openstamanager/index.php

225 lines
7.7 KiB
PHP
Raw Permalink Normal View History

<?php
2020-09-07 15:04:06 +02:00
/*
* OpenSTAManager: il software gestionale open source per l'assistenza tecnica e la fatturazione
2021-01-20 15:08:51 +01:00
* Copyright (C) DevCode s.r.l.
2020-09-07 15:04:06 +02:00
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
$skip_permissions = true;
include_once __DIR__.'/core.php';
2022-05-31 17:56:54 +02:00
use Carbon\Carbon;
2024-02-06 16:27:00 +01:00
use Illuminate\Database\QueryException;
2022-05-31 17:56:54 +02:00
$op = filter('op');
2024-01-31 00:13:46 +01:00
$microsoft = null;
2024-02-06 16:27:00 +01:00
if ($dbo->isConnected()) {
try {
$microsoft = $dbo->selectOne('zz_oauth2', '*', ['nome' => 'Microsoft', 'enabled' => 1, 'is_login' => 1]);
2024-02-06 17:25:50 +01:00
} catch (QueryException $e) {
2024-02-06 16:27:00 +01:00
}
2024-01-31 14:23:46 +01:00
}
2024-01-31 00:13:46 +01:00
// LOGIN
switch ($op) {
case 'login':
$username = post('username');
2023-11-17 16:41:52 +01:00
$password = $_POST['password'];
2018-09-20 12:05:22 +02:00
if ($dbo->isConnected() && $dbo->isInstalled() && auth()->attempt($username, $password)) {
2019-08-28 09:28:08 +02:00
$_SESSION['keep_alive'] = true;
2021-02-18 18:48:44 +01:00
if (intval(setting('Inizio periodo calendario'))) {
2022-05-31 17:56:54 +02:00
$_SESSION['period_start'] = Carbon::createFromFormat('d/m/Y', setting('Inizio periodo calendario'))->format('Y-m-d');
2021-02-18 18:48:44 +01:00
} else {
$_SESSION['period_start'] = date('Y').'-01-01';
}
2021-02-18 18:48:44 +01:00
if (intval(setting('Fine periodo calendario'))) {
2022-05-31 17:56:54 +02:00
$_SESSION['period_end'] = Carbon::createFromFormat('d/m/Y', setting('Fine periodo calendario'))->format('Y-m-d');
2021-02-18 18:48:44 +01:00
} else {
$_SESSION['period_end'] = date('Y').'-12-31';
}
2024-01-15 15:30:45 +01:00
// Rimozione log vecchi
// $dbo->query('DELETE FROM `zz_operations` WHERE DATE_ADD(`created_at`, INTERVAL 30*24*60*60 SECOND) <= NOW()');
2018-07-08 16:18:44 +02:00
} else {
2018-09-20 12:05:22 +02:00
$status = auth()->getCurrentStatus();
2018-07-08 16:18:44 +02:00
2018-07-19 17:29:21 +02:00
flash()->error(Auth::getStatus()[$status]['message']);
2018-07-08 16:18:44 +02:00
redirect(base_path().'/index.php');
2024-01-15 15:30:45 +01:00
exit;
}
break;
case 'logout':
Auth::logout();
redirect(base_path().'/index.php');
2024-01-15 15:30:45 +01:00
exit;
}
if (Auth::check() && isset($dbo) && $dbo->isConnected() && $dbo->isInstalled()) {
$module = Auth::firstModule();
if (!empty($module)) {
redirect(base_path().'/controller.php?id_module='.$module);
} else {
redirect(base_path().'/index.php?op=logout');
}
2024-01-15 15:30:45 +01:00
exit;
}
// Modalità manutenzione
if (!empty($config['maintenance_ip'])) {
include_once base_dir().'/include/init/maintenance.php';
}
// Procedura di installazione
include_once base_dir().'/include/init/configuration.php';
// Procedura di aggiornamento
include_once base_dir().'/include/init/update.php';
// Procedura di inizializzazione
include_once base_dir().'/include/init/init.php';
$pageTitle = tr('Login');
2018-06-26 09:41:43 +02:00
include_once App::filepath('include|custom|', 'top.php');
// Controllo se è una beta e in caso mostro un warning
if (Update::isBeta()) {
echo '
2024-05-16 18:02:50 +02:00
<div class="clearfix"></div>
<div class="alert alert-warning alert-dismissible col-md-6 offset-md-3 text-center show">
<i class="fa fa-exclamation-triangle"></i> <strong>'.tr('Attenzione!').'</strong> '.tr('Stai utilizzando una versione <b>non stabile</b> di OSM.').'
