diff --git a/interface/web/content.php b/interface/web/content.php
index ea23f5a2523c8f3e75266cf388601ca421b9ae23..8a63e57cb2855f1adf87e51d1ebd1faf5b6902c0 100644
--- a/interface/web/content.php
+++ b/interface/web/content.php
@@ -36,8 +36,8 @@ $module = $_REQUEST["s_mod"];
$page = $_REQUEST["s_pg"];
*/
-$module = 'login';
-$page = 'index';
+$module = 'dashboard';
+$page = 'dashboard';
if(!preg_match("/^[a-z]{2,20}$/i", $module)) die('module name contains unallowed chars.');
if(!preg_match("/^[a-z]{2,20}$/i", $page)) die('page name contains unallowed chars.');
diff --git a/interface/web/index.php b/interface/web/index.php
index 7cdf5bd06e65dd59677e0852a446bed92076531f..634046758adb841deb2057648709f96e1e7379d2 100644
--- a/interface/web/index.php
+++ b/interface/web/index.php
@@ -31,7 +31,13 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
require_once '../lib/config.inc.php';
require_once '../lib/app.inc.php';
-if(!isset($_SESSION['s']['module']['name'])) $_SESSION['s']['module']['name'] = 'login';
+// Check if we have an active users ession and redirect to login if thats not the case.
+if($_SESSION['s']['user']['active'] != 1) {
+ header('Location: /login/');
+ die();
+}
+
+if(!isset($_SESSION['s']['module']['name'])) $_SESSION['s']['module']['name'] = 'dashboard';
$app->uses('tpl');
$app->tpl->newTemplate('main.tpl.htm');
diff --git a/interface/web/login/index.php b/interface/web/login/index.php
index ddc6cfb34dab0cb1cfcae25082934a904b111fbf..6dd838a3d070f49c188b9efcc2805b47ace6b10b 100644
--- a/interface/web/login/index.php
+++ b/interface/web/login/index.php
@@ -1,7 +1,7 @@
<?php
/*
-Copyright (c) 2005, Till Brehm, projektfarm Gmbh
+Copyright (c) 2005 - 2015, Till Brehm, ISPConfig UG
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
@@ -28,331 +28,330 @@ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-//
-
-class login_index {
-
- public $status = '';
- private $target = '';
- private $app;
- private $conf;
-
- public function render() {
-
- global $app, $conf;
-
- /* Redirect to page, if login form was NOT send */
- if(count($_POST) == 0) {
- if(isset($_SESSION['s']['user']) && is_array($_SESSION['s']['user']) && is_array($_SESSION['s']['module'])) {
- die('HEADER_REDIRECT:'.$_SESSION['s']['module']['startpage']);
- }
- }
-
- $app->uses('tpl');
- $app->tpl->newTemplate('form.tpl.htm');
-
- $error = '';
-
- $app->load_language_file('web/login/lib/lang/'.$conf["language"].'.lng');
-
- // Maintenance mode
- $maintenance_mode = false;
- $maintenance_mode_error = '';
- $app->uses('ini_parser,getconf');
- $server_config_array = $app->getconf->get_global_config('misc');
- if($server_config_array['maintenance_mode'] == 'y'){
- $maintenance_mode = true;
- $maintenance_mode_error = $app->lng('error_maintenance_mode');
- }
-
- //* Login Form was sent
- if(count($_POST) > 0) {
-
- //** Check variables
- if(!preg_match("/^[\w\.\-\_\@]{1,128}$/", $_POST['username'])) $error = $app->lng('user_regex_error');
- if(!preg_match("/^.{1,64}$/i", $_POST['passwort'])) $error = $app->lng('pw_error_length');
-
- //** iporting variables
- $ip = ip2long($_SERVER['REMOTE_ADDR']);
- $username = $_POST['username'];
- $passwort = $_POST['passwort'];
- $loginAs = false;
- $time = time();
-
- if($username != '' && $passwort != '' && $error == '') {
+require_once '../../lib/config.inc.php';
+require_once '../../lib/app.inc.php';
+
+// Check if we have an active users ession and no login_as.
