Commit c0832870 authored by Côme Bernigaud's avatar Côme Bernigaud Committed by Benoit Mortier
Browse files

Fixes: #2595 The code should follow code guidelines

parent 4fa73f16
<?php
/*
This code is part of FusionDirectory (http://www.fusiondirectory.org/)
Copyright (C) 2003-2010 Cajus Pollmeier
......@@ -27,11 +26,11 @@
session_cache_limiter("private");
session::start();
session::global_set('errorsAlreadyPosted',array());
session::global_set('errorsAlreadyPosted', array());
/* Logged in? Simple security check */
if (!session::global_is_set('ui')){
new log("security","unknown","",array(),"Error: autocomplete.php called without session") ;
if (!session::global_is_set('ui')) {
new log("security", "unknown", "", array(), "Error: autocomplete.php called without session");
header ("Location: index.php");
exit;
}
......@@ -41,25 +40,25 @@ if (isset($_GET['type']) && $_GET['type'] == "base") {
// Find dn based on name and description
if (session::is_set("pathMapping") && count($_POST) == 1) {
$res= "";
$pathMapping= session::get("pathMapping");
$search= preg_replace('/&quot;/', '"', current($_POST));
$res = "";
$pathMapping = session::get("pathMapping");
$search = preg_replace('/&quot;/', '"', current($_POST));
$config = session::global_get('config');
foreach ($config->department_info as $dn => $info) {
if (!isset($pathMapping[$dn])) {
continue;
}
if (mb_stristr($info['name'], $search) !== false) {
$res.= "<li>".mark($search, $pathMapping[$dn]).($info['description']==''?"":"<span class='informal'> [".mark($search, $info['description'])."]</span>")."</li>";
if (mb_stristr($info['name'], $search) !== FALSE) {
$res .= "<li>".mark($search, $pathMapping[$dn]).($info['description'] == ''?"":"<span class='informal'> [".mark($search, $info['description'])."]</span>")."</li>";
continue;
}
if (mb_stristr($info['description'], $search) !== false) {
$res.= "<li>".mark($search, $pathMapping[$dn]).($info['description']==''?"":"<span class='informal'> [".mark($search, $info['description'])."]</span>")."</li>";
if (mb_stristr($info['description'], $search) !== FALSE) {
$res .= "<li>".mark($search, $pathMapping[$dn]).($info['description'] == ''?"":"<span class='informal'> [".mark($search, $info['description'])."]</span>")."</li>";
continue;
}
if (mb_stristr($pathMapping[$dn], $search) !== false) {
$res.= "<li>".mark($search, $pathMapping[$dn]).($info['description']==''?"":"<span class='informal'> [".mark($search, $info['description'])."]</span>")."</li>";
if (mb_stristr($pathMapping[$dn], $search) !== FALSE) {
$res .= "<li>".mark($search, $pathMapping[$dn]).($info['description'] == ''?"":"<span class='informal'> [".mark($search, $info['description'])."]</span>")."</li>";
continue;
}
}
......@@ -75,8 +74,8 @@ if (isset($_GET['type']) && $_GET['type'] == "base") {
$ui = session::global_get('ui');
/* Is there a filter object arround? */
if (session::is_set("autocomplete")){
$filter= session::get("autocomplete");
if (session::is_set("autocomplete")) {
$filter = session::get("autocomplete");
$filter->processAutocomplete();
}
}
......
......@@ -38,8 +38,8 @@ function displayLogin()
error_reporting(E_ALL | E_STRICT);
/* Fill template with required values */
$username = "";
if(isset($_POST["username"])){
$username= trim(get_post("username"));
if (isset($_POST["username"])) {
$username = trim(get_post("username"));
}
$smarty->assign ('date', gmdate("D, d M Y H:i:s"));
$smarty->assign ('username', $username);
......@@ -49,8 +49,8 @@ function displayLogin()
$smarty->append ('css_files', get_template_path('login.css'));
/* Some error to display? */
if (!isset($message)){
$message= "";
if (!isset($message)) {
$message = "";
}
$smarty->assign ("message", $message);
......@@ -61,33 +61,33 @@ function displayLogin()
$smarty->assign ("ssl", "");
}
if(!$config->check_session_lifetime()){
if (!$config->check_session_lifetime()) {
$smarty->assign ("lifetime", _("Warning").": ".
