2017-08-04 16:28:16 +02:00
< ? php
2020-09-07 15:04:06 +02:00
/*
* OpenSTAManager : il software gestionale open source per l ' assistenza tecnica e la fatturazione
2021-01-20 15:08:51 +01:00
* Copyright ( C ) DevCode s . r . l .
2020-09-07 15:04:06 +02:00
*
* This program is free software : you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation , either version 3 of the License , or
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
* along with this program . If not , see < https :// www . gnu . org / licenses />.
*/
2017-08-04 16:28:16 +02:00
$skip_permissions = true ;
include_once __DIR__ . '/core.php' ;
2022-05-31 17:56:54 +02:00
use Carbon\Carbon ;
2024-02-06 16:27:00 +01:00
use Illuminate\Database\QueryException ;
2022-05-31 17:56:54 +02:00
2017-08-04 16:28:16 +02:00
$op = filter ( 'op' );
2024-01-31 00:13:46 +01:00
$microsoft = null ;
2024-02-06 16:27:00 +01:00
if ( $dbo -> isConnected ()) {
try {
$microsoft = $dbo -> selectOne ( 'zz_oauth2' , '*' , [ 'nome' => 'Microsoft' , 'enabled' => 1 , 'is_login' => 1 ]);
2024-02-06 17:25:50 +01:00
} catch ( QueryException $e ) {
2024-02-06 16:27:00 +01:00
}
2024-01-31 14:23:46 +01:00
}
2024-01-31 00:13:46 +01:00
2017-08-04 16:28:16 +02:00
// LOGIN
switch ( $op ) {
case 'login' :
2017-09-12 09:57:02 +02:00
$username = post ( 'username' );
2023-11-17 16:41:52 +01:00
$password = $_POST [ 'password' ];
2018-03-03 15:03:28 +01:00
2018-09-20 12:05:22 +02:00
if ( $dbo -> isConnected () && $dbo -> isInstalled () && auth () -> attempt ( $username , $password )) {
2019-08-28 09:28:08 +02:00
$_SESSION [ 'keep_alive' ] = true ;
2017-08-04 16:28:16 +02:00
2021-02-18 18:48:44 +01:00
if ( intval ( setting ( 'Inizio periodo calendario' ))) {
2022-05-31 17:56:54 +02:00
$_SESSION [ 'period_start' ] = Carbon :: createFromFormat ( 'd/m/Y' , setting ( 'Inizio periodo calendario' )) -> format ( 'Y-m-d' );
2021-02-18 18:48:44 +01:00
} else {
2021-01-07 18:39:40 +01:00
$_SESSION [ 'period_start' ] = date ( 'Y' ) . '-01-01' ;
}
2021-02-18 18:48:44 +01:00
if ( intval ( setting ( 'Fine periodo calendario' ))) {
2022-05-31 17:56:54 +02:00
$_SESSION [ 'period_end' ] = Carbon :: createFromFormat ( 'd/m/Y' , setting ( 'Fine periodo calendario' )) -> format ( 'Y-m-d' );
2021-02-18 18:48:44 +01:00
} else {
2021-01-07 18:39:40 +01:00
$_SESSION [ 'period_end' ] = date ( 'Y' ) . '-12-31' ;
}
2024-01-15 15:30:45 +01:00
// Rimozione log vecchi
// $dbo->query('DELETE FROM `zz_operations` WHERE DATE_ADD(`created_at`, INTERVAL 30*24*60*60 SECOND) <= NOW()');
2018-07-08 16:18:44 +02:00
} else {
2018-09-20 12:05:22 +02:00
$status = auth () -> getCurrentStatus ();
2018-07-08 16:18:44 +02:00
2018-07-19 17:29:21 +02:00
flash () -> error ( Auth :: getStatus ()[ $status ][ 'message' ]);
2018-07-08 16:18:44 +02:00
2020-09-23 17:53:19 +02:00
redirect ( base_path () . '/index.php' );
2024-01-15 15:30:45 +01:00
exit ;
2017-08-04 16:28:16 +02:00
}
2018-03-03 15:03:28 +01:00
2017-08-04 16:28:16 +02:00
break ;
case 'logout' :
Auth :: logout ();
2020-09-23 17:53:19 +02:00
redirect ( base_path () . '/index.php' );
2024-01-15 15:30:45 +01:00