+if($_SESSION['s']['user']['active'] == 1 && @$_POST['login_as'] != 1) {
+ header('Location: /index.php');
+ die();
+}
+
+$app->uses('tpl');
+$app->tpl->newTemplate('main_login.tpl.htm');
+$app->tpl->setInclude('content_tpl', 'templates/index.htm');
+
+$error = '';
+
+$app->load_language_file('web/login/lib/lang/'.$conf["language"].'.lng');
+
+// Maintenance mode
+$maintenance_mode = false;
+$maintenance_mode_error = '';
+$app->uses('ini_parser,getconf');
+$server_config_array = $app->getconf->get_global_config('misc');
+if($server_config_array['maintenance_mode'] == 'y'){
+ $maintenance_mode = true;
+ $maintenance_mode_error = $app->lng('error_maintenance_mode');
+}
+
+//* Login Form was sent
+if(count($_POST) > 0) {
+
+ //** Check variables
+ if(!preg_match("/^[\w\.\-\_\@]{1,128}$/", $_POST['username'])) $error = $app->lng('user_regex_error');
+ if(!preg_match("/^.{1,64}$/i", $_POST['password'])) $error = $app->lng('pw_error_length');
+
+ //** importing variables
+ $ip = ip2long($_SERVER['REMOTE_ADDR']);
+ $username = $_POST['username'];
+ $password = $_POST['password'];
+ $loginAs = false;
+ $time = time();
+
+ if($username != '' && $password != '' && $error == '') {
+ /*
+ * Check, if there is a "login as" instead of a "normal" login
+ */
+ if (isset($_SESSION['s']['user']) && $_SESSION['s']['user']['active'] == 1){
+ /*
+ * only the admin or reseller can "login as" so if the user is NOT an admin or reseller, we
+ * open the startpage (after killing the old session), so the user
+ * is logout and has to start again!
+ */
+ if ($_SESSION['s']['user']['typ'] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
/*
- * Check, if there is a "login as" instead of a "normal" login
+ * The actual user is NOT a admin or reseller, but maybe he
+ * has logged in as "normal" user before...
*/
- if (isset($_SESSION['s']['user']) && $_SESSION['s']['user']['active'] == 1){
- /*
- * only the admin or reseller can "login as" so if the user is NOT an admin or reseller, we
- * open the startpage (after killing the old session), so the user
- * is logout and has to start again!
+
+ if (isset($_SESSION['s_old'])&& ($_SESSION['s_old']['user']['typ'] == 'admin' || $app->auth->has_clients($_SESSION['s_old']['user']['userid']))){
+ /* The "old" user is admin or reseller, so everything is ok
+ * if he is reseller, we need to check if he logs in to one of his clients
*/
- if ($_SESSION['s']['user']['typ'] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
- /*
- * The actual user is NOT a admin or reseller, but maybe he
- * has logged in as "normal" user before...
- */
+ if($_SESSION['s_old']['user']['typ'] != 'admin') {
- if (isset($_SESSION['s_old'])&& ($_SESSION['s_old']['user']['typ'] == 'admin' || $app->auth->has_clients($_SESSION['s_old']['user']['userid']))){
- /* The "old" user is admin or reseller, so everything is ok
- * if he is reseller, we need to check if he logs in to one of his clients
- */
- if($_SESSION['s_old']['user']['typ'] != 'admin') {
-
- /* this is the one currently logged in (normal user) */
- $old_client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
- $old_client = $app->db->queryOneRecord("SELECT client.client_id, client.parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $old_client_group_id);
-
- /* this is the reseller, that shall be re-logged in */
- $sql = "SELECT * FROM sys_user WHERE USERNAME = ? and PASSWORT = ?";
- $tmp = $app->db->queryOneRecord($sql, $username, $passwort);
- $client_group_id = $app->functions->intval($tmp['default_group']);
- $tmp_client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
-
- if(!$tmp_client || $old_client["parent_client_id"] != $tmp_client["client_id"] || $tmp["default_group"] != $_SESSION["s_old"]["user"]["default_group"] ) {
- die("You don't have the right to 'login as' this user!");
- }
- unset($old_client);
- unset($tmp_client);
- unset($tmp);
- }
- }
- else {
- die("You don't have the right to 'login as'!");
- }
