web/html/login.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

<?php
set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');

include_once("aur.inc.php");

$disable_http_login = config_get_bool('options', 'disable_http_login');
if (!$disable_http_login || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) {
	$login = try_login();
	$login_error = $login['error'];
}

$referer = in_request('referer');
if ($referer === '')
	$referer = $_SERVER['HTTP_REFERER'];

html_header('AUR ' . __("Login"));
?>
<div id="dev-login" class="box">
	<h2>AUR <?= __('Login') ?></h2>
	<?php if (isset($_COOKIE["AURSID"])): ?>
	<p>
		<?= __("Logged-in as: %s", '<strong>' . username_from_sid($_COOKIE["AURSID"]) . '</strong>'); ?>
		<a href="<?= get_uri('/logout/'); ?>">[<?= __("Logout"); ?>]</a>
	</p>
	<?php elseif (!$disable_http_login || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])): ?>
	<form method="post" action="<?= get_uri('/login') ?>">
		<fieldset>
			<legend><?= __('Enter login credentials') ?></legend>
			<?php if (!empty($login_error)): ?>
			<ul class="errorlist"><li><?= $login_error ?></li></ul>
			<?php endif; ?>
			<p>
				<label for="id_username"><?= __('User name or primary email address') . ':'; ?></label>
				<input id="id_username" type="text" name="user" size="30" maxlength="<?= max(config_get_int('options', 'username_max_len'), 254); ?>" value="<?php if (isset($_POST['user'])) { print htmlspecialchars($_POST['user'], ENT_QUOTES); } ?>" autofocus="autofocus" />
			</p>
			<p>
				<label for="id_password"><?= __('Password') . ':'; ?></label>
				<input id="id_password" type="password" name="passwd" size="30" />
			</p>
			<p>
				<input type="checkbox" name="remember_me" id="id_remember_me" />
				<label for="id_remember_me"><?= __("Remember me"); ?></label>
			</p>
			<p>
				<input type="submit" class="button" value="<?php  print __("Login"); ?>" />
				<a href="<?= get_uri('/passreset/') ?>">[<?= __('Forgot Password') ?>]</a>
				<?php if (config_get('sso', 'openid_configuration')):
					$sso_login_url = get_uri('/sso/login');
					if (isset($referer))
						$sso_login_url .= '?redirect=' . urlencode($referer);
				?>
				<a href="<?= htmlspecialchars($sso_login_url, ENT_QUOTES) ?>">[<?= __('Login through SSO') ?>]</a>
				<?php endif; ?>
				<?php if (isset($referer)): ?>
				<input id="id_referer" type="hidden" name="referer" value="<?= htmlspecialchars($referer, ENT_QUOTES) ?>" />
				<?php endif; ?>
			</p>
		</fieldset>
	</form>
	<?php else: ?>
	<p>
		<?php printf(__("HTTP login is disabled. Please %sswitch to HTTPs%s if you want to login."),
			'<a href="' . get_uri('/login', true) . '">', '</a>'); ?>
	</p>
	<?php endif; ?>
</div>
<?php
html_footer(AURWEB_VERSION);