_("The session lifetime configured in your fusiondirectory.conf will be overridden by php.ini settings."));
}else{
} else {
$smarty->assign ("lifetime", "");
}
/* Generate server list */
$servers= array();
if (isset($_POST['server'])){
$selected= get_post('server');
$servers = array();
if (isset($_POST['server'])) {
$selected = get_post('server');
} else {
$selected= $config->data['MAIN']['DEFAULT'];
$selected = $config->data['MAIN']['DEFAULT'];
}
foreach ($config->data['LOCATIONS'] as $key => $ignored){
$servers[$key]= $key;
foreach ($config->data['LOCATIONS'] as $key => $ignored) {
$servers[$key] = $key;
}
$smarty->assign ("server_options", $servers);
$smarty->assign ("server_id", $selected);
/* show login screen */
$smarty->assign ("PHPSESSID", session_id());
if (session::is_set('errors')){
if (session::is_set('errors')) {
$smarty->assign("errors", session::get('errors'));
}
if ($error_collector != ""){
$smarty->assign("php_errors", preg_replace("/%BUGBODY%/",$error_collector_mailto,$error_collector)."</div>");
if ($error_collector != "") {
$smarty->assign("php_errors", preg_replace("/%BUGBODY%/", $error_collector_mailto, $error_collector)."</div>");
} else {
$smarty->assign("php_errors", "");
}
......@@ -96,7 +96,7 @@ function displayLogin()
$smarty->assign("date", date("l, dS F Y H:i:s O"));
$smarty->display (get_template_path('headers.tpl'));
$smarty->assign("version",FD_VERSION);
$smarty->assign("version", FD_VERSION);
$smarty->display(get_template_path('login.tpl'));
exit();
......@@ -139,13 +139,13 @@ session::set('errors', "");
/* Check for java script */
if (isset($_POST['javascript']) && $_POST['javascript'] == "true") {
session::global_set('js', TRUE);
} elseif(isset($_POST['javascript'])) {
} elseif (isset($_POST['javascript'])) {
session::global_set('js', FALSE);
}
/* Check if fusiondirectory.conf (.CONFIG_FILE) is accessible */
if (!is_readable(CONFIG_DIR."/".CONFIG_FILE)) {
msg_dialog::display(_("Configuration error"), sprintf(_("FusionDirectory configuration %s/%s is not readable. Please run fusiondirectory-setup --check-config to fix this."), CONFIG_DIR,CONFIG_FILE), FATAL_ERROR_DIALOG);
msg_dialog::display(_("Configuration error"), sprintf(_("FusionDirectory configuration %s/%s is not readable. Please run fusiondirectory-setup --check-config to fix this."), CONFIG_DIR, CONFIG_FILE), FATAL_ERROR_DIALOG);
exit();
}
......@@ -162,7 +162,7 @@ $smarty->compile_dir = $config->get_cfg_value("templateCompileDirectory", SPOOL_
/* Check for compile directory */
if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))) {
msg_dialog::display(_("Smarty error"), sprintf(_("Directory '%s' specified as compile directory is not accessible!"),
$smarty->compile_dir),FATAL_ERROR_DIALOG);
$smarty->compile_dir), FATAL_ERROR_DIALOG);
exit();
}
......@@ -249,7 +249,7 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces
/* Destroy old sessions, they cause a successfull login to relog again ...*/
if (session::global_is_set('_LAST_PAGE_REQUEST')) {
session::global_set('_LAST_PAGE_REQUEST',time());
session::global_set('_LAST_PAGE_REQUEST', time());
}
/* Admin-logon and verify */
......@@ -269,13 +269,13 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces
if (!count($ldap->get_objectclasses())) {
msg_dialog::display(_("LDAP error"), _("Cannot detect information about the installed LDAP schema!"), ERROR_DIALOG);
displayLogin();
exit() ;
exit();
} else {
$cfg = array();
$cfg['admin'] = $config->current['ADMINDN'];
$cfg['password'] = $config->current['ADMINPASSWORD'];
$cfg['connection']= $config->current['SERVER'];
$cfg['tls'] = $tls;
$cfg['admin'] = $config->current['ADMINDN'];
$cfg['password'] = $config->current['ADMINPASSWORD'];
$cfg['connection'] = $config->current['SERVER'];
$cfg['tls'] = $tls;
$str = check_schema($cfg, $config->get_cfg_value("rfc2307bis") == "TRUE");
$checkarr = array();
foreach ($str as $tr) {
......@@ -315,84 +315,84 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces
if ($ok) {
/* Login as user, initialize user ACL's */
if ($htaccess_authenticated){
$ui= ldap_login_user_htaccess($username);
if ($ui === NULL || !$ui){
if ($htaccess_authenticated) {
$ui = ldap_login_user_htaccess($username);
if ($ui === NULL || !$ui) {
msg_dialog::display(_("Authentication error"), _("Cannot retrieve user information for htaccess authentication!"), FATAL_ERROR_DIALOG);
exit;
}
} else {
$ui = ldap_login_user($username, $_POST["password"]);
}
if ($ui === NULL || !$ui){