- } elseif($_SESSION['s']['user']['typ'] != 'admin' && (!isset($_SESSION['s_old']['user']) || $_SESSION['s_old']['user']['typ'] != 'admin')) {
- /* a reseller wants to 'login as', we need to check if he is allowed to */
- $res_client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
- $res_client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $res_client_group_id);
+ /* this is the one currently logged in (normal user) */
+ $old_client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
+ $old_client = $app->db->queryOneRecord("SELECT client.client_id, client.parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $old_client_group_id);
- /* this is the user the reseller wants to 'login as' */
+ /* this is the reseller, that shall be re-logged in */
$sql = "SELECT * FROM sys_user WHERE USERNAME = ? and PASSWORT = ?";
- $tmp = $app->db->queryOneRecord($sql, $username, $passwort);
- $tmp_client = $app->db->queryOneRecord("SELECT client.client_id, client.parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $tmp["default_group"]);
+ $tmp = $app->db->queryOneRecord($sql, $username, $password);
+ $client_group_id = $app->functions->intval($tmp['default_group']);
+ $tmp_client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
- if(!$tmp || $tmp_client["parent_client_id"] != $res_client["client_id"]) {
- die("You don't have the right to login as this user!");
+ if(!$tmp_client || $old_client["parent_client_id"] != $tmp_client["client_id"] || $tmp["default_group"] != $_SESSION["s_old"]["user"]["default_group"] ) {
+ die("You don't have the right to 'login as' this user!");
}
- unset($res_client);
- unset($tmp);
+ unset($old_client);
unset($tmp_client);
+ unset($tmp);
}
- $loginAs = true;
}
else {
- /* normal login */
- $loginAs = false;
+ die("You don't have the right to 'login as'!");
+ }
+ } elseif($_SESSION['s']['user']['typ'] != 'admin' && (!isset($_SESSION['s_old']['user']) || $_SESSION['s_old']['user']['typ'] != 'admin')) {
+ /* a reseller wants to 'login as', we need to check if he is allowed to */
+ $res_client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
+ $res_client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $res_client_group_id);
+
+ /* this is the user the reseller wants to 'login as' */
+ $sql = "SELECT * FROM sys_user WHERE USERNAME = ? and PASSWORT = ?";
+ $tmp = $app->db->queryOneRecord($sql, $username, $password);
+ $tmp_client = $app->db->queryOneRecord("SELECT client.client_id, client.parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $tmp["default_group"]);
+
+ if(!$tmp || $tmp_client["parent_client_id"] != $res_client["client_id"]) {
+ die("You don't have the right to login as this user!");
}
+ unset($res_client);
+ unset($tmp);
+ unset($tmp_client);
+ }
+ $loginAs = true;
+
+ } else {
+ /* normal login */
+ $loginAs = false;
+ }
+
+ //* Check if there are already wrong logins
+ $sql = "SELECT * FROM `attempts_login` WHERE `ip`= ? AND `login_time` > (NOW() - INTERVAL 1 MINUTE) LIMIT 1";
+ $alreadyfailed = $app->db->queryOneRecord($sql, $ip);
+
+ //* too many failedlogins
+ if($alreadyfailed['times'] > 5) {
+ $error = $app->lng('error_user_too_many_logins');
+ } else {
- //* Check if there are already wrong logins
- $sql = "SELECT * FROM `attempts_login` WHERE `ip`= ? AND `login_time` > (NOW() - INTERVAL 1 MINUTE) LIMIT 1";
- $alreadyfailed = $app->db->queryOneRecord($sql, $ip);
- //* too many failedlogins
- if($alreadyfailed['times'] > 5) {
- $error = $app->lng('error_user_too_many_logins');
+ if ($loginAs){
+ $sql = "SELECT * FROM sys_user WHERE USERNAME = ? and PASSWORT = ?";
+ $user = $app->db->queryOneRecord($sql, $username, $password);
+ } else {
+
+ if(stristr($username, '@')) {
+ //* mailuser login
+ $sql = "SELECT * FROM mail_user WHERE login = ? or email = ?";
+ $mailuser = $app->db->queryOneRecord($sql, $username, $username);
+ $user = false;
+ if($mailuser) {
+ $saved_password = stripslashes($mailuser['password']);
+ $salt = '$1$'.substr($saved_password, 3, 8).'$';
