| <?php |
| /******************************************************************************* |
| * Copyright (c) 2012-2014 Eclipse Foundation and others. |
| * All rights reserved. This program and the accompanying materials |
| * are made available under the terms of the Eclipse Public License v1.0 |
| * which accompanies this distribution, and is available at |
| * http://www.eclipse.org/legal/epl-v10.html |
| * |
| * Contributors: |
| * Denis Roy (Eclipse Foundation)- initial API and implementation |
| *******************************************************************************/ |
| |
| require_once($_SERVER['DOCUMENT_ROOT'] . "/eclipse.org-common/system/app.class.php"); |
| require_once($_SERVER['DOCUMENT_ROOT'] . "/eclipse.org-common/system/nav.class.php"); |
| require_once($_SERVER['DOCUMENT_ROOT'] . "/eclipse.org-common/system/menu.class.php"); |
| require_once($_SERVER['DOCUMENT_ROOT'] . "/site_login/classes/account_creator.class.php"); |
| |
| $App = new App(); |
| $Nav = new Nav(); |
| $Menu = new Menu(); |
| include("_projectCommon.php"); |
| $error = ""; |
| |
| $App->preventCaching(); |
| |
| header("Content-type: text/html; charset=utf-8"); |
| $pageTitle = "Eclipse Login"; |
| $pageKeywords = "eclipse,friends,login,account,signon,sign-on"; |
| $pageAuthor = "Eclipse Foundation, Inc."; |
| |
| $username = $App->getHTTPParameter("username", "POST"); |
| $password = $App->getHTTPParameter("password", "POST"); |
| # $remember = $App->getHTTPParameter("remember", "POST") ? "checked='checked'" : ""; |
| $remember = $App->getHTTPParameter("remember", "POST"); |
| $submit = $App->getHTTPParameter("submit"); |
| $takemeback = urldecode($App->getHTTPParameter("takemeback", "POST")); |
| $githubid = $App->getHTTPParameter("githubid", "POST"); |
| |
| # Sanitize takemeback for XSS |
| $takemeback = preg_replace($xss_patterns, '', $takemeback); |
| |
| # $username = preg_replace($xss_patterns, '', $username); |
| if(!preg_match($email_regexp, $username) && $submit == "Login") { |
| $submit = ""; |
| $email = ""; |
| $username = preg_replace($xss_patterns, '', $username); |
| $error = "Your email address does not appear to be valid."; |
| } |
| $password = preg_replace($xss_patterns, '', $password); |
| if(!is_numeric($remember)) { |
| $remember = 0; |
| } |
| $includefile = "content/en_" . $App->getScriptName(); |
| |
| if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) { |
| $password = stripslashes($password); |
| } |
| |
| |
| # Takemeback processing |
| $referer = ""; |
| if(isset($_SERVER['HTTP_REFERER'])) { |
| $referer = $_SERVER['HTTP_REFERER']; |
| } |
| # Coming from the Wiki? Redirect to Special:Userlogin to finish processign |
| if(preg_match("/^(http|https):\/\/(wiki|wikitest)\.eclipse\.org\//", $referer, $matches)) { |
| $location = substr($referer, strlen($matches[0])); |
| #strip 'extra' index data bug 308257 |
| $location = preg_replace("/index\.php\?title\=/","",$location); |
| $referer = $matches[0] . "index.php?title=Special:Userlogin&action=submitlogin&type=login&returnto=" . $location ; |
| } |
| # Forum login process broken with bad redirect |
| # Bug 430302 |
| if(preg_match("#^https?://.*eclipse.org/forums/index.php\?t=login#", $referer, $matches)) { |
| $referer = "https://www.eclipse.org/forums/index.php/l/"; |
| $takemeback = $referer; |
| } |
| if($takemeback == "") { |
| $takemeback = $referer; |
| } |
| |
| # Since we use a secure cookie, anything http should be sent back https. |
| if(preg_match("#^http://(.*)#", $takemeback, $matches)) { |
| $takemeback = "https://" . $matches[1]; |
| } |
| |
| # Bug 421097 |
| if( |
| (!preg_match('#^https?://[\w+\.0-9-]{0,}eclipse.org/#', $takemeback) && |
| !preg_match('#^https?://[\w+\.0-9-]{0,}planeteclipse.org/#', $takemeback) && |
| !preg_match('#^https?://[\w+\.0-9-]{0,}locationtech.org/#', $takemeback) && |
| !preg_match('#^https?://[\w+\.0-9-]{0,}polarsys.org/#', $takemeback)) |
| || (preg_match('#^https?://[\w+\.0-9-]{0,}dev.eclipse.org/site_login/#', $takemeback)) |
| ) { |
| $takemeback = ""; |
| } |
| # End of takemeback processing |
| |
| require_once($_SERVER['DOCUMENT_ROOT'] . "/eclipse.org-common/classes/friends/friend.class.php"); |
| require_once($_SERVER['DOCUMENT_ROOT'] . "/eclipse.org-common/system/session.class.php"); |
| require_once('/home/data/httpd/eclipse-php-classes/system/ldapconnection.class.php'); |
| $Friend = new Friend(); |
| $ldapconn = new LDAPConnection(); |
| |
| # bug 432822 - if someone is already logged in, send them to their account info page |
| $Session = $App->useSession(); |