$message= _("Please check the username/password combination.");
if ($ui === NULL || !$ui) {
$message = _("Please check the username/password combination.");
$smarty->assign ('nextfield', 'password');
session::global_set('config',$config);
session::global_set('config', $config);
if(isset($_SERVER['REMOTE_ADDR'])) {
$ip= $_SERVER['REMOTE_ADDR'];
new log("security","login","",array(),"Authentication failed for user \"$username\" [from $ip]");
if (isset($_SERVER['REMOTE_ADDR'])) {
$ip = $_SERVER['REMOTE_ADDR'];
new log("security", "login", "", array(), "Authentication failed for user \"$username\" [from $ip]");
} else {
new log("security","login","",array(),"Authentication failed for user \"$username\"");
new log("security", "login", "", array(), "Authentication failed for user \"$username\"");
}
} else {
/* Remove all locks of this user */
del_user_locks($ui->dn);
/* Save userinfo and plugin structure */
session::global_set('ui',$ui);
session::global_set('session_cnt',0);
session::global_set('ui', $ui);
session::global_set('session_cnt', 0);
/* Let FusionDirectory trigger a new connection for each POST, save
config to session. */
$config->get_departments();
$config->make_idepartments();
session::global_set('config',$config);
session::global_set('config', $config);
/* Restore filter settings from cookie, if available */
if($config->get_cfg_value("storeFilterSettings") == "TRUE"){
if ($config->get_cfg_value("storeFilterSettings") == "TRUE") {
if(isset($_COOKIE['FusionDirectory_Filter_Settings']) || isset($HTTP_COOKIE_VARS['FusionDirectory_Filter_Settings'])){
if (isset($_COOKIE['FusionDirectory_Filter_Settings']) || isset($HTTP_COOKIE_VARS['FusionDirectory_Filter_Settings'])) {
if(isset($_COOKIE['FusionDirectory_Filter_Settings'])){
if (isset($_COOKIE['FusionDirectory_Filter_Settings'])) {
$cookie_all = unserialize(base64_decode($_COOKIE['FusionDirectory_Filter_Settings']));
}else{
} else {
$cookie_all = unserialize(base64_decode($HTTP_COOKIE_VARS['FusionDirectory_Filter_Settings']));
}
if(isset($cookie_all[$ui->dn])){
if (isset($cookie_all[$ui->dn])) {
$cookie = $cookie_all[$ui->dn];
$cookie_vars= array("MultiDialogFilters","CurrentMainBase","plug");
foreach($cookie_vars as $var){
if(isset($cookie[$var])){
session::global_set($var,$cookie[$var]);
$cookie_vars = array("MultiDialogFilters","CurrentMainBase","plug");
foreach ($cookie_vars as $var) {
if (isset($cookie[$var])) {
session::global_set($var, $cookie[$var]);
}
}
if(isset($cookie['plug'])){
$plug =$cookie['plug'];
if (isset($cookie['plug'])) {
$plug = $cookie['plug'];
}
}
}
}
/* are we using accountexpiration */
if ($config->get_cfg_value("handleExpiredAccounts") == "TRUE"){
if ($config->get_cfg_value("handleExpiredAccounts") == "TRUE") {
$expired = $ui->expired_status();
if ($expired == POSIX_ACCOUNT_EXPIRED) {
$message= _("Account locked. Please contact your system administrator!");
$message = _("Account locked. Please contact your system administrator!");
$smarty->assign ('nextfield', 'password');
new log("security","login","",array(),"Account for user \"$username\" has expired") ;
new log("security", "login", "", array(), "Account for user \"$username\" has expired");
displayLogin();
exit();
}
}
/* Not account expired or password forced change go to main page */
new log("security","login","",array(),"User \"$username\" logged in successfully") ;
$plist= new pluglist($config, $ui);
if(isset($plug) && isset($plist->dirlist[$plug])){
new log("security", "login", "", array(), "User \"$username\" logged in successfully");
$plist = new pluglist($config, $ui);
if (isset($plug) && isset($plist->dirlist[$plug])) {
header ("Location: main.php?plug=".$plug."&global_check=1");
}else{
} else {
header ("Location: main.php?global_check=1");
}
exit;
......@@ -404,11 +404,11 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces
$smarty->assign ("cookies", "<b>"._("Warning").":<\/b> "._("Your browser has cookies disabled. Please enable cookies and reload this page before logging in!"));
/* Set focus to the error button if we've an error message */
$focus= "";
if (session::is_set('errors') && session::get('errors') != ""){
$focus= '<script type="text/javascript">';
$focus.= 'document.forms[0].error_accept.focus();';
$focus.= '</script>';
$focus = "";
if (session::is_set('errors') && session::get('errors') != "") {
$focus = '<script type="text/javascript">';
$focus .= 'document.forms[0].error_accept.focus();';
$focus .= '</script>';
}
$smarty->assign("focus", $focus);
displayLogin();
......