+ //* Check if mailuser password is correct
+ if(crypt(stripslashes($password), $salt) == $saved_password) {
+ //* we build a fake user here which has access to the mailuser module only and userid 0
+ $user = array();
+ $user['userid'] = 0;
+ $user['active'] = 1;
+ $user['startmodule'] = 'mailuser';
+ $user['modules'] = 'mailuser';
+ $user['typ'] = 'user';
+ $user['email'] = $mailuser['email'];
+ $user['username'] = $username;
+ $user['language'] = $conf['language'];
+ $user['theme'] = $conf['theme'];
+ $user['app_theme'] = $conf['theme'];
+ $user['mailuser_id'] = $mailuser['mailuser_id'];
+ $user['default_group'] = $mailuser['sys_groupid'];
+ }
+ }
} else {
-
- if ($loginAs){
- $sql = "SELECT * FROM sys_user WHERE USERNAME = ? and PASSWORT = ?";
- $user = $app->db->queryOneRecord($sql, $username, $passwort);
- } else {
- if(stristr($username, '@')) {
- //* mailuser login
- $sql = "SELECT * FROM mail_user WHERE login = ? or email = ?";
- $mailuser = $app->db->queryOneRecord($sql, $username, $username);
- $user = false;
- if($mailuser) {
- $saved_password = stripslashes($mailuser['password']);
- $salt = '$1$'.substr($saved_password, 3, 8).'$';
- //* Check if mailuser password is correct
- if(crypt(stripslashes($passwort), $salt) == $saved_password) {
- //* we build a fake user here which has access to the mailuser module only and userid 0
- $user = array();
- $user['userid'] = 0;
- $user['active'] = 1;
- $user['startmodule'] = 'mailuser';
- $user['modules'] = 'mailuser';
- $user['typ'] = 'user';
- $user['email'] = $mailuser['email'];
- $user['username'] = $username;
- $user['language'] = $conf['language'];
- $user['theme'] = $conf['theme'];
- $user['app_theme'] = $conf['theme'];
- $user['mailuser_id'] = $mailuser['mailuser_id'];
- $user['default_group'] = $mailuser['sys_groupid'];
- }
+ //* normal cp user login
+ $sql = "SELECT * FROM sys_user WHERE USERNAME = ?";
+ $user = $app->db->queryOneRecord($sql, $username);
+ if($user) {
+ $saved_password = stripslashes($user['passwort']);
+ if(substr($saved_password, 0, 3) == '$1$') {
+ //* The password is crypt-md5 encrypted
+ $salt = '$1$'.substr($saved_password, 3, 8).'$';
+ if(crypt(stripslashes($password), $salt) != $saved_password) {
+ $user = false;
}
-
- } else {
- //* normal cp user login
- $sql = "SELECT * FROM sys_user WHERE USERNAME = ?";
- $user = $app->db->queryOneRecord($sql, $username);
-
- if($user) {
- $saved_password = stripslashes($user['passwort']);
-
- if(substr($saved_password, 0, 3) == '$1$') {
- //* The password is crypt-md5 encrypted
- $salt = '$1$'.substr($saved_password, 3, 8).'$';
-
- if(crypt(stripslashes($passwort), $salt) != $saved_password) {
- $user = false;
- }
- } elseif(substr($saved_password, 0, 3) == '$5$') {
- //* The password is crypt-sha256 encrypted
- $salt = '$5$'.substr($saved_password, 3, 16).'$';
-
- if(crypt(stripslashes($passwort), $salt) != $saved_password) {
- $user = false;
- }
- } else {
-
- //* The password is md5 encrypted
- if(md5($passwort) != $saved_password) {
- $user = false;
- }
- }
- } else {
+ } elseif(substr($saved_password, 0, 3) == '$5$') {
+ //* The password is crypt-sha256 encrypted
+ $salt = '$5$'.substr($saved_password, 3, 16).'$';
+ if(crypt(stripslashes($password), $salt) != $saved_password) {
$user = false;
}
+ } else {
+ //* The password is md5 encrypted
+ if(md5($password) != $saved_password) {
+ $user = false;
+ }
}
+ } else {
+ $user = false;
}
-
- if($user) {
- if($user['active'] == 1) {
- // Maintenance mode - allow logins only when maintenance mode is off or if the user is admin
- if(!$maintenance_mode || $user['typ'] == 'admin'){
- // User login right, so attempts can be deleted
- $sql = "DELETE FROM `attempts_login` WHERE `ip`=?";
- $app->db->query($sql, $ip);
- $user = $app->db->toLower($user);
-
- if ($loginAs) $oldSession = $_SESSION['s'];
- session_regenerate_id();
- $_SESSION = array();
- if ($loginAs) $_SESSION['s_old'] = $oldSession; // keep the way back!