exit ;
2017-08-04 16:28:16 +02:00
}
if ( Auth :: check () && isset ( $dbo ) && $dbo -> isConnected () && $dbo -> isInstalled ()) {
2017-08-07 13:07:18 +02:00
$module = Auth :: firstModule ();
2017-08-04 16:28:16 +02:00
if ( ! empty ( $module )) {
2020-09-23 17:53:19 +02:00
redirect ( base_path () . '/controller.php?id_module=' . $module );
2017-08-04 16:28:16 +02:00
} else {
2020-09-23 17:53:19 +02:00
redirect ( base_path () . '/index.php?op=logout' );
2017-08-04 16:28:16 +02:00
}
2024-01-15 15:30:45 +01:00
exit ;
2017-08-04 16:28:16 +02:00
}
2023-09-04 14:37:52 +02:00
// Modalità manutenzione
if ( ! empty ( $config [ 'maintenance_ip' ])) {
include_once base_dir () . '/include/init/maintenance.php' ;
}
2018-03-03 15:03:28 +01:00
// Procedura di installazione
2020-09-23 13:36:37 +02:00
include_once base_dir () . '/include/init/configuration.php' ;
2017-08-04 16:28:16 +02:00
2018-03-03 15:03:28 +01:00
// Procedura di aggiornamento
2020-09-23 13:36:37 +02:00
include_once base_dir () . '/include/init/update.php' ;
2018-07-03 11:12:32 +02:00
// Procedura di inizializzazione
2020-09-23 13:36:37 +02:00
include_once base_dir () . '/include/init/init.php' ;
2017-08-04 16:28:16 +02:00
2017-09-04 12:02:29 +02:00
$pageTitle = tr ( 'Login' );
2017-08-04 16:28:16 +02:00
2018-06-26 09:41:43 +02:00
include_once App :: filepath ( 'include|custom|' , 'top.php' );
2017-08-04 16:28:16 +02:00
// Controllo se è una beta e in caso mostro un warning
2018-09-04 12:30:22 +02:00
if ( Update :: isBeta ()) {
2017-08-04 16:28:16 +02:00
echo '
2018-04-13 17:46:13 +02:00
< div class = " clearfix " >& nbsp ; </ div >
2018-04-06 17:39:56 +02:00
< div class = " alert alert-warning alert-dismissable col-md-6 col-md-push-3 text-center fade in " >
2017-09-04 12:02:29 +02:00
< i class = " fa fa-warning " ></ i > < b > '.tr(' Attenzione ! ').' </ b > '.tr(' Stai utilizzando una versione < b > non stabile </ b > di OSM . ').'
2017-08-04 16:28:16 +02:00
< button aria - hidden = " true " data - dismiss = " alert " class = " close " type = " button " > × </ button >
</ div > ' ;
}
2017-09-04 10:24:44 +02:00
// Controllo se è una beta e in caso mostro un warning
if ( Auth :: isBrute ()) {
echo '
< div class = " box box-danger box-center " id = " brute " >
< div class = " box-header with-border text-center " >
2017-09-04 12:02:29 +02:00
< h3 class = " box-title " > '.tr(' Attenzione ').' </ h3 >
2017-09-04 10:24:44 +02:00
</ div >
< div class = " box-body text-center " >
2017-09-04 12:02:29 +02:00
< p > '.tr(' Sono stati effettuati troppi tentativi di accesso consecutivi ! ').' </ p >
< p > '.tr(' Tempo rimanente ( in secondi ) ').' : < span id = " brute-timeout " > '.(Auth::getBruteTimeout() + 1).' </ span ></ p >
2017-09-04 10:24:44 +02:00
</ div >
</ div >
< script >
$ ( document ) . ready ( function (){
$ ( " .login-box " ) . fadeOut ();
brute ();
});
function brute () {
var value = parseFloat ( $ ( " #brute-timeout " ) . html ()) - 1 ;
$ ( " #brute-timeout " ) . html ( value );
if ( value > 0 ){
setTimeout ( " brute() " , 1000 );
} else {
$ ( " #brute " ) . fadeOut ();