| if ($Session->getGID() != "") { |
| if ($takemeback == "") { |
| header("Location: myaccount.php", TRUE, 307); |
| } |
| else { |
| header("Location: " . $takemeback, TRUE, 307); |
| } |
| exit; |
| } |
| |
| if($submit == "Login") { |
| $username = trim($username); |
| |
| $dn = $ldapconn->authenticate($username, $password); |
| if($dn) { |
| |
| $email = $username; |
| |
| # If you've logged in with your uid, we need to get the email. |
| if(!preg_match("/@/", $username)) { |
| $email = $ldapconn->getLDAPAttribute($dn, "mail"); |
| } |
| |
| $Friend->getIsCommitter(); |
| |
| # Look up BZ ID |
| $sql = "SELECT /* USE MASTER */ userid FROM profiles where login_name = " . $App->returnQuotedString($App->sqlSanitize($email)); |
| $rs = $App->bugzilla_sql($sql); |
| if ($myrow = mysql_fetch_assoc($rs)) { |
| $Friend->setBugzillaID($myrow['userid']); |
| |
| # Load up Friend info |
| $Friend->selectFriend($Friend->selectFriendID("Bugzilla_ID", $myrow['userid'])); |
| } |
| else { |
| |
| # Try to log into Bugzilla using these credentials |
| # This will create one |
| # creating one is important, since not all our sites use LDAP auth, and some rely on BZ auth |
| $AccountCreator = New AccountCreator(); |
| $AccountCreator->setUsername($email); |
| $AccountCreator->setPassword($password); |
| $AccountCreator->execute(); |
| |
| # create/update Gerrit account |
| # Bug 421319 |
| # sleep(1); # not needed if we take the time to log into Gerrit |
| $AccountCreator = New AccountCreator(); |
| $AccountCreator->setUrl('https://git.eclipse.org/r/login/q/status:open,n,z'); |
| $AccountCreator->setAccountType('gerrit'); |
| $AccountCreator->setUsername($email); |
| $AccountCreator->setPassword($password); |
| $http_code = $AccountCreator->execute(); |
| # TODO: verify that account was created (see bugzilla SQL below) |
| |
| |
| # Get BZ ID now that an acct should be created |
| $sql = "SELECT /* USE MASTER */ userid FROM profiles where login_name = " . $App->returnQuotedString($App->sqlSanitize($email)); |
| $rs = $App->bugzilla_sql($sql); |
| if ($myrow = mysql_fetch_assoc($rs)) { |
| $Friend->setBugzillaID($myrow['userid']); |
| |
| # Load up Friend info |
| $Friend->selectFriend($Friend->selectFriendID("Bugzilla_ID", $myrow['userid'])); |
| # TODO: log successful creation |
| } |
| else { |
| $EventLog = new EvtLog(); |
| $EventLog->setLogTable("bugs"); |
| $EventLog->setPK1($username); |
| $EventLog->setPK2($sql); |
| $EventLog->setLogAction("AUTH_BZID_NOT_FOUND"); |
| $EventLog->insertModLog($dn); |
| $Friend->setBugzillaID(41806); # Nobody. |
| } |
| } |
| |
| # Override loaded friends info with LDAP info |
| $Friend->setFirstName($ldapconn->getLDAPAttribute($dn, "givenName")); |
| $Friend->setLastName($ldapconn->getLDAPAttribute($dn, "sn")); |
| $realname = $Friend->getFirstName() . " " . $Friend->getLastName(); |
| $Friend->setDn($dn); |
| $Friend->setEMail($email); |
| $pageTitle = "Welcome Back, " . $Friend->getFirstName() . "!"; |
| $Session = new Session($remember); |
| $Session->setFriend($Friend); |
| $Session->create(); |
| |
| # Only temporarily, re-hash the password in Bugzilla so that other services can use it |
| $bzpass = &generateBugzillaSHA256Password($password); |
| $App->bugzilla_sql("SET NAMES 'utf8'"); |
| $SQL = "UPDATE profiles SET cryptpassword='" . $App->sqlSanitize($bzpass) . "', realname='" . $App->sqlSanitize($realname) . "' WHERE login_name = " . $App->returnQuotedString($App->sqlSanitize($email)) . " LIMIT 1"; |
| $App->bugzilla_sql($SQL); |
| |
| //if the take me back cookie isn't already set, set it |
| if ( !isset($_COOKIE['TAKEMEBACK']) ) { |
| setcookie("TAKEMEBACK", $takemeback, 0, "/", ".eclipse.org"); |
| } |
| |
| # Begin: Bug 432830 - Remove the continue button in site_login |
| |
| if($takemeback != "") { |
| header("Location: " . $takemeback); |
| exit; |
| } |
| else { |
| # load up values for the welcomeback form |
| $oldpassword = $password; |
| $password1 = $password; |
| $password2 = $password; |
| $fname = $Friend->getFirstName(); |
| $lname = $Friend->getLastName(); |
| $githubid = $ldapconn->getGithubIDFromMail($Friend->getEmail()); |
| |
| $includefile = "content/en_welcomeback2.php"; |
| } |
| # END: Bug 432830 - Remove the continue button in site_login |
| } |
| else { |
| $error = "Authentication Failed. Please verify that your email address and password are correct."; |
| } |
| } |
| |
| include($includefile); |
| # Generate the web page |
| $App->setGoogleAnalyticsTrackingCode(NULL); |
| $App->generatePage($theme, $Menu, $Nav, $pageAuthor, $pageKeywords, $pageTitle, $html); |