- $_SESSION['s']['user'] = $user;
- $_SESSION['s']['user']['theme'] = isset($user['app_theme']) ? $user['app_theme'] : 'default';
- $_SESSION['s']['language'] = $user['language'];
- $_SESSION["s"]['theme'] = $_SESSION['s']['user']['theme'];
-
- if(is_file($_SESSION['s']['user']['startmodule'].'/lib/module.conf.php')) {
- include_once $_SESSION['s']['user']['startmodule'].'/lib/module.conf.php';
- $menu_dir = ISPC_WEB_PATH.'/' . $_SESSION['s']['user']['startmodule'] . '/lib/menu.d';
-
- if (is_dir($menu_dir)) {
- if ($dh = opendir($menu_dir)) {
- //** Go through all files in the menu dir
- while (($file = readdir($dh)) !== false) {
- if ($file != '.' && $file != '..' && substr($file, -9, 9) == '.menu.php' && $file != 'dns_resync.menu.php') {
- include_once $menu_dir . '/' . $file;
- }
- }
+ }
+ }
+
+ if($user) {
+ if($user['active'] == 1) {
+ // Maintenance mode - allow logins only when maintenance mode is off or if the user is admin
+ if(!$maintenance_mode || $user['typ'] == 'admin'){
+
+ // User login right, so attempts can be deleted
+ $sql = "DELETE FROM `attempts_login` WHERE `ip`=?";
+ $app->db->query($sql, $ip);
+ $user = $app->db->toLower($user);
+
+ if ($loginAs) $oldSession = $_SESSION['s'];
+ if (!$loginAs) session_regenerate_id(true);
+ $_SESSION = array();
+ if ($loginAs) $_SESSION['s_old'] = $oldSession; // keep the way back!
+ $_SESSION['s']['user'] = $user;
+ $_SESSION['s']['user']['theme'] = isset($user['app_theme']) ? $user['app_theme'] : 'default';
+ $_SESSION['s']['language'] = $user['language'];
+ $_SESSION["s"]['theme'] = $_SESSION['s']['user']['theme'];
+
+ if(is_file($_SESSION['s']['user']['startmodule'].'/lib/module.conf.php')) {
+ include_once $_SESSION['s']['user']['startmodule'].'/lib/module.conf.php';
+ $menu_dir = ISPC_WEB_PATH.'/' . $_SESSION['s']['user']['startmodule'] . '/lib/menu.d';
+ if (is_dir($menu_dir)) {
+ if ($dh = opendir($menu_dir)) {
+ //** Go through all files in the menu dir
+ while (($file = readdir($dh)) !== false) {
+ if ($file != '.' && $file != '..' && substr($file, -9, 9) == '.menu.php' && $file != 'dns_resync.menu.php') {
+ include_once $menu_dir . '/' . $file;
}
}
- $_SESSION['s']['module'] = $module;
- }
-
- // check if the user theme is valid
- if($_SESSION['s']['user']['theme'] != 'default') {
- $tmp_path = ISPC_THEMES_PATH."/".$_SESSION['s']['user']['theme'];
- if(!@is_dir($tmp_path) || !@file_exists($tmp_path."/ispconfig_version") || trim(file_get_contents($tmp_path."/ispconfig_version")) != ISPC_APP_VERSION) {
- // fall back to default theme if this one is not compatible with current ispc version
- $_SESSION['s']['user']['theme'] = 'default';
- $_SESSION['s']['theme'] = 'default';
- $_SESSION['show_error_msg'] = $app->lng('theme_not_compatible');
- }
}
-
- $app->plugin->raiseEvent('login', $this);
-
- //* Save successfull login message to var
- $authlog = 'Successful login for user \''. $username .'\' from '. long2ip($ip) .' at '. date('Y-m-d H:i:s');
- $authlog_handle = fopen($conf['ispconfig_log_dir'].'/auth.log', 'a');
- fwrite($authlog_handle, $authlog ."\n");
- fclose($authlog_handle);
-
- /*
- * We need LOGIN_REDIRECT instead of HEADER_REDIRECT to load the
- * new theme, if the logged-in user has another
- */
- echo 'LOGIN_REDIRECT:'.$_SESSION['s']['module']['startpage'];
-
- exit;
}
- } else {
- $error = $app->lng('error_user_blocked');
+ $_SESSION['s']['module'] = $module;
}
-
- } else {
- if(!$alreadyfailed['times'] )
- {
- //* user login the first time wrong
- $sql = "INSERT INTO `attempts_login` (`ip`, `times`, `login_time`) VALUES (?, 1, NOW())";
- $app->db->query($sql, $ip);