<?php
/*
This code is part of FusionDirectory (http://www.fusiondirectory.org/)
Copyright (C) 2003-2010 Cajus Pollmeier
......@@ -30,33 +29,33 @@ header("Content-type: text/html; charset=UTF-8");
/* try to start session, so we can remove userlocks,
if the old session is still available */
@session::start();
session::set('errorsAlreadyPosted',array());
if(session::global_is_set('ui')){
session::set('errorsAlreadyPosted', array());
if (session::global_is_set('ui')) {
/* Get config & ui informations */
$ui= session::global_get("ui");
$ui = session::global_get("ui");
/* config used for del_user_locks & some lines below to detect the language */
$config= session::global_get("config");
$config = session::global_get("config");
/* Remove all locks of this user */
del_user_locks($ui->dn);
/* Write something to log */
new log("security","logout","",array(),"User \"".$ui->username."\" logged out") ;
new log("security", "logout", "", array(), "User \"".$ui->username."\" logged out");
}
/* Language setup */
if ((!isset($config)) || $config->get_cfg_value("language") == ""){
$lang= get_browser_language();
if ((!isset($config)) || $config->get_cfg_value("language") == "") {
$lang = get_browser_language();
} else {
$lang= $config->get_cfg_value("language");
$lang = $config->get_cfg_value("language");
}
putenv("LANGUAGE=");
putenv("LANG=$lang");
setlocale(LC_ALL, $lang);
$GLOBALS['t_language']= $lang;
$GLOBALS['t_language'] = $lang;
$GLOBALS['t_gettext_message_dir'] = $BASE_DIR.'/locale/';
/* Set the text domain as 'fusiondirectory' */
......@@ -65,22 +64,22 @@ bindtextdomain($domain, LOCALE_DIR);
textdomain($domain);
/* Set smarty template compile directory */
if (isset($config)){
$smarty->compile_dir= $config->get_cfg_value("templateCompileDirectory", SPOOL_DIR);
if (isset($config)) {
$smarty->compile_dir = $config->get_cfg_value("templateCompileDirectory", SPOOL_DIR);
} else {
$smarty->compile_dir= SPOOL_DIR;
$smarty->compile_dir = SPOOL_DIR;
}
$smarty->assign("date", date("l, dS F Y H:i:s O"));
/* If GET request is posted, the logout was forced by pressing the link */
if (isset($_GET['request'])){
if (isset($_GET['request'])) {
/* destroy old session */
session::destroy ();
/* If we're not using htaccess authentication, just redirect... */
if (isset($config) && $config->get_cfg_value("htaccessAuthentication") == "TRUE"){
if (isset($config) && $config->get_cfg_value("htaccessAuthentication") == "TRUE") {
/* Else notice that the user has to close the browser... */
$smarty->assign("usePrototype", "false");
......@@ -92,13 +91,12 @@ if (isset($_GET['request'])){
header ("Location: index.php");
exit();
}else{ // The logout wasn't forced, so the session is invalid
} else { // The logout wasn't forced, so the session is invalid
$smarty->assign("usePrototype", "false");
$smarty->display (get_template_path('headers.tpl'));
$smarty->display (get_template_path('logout.tpl'));
exit;
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>
</html>
......@@ -38,9 +38,9 @@ textdomain($domain);
/* Remember everything we did after the last click */
session::start();
session::set('errorsAlreadyPosted',array());
session::global_set('runtime_cache',array());
session::set('limit_exceeded',FALSE);
session::set('errorsAlreadyPosted', array());
session::global_set('runtime_cache', array());
session::set('limit_exceeded', FALSE);
if ($_SERVER["REQUEST_METHOD"] == "POST") {
@DEBUG (DEBUG_POST, __LINE__, __FUNCTION__, __FILE__, $_POST, "_POST");
......@@ -49,7 +49,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
/* Logged in? Simple security check */
if (!session::global_is_set('config')) {
new log("security","login","",array(),"main.php called without session - logging out") ;
new log("security", "login", "", array(), "main.php called without session - logging out");
header ("Location: logout.php");
exit;
}
......@@ -57,7 +57,7 @@ if (!session::global_is_set('config')) {