$ ( " .login-box " ) . fadeIn ();
}
}
</ script > ' ;
}
2018-07-19 17:29:21 +02:00
if ( ! empty ( flash () -> getMessage ( 'error' ))) {
2017-08-04 16:28:16 +02:00
echo '
< script >
$ ( document ) . ready ( function (){
$ ( " .login-box " ) . effect ( " shake " );
});
</ script > ' ;
}
echo '
2024-01-13 00:21:37 +01:00
< form action = " ?op=login " method = " post " autocomplete = " off " >
< div class = " login-box " >
< div class = " login-logo " >
< img src = " '.App::getPaths()['img'].'/logo_completo.png " class = " img-responsive " alt = " '.tr('OpenSTAManager, il software gestionale open source per assistenza tecnica e fatturazione elettronica').' " >
</ div >
2018-04-13 17:46:13 +02:00
2024-01-13 00:21:37 +01:00
< div class = " login-box-body " >
< p class = " login-box-msg " > '.tr(' Accedi con le tue credenziali ').' </ p >
< div class = " form-group has-feedback " >
< input type = " text " name = " username " autocomplete = " username " class = " form-control " placeholder = " '.tr('Nome utente').' " ' ;
2017-08-04 16:28:16 +02:00
if ( isset ( $username )) {
echo ' value="' . $username . '"' ;
}
2024-01-26 17:00:02 +01:00
2021-02-18 18:48:44 +01:00
echo ' required >
2024-01-13 00:21:37 +01:00
< span class = " form-control-feedback " >< i class = " fa fa-user " ></ i > </ span >
</ div >
2020-09-07 15:04:06 +02:00
2024-01-13 00:21:37 +01:00
< div class = " form-group has-feedback " >
{[ " type " : " password " , " name " : " password " , " autocomplete " : " current-password " , " placeholder " : " '.tr('Password').' " ]}
</ div >
2020-09-07 15:04:06 +02:00
2024-01-13 00:21:37 +01:00
< button type = " submit " class = " btn btn-danger btn-block btn-flat " > '.tr(' Accedi ').' </ button >
< br >
2024-01-26 17:00:02 +01:00
< p >< a href = " '.base_path().'/reset.php " > '.tr(' Password dimenticata ? ').' </ a ></ p > ' ;
2024-01-31 14:23:46 +01:00
if ( $microsoft ) {
echo '
2024-01-26 17:00:02 +01:00
< div class = " social-auth-links text-center " >
< p >- oppure -</ p >
< a href = " '.base_path().'/oauth2_login.php?id='. $microsoft['id'] .' " class = " btn btn-block btn-social btn-primary btn-flat " >< i class = " fa fa-windows " ></ i > '.tr(' Accedi con Microsoft ').' </ a >
</ div > ' ;
2024-01-31 14:23:46 +01:00
}
echo '
2024-01-26 17:00:02 +01:00
</ div >
2017-08-04 16:28:16 +02:00
</ div >
</ form >
<!-- /. box -->
< script >
$ ( document ) . ready ( function (){
$ ( " #login " ) . click ( function (){
2019-08-26 18:02:05 +02:00
$ ( " #login " ) . text ( " '.tr('Autenticazione').'... " );
2017-08-04 16:28:16 +02:00
});
if ( $ ( " input[name=username] " ) . val () == " " ){
$ ( " input[name=username] " ) . focus ();
}
else {
$ ( " input[name=password] " ) . focus ();
}
});
</ script > ' ;
2022-05-16 17:17:05 +02:00
$custom_css = $dbo -> isInstalled () ? html_entity_decode ( setting ( 'CSS Personalizzato' )) : '' ;
2022-03-05 15:26:21 +01:00
if ( ! empty ( $custom_css )) {
echo '
< style > '.$custom_css.' </ style > ' ;
}
2018-06-26 09:41:43 +02:00
include_once App :: filepath ( 'include|custom|' , 'bottom.php' );