<button aria-hidden="true" data-dismiss="alert" class="close" type="button">×</button>
2024-05-16 18:02:50 +02:00
</div>';
}
// Controllo se è una beta e in caso mostro un warning
if (Auth::isBrute()) {
2024-05-21 16:26:19 +02:00
echo '
2024-05-16 18:02:50 +02:00
<div class="box box-danger" id="brute">
<div class="box-header with-border text-center">
<h3 class="box-title">'.tr('Attenzione').'</h3>
</div>
<div class="box-body text-center">
<p>'.tr('Sono stati effettuati troppi tentativi di accesso consecutivi!').'</p>
2024-05-21 16:26:19 +02:00
<p>'.tr('Tempo rimanente (in secondi)').': <span id="brute-timeout">'.(Auth::getBruteTimeout() + 1).'</span></p>
2024-05-16 18:02:50 +02:00
</div>
</div>
<script>
$(document).ready(function(){
$(".login-box").hide();
brute();
});
function brute() {
var value = parseFloat($("#brute-timeout").text()) - 1;
$("#brute-timeout").text(value);
if(value > 0){
setTimeout(brute, 1000);
} else {
$("#brute").fadeOut();
$(".login-box").fadeIn();
}
}
</script>';
}
2018-07-19 17:29:21 +02:00
if (!empty(flash()->getMessage('error'))) {
echo '
<script>
2024-05-16 18:02:50 +02:00
$(document).ready(function(){
$(".login-box").addClass("animated shake");
});
</script>';
}
echo '
2024-01-13 00:21:37 +01:00
<form action="?op=login" method="post" autocomplete="off">
2024-07-16 15:42:39 +02:00
<div class="login-box card-center-medium">
2024-05-17 17:27:12 +02:00
<div class="card card-outline card-orange">
<div class="card-header text-center">
<img src="'.App::getPaths()['img'].'/logo_completo.png" alt="'.tr('OpenSTAManager, il software gestionale open source per assistenza tecnica e fatturazione elettronica').'" class="img-fluid">
</div>
<div class="card-body">
<p class="login-box-msg">'.tr('Accedi con le tue credenziali').'</p>
<div class="input-group mb-3">
<input type="text" name="username" autocomplete="username" class="form-control" placeholder="'.tr('Nome utente').'"';
if (isset($username)) {
echo ' value="'.$username.'"';
}
2024-01-26 17:00:02 +01:00
2021-02-18 18:48:44 +01:00
echo ' required>
2024-05-17 17:27:12 +02:00
<div class="input-group-append">
<div class="input-group-text">
<i class="fa fa-user"></i>
</div>
</div>
</div>
2024-05-22 08:49:14 +02:00
<div class="mb-3">
2024-05-17 17:27:12 +02:00
{[ "type": "password", "name": "password", "autocomplete": "current-password", "placeholder": "'.tr('Password').'" ]}
</div>
<button type="submit" class="btn btn-danger btn-block btn-flat">'.tr('Accedi').'</button>
<br>
<p><a href="'.base_path().'/reset.php">'.tr('Password dimenticata?').'</a></p>';
2024-01-31 14:23:46 +01:00
if ($microsoft) {
echo '
2024-01-26 17:00:02 +01:00
<div class="social-auth-links text-center">
<p>- oppure -</p>
<a href="'.base_path().'/oauth2_login.php?id='.$microsoft['id'].'" class="btn btn-block btn-social btn-primary btn-flat"><i class="fa fa-windows"></i>'.tr('Accedi con Microsoft').'</a>
</div>';
2024-01-31 14:23:46 +01:00
}
echo '
2024-01-26 17:00:02 +01:00
</div>
</div>
</form>
<!-- /.box -->
<script>
$(document).ready( function(){
$("#login").click(function(){
2019-08-26 18:02:05 +02:00
$("#login").text("'.tr('Autenticazione').'...");
});
if( $("input[name=username]").val() == ""){
$("input[name=username]").focus();
}
else{
$("input[name=password]").focus();
}
});
</script>';
2022-05-16 17:17:05 +02:00
$custom_css = $dbo->isInstalled() ? html_entity_decode(setting('CSS Personalizzato')) : '';
if (!empty($custom_css)) {
echo '
<style>'.$custom_css.'</style>';
}
2018-06-26 09:41:43 +02:00
include_once App::filepath('include|custom|', 'bottom.php');