/* Check for uniqe ip address */
$ui = session::global_get('ui');
if ($_SERVER['REMOTE_ADDR'] != $ui->ip) {
new log("security","login","",array(),"main.php called with session which has a changed IP address.") ;
new log("security", "login", "", array(), "main.php called with session which has a changed IP address.");
header ("Location: logout.php");
exit;
}
......@@ -66,32 +66,32 @@ timezone::get_default_timezone();
/* Check for invalid sessions */
if (session::global_get('_LAST_PAGE_REQUEST') == "") {
session::global_set('_LAST_PAGE_REQUEST',time());
session::global_set('_LAST_PAGE_REQUEST', time());
} else {
/* check FusionDirectory.conf for defined session lifetime */
$max_life = $config->get_cfg_value("sessionLifetime", 60*60*2);
$max_life = $config->get_cfg_value("sessionLifetime", 60 * 60 * 2);
/* get time difference between last page reload */
$request_time = (time()- session::global_get('_LAST_PAGE_REQUEST'));
$request_time = (time() - session::global_get('_LAST_PAGE_REQUEST'));
/* If page wasn't reloaded for more than max_life seconds
* kill session
*/
if ($request_time > $max_life) {
session::destroy();
new log("security","login","",array(),"main.php called without session - logging out") ;
new log("security", "login", "", array(), "main.php called without session - logging out");
header ("Location: logout.php");
exit;
}
session::global_set('_LAST_PAGE_REQUEST',time());
session::global_set('_LAST_PAGE_REQUEST', time());
}
@DEBUG (DEBUG_CONFIG, __LINE__, __FUNCTION__, __FILE__, $config->data, "config");
/* Set template compile directory */
$smarty->compile_dir= $config->get_cfg_value("templateCompileDirectory", SPOOL_DIR);
$smarty->compile_dir = $config->get_cfg_value("templateCompileDirectory", SPOOL_DIR);
/* Set default */
$reload_navigation = FALSE;
......@@ -104,11 +104,11 @@ if ((!session::global_is_set('Last_init_lang')) || (session::global_get('Last_in
}
/* Language setup */
session::global_set('Last_init_lang',$lang);
session::global_set('Last_init_lang', $lang);
/* Preset current main base */
if (!session::global_is_set('CurrentMainBase')) {
session::global_set('CurrentMainBase',get_base_from_people($ui->dn));
session::global_set('CurrentMainBase', get_base_from_people($ui->dn));
}
putenv("LANGUAGE=");
......@@ -126,7 +126,7 @@ textdomain($domain);
/* Prepare plugin list */
if (!session::global_is_set('plist')) {
/* Initially load all classes */
$class_list= get_declared_classes();
$class_list = get_declared_classes();
foreach ($class_mapping as $class => $path) {
if (!in_array($class, $class_list)) {
if (is_readable("$BASE_DIR/$path")) {
......@@ -153,16 +153,16 @@ if (isset($global_check) && $config->get_cfg_value("forceglobals") == "TRUE") {
_("Fatal error: Register globals is on. FusionDirectory will refuse to login unless this is fixed by an administrator."),
FATAL_ERROR_DIALOG);
new log("security","login","",array(),"Register globals is on. For security reasons, this should be turned off.") ;
new log("security", "login", "", array(), "Register globals is on. For security reasons, this should be turned off.");
session::destroy ();
exit;
}
/* Check Plugin variable */
if (session::global_is_set('plugin_dir')) {
$old_plugin_dir= session::global_get('plugin_dir');
$old_plugin_dir = session::global_get('plugin_dir');
} else {
$old_plugin_dir= "";
$old_plugin_dir = "";
}
/* reload navigation if language changed*/
......@@ -174,50 +174,48 @@ $plist->gen_menu();
/* check if we are using account expiration */
$smarty->assign("hideMenus", FALSE);
if ($config->get_cfg_value("handleExpiredAccounts") == "TRUE") {
$expired = $ui->expired_status();
if ($expired == POSIX_WARN_ABOUT_EXPIRATION && !session::is_set('POSIX_WARN_ABOUT_EXPIRATION__DONE')) {
@DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $expired, "This user account (".$ui->username.") is about to expire");
// The users password is about to xpire soon, display a warning message.
