED_FOR'}','User logged in')"); $USER = $form->{'name'}; $LAST_ACT = $time; $FORWARDED = $ENV{'HTTP_X_FORWARDED_FOR'}; db_end(); if ($form->{'language'} && $form->{'language'} ne 'def') { $config{'language'} = $form->{'language'}; ($form->{'language'}) = prepare_fordb($form->{'language'}); db_update('users',{language => $form->{'language'}},"nimi='$USER'"); } unlock_tables(); my $time_used = 0; lock_tables('WRITE', 'users'); db_list("SELECT visitcount,lastvisit FROM users where nimi = '$form->{'name'}'"); while (my $ref = $sth->fetchrow_hashref()) { $visitcount = $ref->{'visitcount'}; $lastvisit = $ref->{'lastvisit'}; } db_end(); unlock_tables(); my $nowvisit = "$time|$IP"; $visitcount++; write_log("User $form->{'name'} logged in.", "ok"); lock_tables('WRITE', 'sys_info'); db_list("update sys_info set con_value = (con_value+1) where connectionz like 'con%'"); db_end(); unlock_tables(); if ($visitcount <= 1) { lock_tables('WRITE', 'users'); db_list("update users set lastpage = '$lastvisit', lastvisit = '$nowvisit', visitcount = '0' where nimi = '$form->{'name'}'"); db_end(); unlock_tables(); redirect("$config{'loc_server'}$config{'bin_dir'}/password.html?ID=$form->{'ID'}&auth=$form->{'auth'}&go=first_time"); exit; } lock_tables('WRITE', 'users'); db_list("update users set lastpage = '$lastvisit', lastvisit = '$nowvisit', visitcount = '$visitcount' where nimi = '$form->{'name'}'"); db_end(); unlock_tables(); redirect("$config{'loc_server'}$config{'bin_dir'}/desktop.html?ID=$form->{'ID'}&auth=$form->{'auth'}"); } ################################## # Read template and process it # ################################## sub print_template { my ($ref,$fulltemplate,$lastvisit,$realname,$new_messages,$groups,$groupposts,$groupref,$groupregs, $allvisit,$logged,$users,$headline,$uptime,$current_date, $chatusers, $calevents, $new); my ($template,$message) = @_; print_header('pragma'); $ref = get_template($template); $fulltemplate = $ref->{$template}; if ($message) {$fulltemplate =~ s/<>/$message/m;} else { lock_tables('READ','frontcontent'); my ($ref) = db_select("*","frontcontent", "ID = 'frontinfo'"); unlock_tables(); ($ref->{'EN_DATA'}) = itag_replacer($ref->{'EN_DATA'}); $fulltemplate =~ s/<>/$ref->{'EN_DATA'}/m; } my $language = dropdownmenu(name => "language", order => \@LANGUAGES, default => 'def', values => \%LANGUAGES); $fulltemplate =~ s/<>/$language

/m; $fulltemplate =~ s/<>/minea/gm; $fulltemplate = replace_tags($fulltemplate, $USER, $form->{'auth'}, $form->{'ID'}, $TIME_USED); $fulltemplate =~ s/<>/index.html/m; print $fulltemplate; db_end('disconnect'); exit; }