new log("security","fusiondirectory","",array(),"password for user '".$ui->username."' is about to expire") ;
msg_dialog::display(_("Password change"), _("Your password is about to expire, please change your password!"), INFO_DIALOG);
session::set('POSIX_WARN_ABOUT_EXPIRATION__DONE', TRUE);
} elseif ($expired == POSIX_FORCE_PASSWORD_CHANGE) {
@DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $expired, "This user account expired");
// The password is expired, we are now going to enforce a new one from the user.
// Hide the FusionDirectory menus to avoid leaving the enforced password change dialog.
$smarty->assign("hideMenus", TRUE);
$plug = (isset($_GET['plug'])) ? $_GET['plug'] : null;
// Search for the 'password' class and set its id as active plug.
foreach ($plist->dirlist as $key => $value) {
if (preg_match("/\bpassword\b/i",$value)) {
if($plug != $key) {
$_GET['plug'] = $key;
}
break;
}
$expired = $ui->expired_status();
if ($expired == POSIX_WARN_ABOUT_EXPIRATION && !session::is_set('POSIX_WARN_ABOUT_EXPIRATION__DONE')) {
@DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $expired, "This user account (".$ui->username.") is about to expire");
// The users password is about to xpire soon, display a warning message.
new log("security", "fusiondirectory", "", array(), "password for user '".$ui->username."' is about to expire");
msg_dialog::display(_("Password change"), _("Your password is about to expire, please change your password!"), INFO_DIALOG);
session::set('POSIX_WARN_ABOUT_EXPIRATION__DONE', TRUE);
} elseif ($expired == POSIX_FORCE_PASSWORD_CHANGE) {
@DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $expired, "This user account expired");
// The password is expired, we are now going to enforce a new one from the user.
// Hide the FusionDirectory menus to avoid leaving the enforced password change dialog.
$smarty->assign("hideMenus", TRUE);
$plug = (isset($_GET['plug'])) ? $_GET['plug'] : NULL;
// Search for the 'password' class and set its id as active plug.
foreach ($plist->dirlist as $key => $value) {
if (preg_match("/\bpassword\b/i", $value)) {
if ($plug != $key) {
$_GET['plug'] = $key;
}
break;
}
}
}
}
if (isset($_GET['plug']) && $plist->plugin_access_allowed($_GET['plug'])) {
$plug= validate($_GET['plug']);
$plugin_dir= $plist->get_path($plug);
session::global_set('plugin_dir',$plugin_dir);
$plug = validate($_GET['plug']);
$plugin_dir = $plist->get_path($plug);
session::global_set('plugin_dir', $plugin_dir);
if ($plugin_dir == "") {
new log("security","fusiondirectory","",array(),"main.php called with invalid plug parameter \"$plug\"") ;
new log("security", "fusiondirectory", "", array(), "main.php called with invalid plug parameter \"$plug\"");
header ("Location: logout.php");
exit;
}
} else {
/* set to welcome page as default plugin */
session::global_set('plugin_dir',"welcome");
$plugin_dir= "$BASE_DIR/plugins/generic/welcome";
session::global_set('plugin_dir', "welcome");
$plugin_dir = "$BASE_DIR/plugins/generic/welcome";
}
/* Handle plugin locks.
......@@ -225,8 +223,8 @@ if (isset($_GET['plug']) && $plist->plugin_access_allowed($_GET['plug'])) {
- Remove all created locks if "reset" was posted.
- Remove all created locks if we switched to another plugin.
*/
$cleanup = FALSE;