- } elseif($alreadyfailed['times'] >= 1) {
- //* update times wrong
- $sql = "UPDATE `attempts_login` SET `times`=`times`+1, `login_time`=NOW() WHERE `ip` = ? AND `login_time` < NOW() ORDER BY `login_time` DESC LIMIT 1";
- $app->db->query($sql, $ip);
+ // check if the user theme is valid
+ if($_SESSION['s']['user']['theme'] != 'default') {
+ $tmp_path = ISPC_THEMES_PATH."/".$_SESSION['s']['user']['theme'];
+ if(!@is_dir($tmp_path) || !@file_exists($tmp_path."/ispconfig_version") || trim(file_get_contents($tmp_path."/ispconfig_version")) != ISPC_APP_VERSION) {
+ // fall back to default theme if this one is not compatible with current ispc version
+ $_SESSION['s']['user']['theme'] = 'default';
+ $_SESSION['s']['theme'] = 'default';
+ $_SESSION['show_error_msg'] = $app->lng('theme_not_compatible');
+ }
}
- //* Incorrect login - Username and password incorrect
- $error = $app->lng('error_user_password_incorrect');
- if($app->db->errorMessage != '') $error .= '<br />'.$app->db->errorMessage != '';
-
- $app->plugin->raiseEvent('login_failed', $this);
-
- //* Save failed login message to var
- $authlog = 'Failed login for user \''. $username .'\' from '. long2ip($ip) .' at '. date('Y-m-d H:i:s');
+
+ $app->plugin->raiseEvent('login', $this);
+
+ //* Save successfull login message to var
+ $authlog = 'Successful login for user \''. $username .'\' from '. long2ip($ip) .' at '. date('Y-m-d H:i:s');
$authlog_handle = fopen($conf['ispconfig_log_dir'].'/auth.log', 'a');
fwrite($authlog_handle, $authlog ."\n");
fclose($authlog_handle);
+
+ /*
+ * We need LOGIN_REDIRECT instead of HEADER_REDIRECT to load the
+ * new theme, if the logged-in user has another
+ */
+
+ if ($loginAs){
+ echo 'LOGIN_REDIRECT:'.$_SESSION['s']['module']['startpage'];
+ exit;
+ } else {
+ header('Location: /index.php?phpsessid='.session_id());
+ die();
+ }
}
+ } else {
+ $error = $app->lng('error_user_blocked');
}
-
} else {
- //* Username or password empty
- if($error == '') $error = $app->lng('error_user_password_empty');
-
- $app->plugin->raiseEvent('login_empty', $this);
+ if(!$alreadyfailed['times'] )
+ {
+ //* user login the first time wrong
+ $sql = "INSERT INTO `attempts_login` (`ip`, `times`, `login_time`) VALUES (?, 1, NOW())";
+ $app->db->query($sql, $ip);
+ } elseif($alreadyfailed['times'] >= 1) {
+ //* update times wrong
+ $sql = "UPDATE `attempts_login` SET `times`=`times`+1, `login_time`=NOW() WHERE `ip` = ? AND `login_time` < NOW() ORDER BY `login_time` DESC LIMIT 1";
+ $app->db->query($sql, $ip);
+ }
+ //* Incorrect login - Username and password incorrect
+ $error = $app->lng('error_user_password_incorrect');
+ if($app->db->errorMessage != '') $error .= '<br />'.$app->db->errorMessage != '';
+
+ $app->plugin->raiseEvent('login_failed', $this);
+ //* Save failed login message to var
+ $authlog = 'Failed login for user \''. $username .'\' from '. long2ip($ip) .' at '. date('Y-m-d H:i:s');
+ $authlog_handle = fopen($conf['ispconfig_log_dir'].'/auth.log', 'a');
+ fwrite($authlog_handle, $authlog ."\n");
+ fclose($authlog_handle);
}
}
-
- // Maintenance mode - show message when people try to log in and also when people are forcedly logged off
- if($maintenance_mode_error != '') $error = '<strong>'.$maintenance_mode_error.'</strong><br><br>'.$error;
- if($error != ''){
- $error = '<div class="box box_error">'.$error.'</div>';
- }
-
- $app->load('getconf');
-
- $security_config = $app->getconf->get_security_config('permissions');
- if($security_config['password_reset_allowed'] == 'yes') {
- $app->tpl->setVar('pw_lost_show', 1);
} else {
- $app->tpl->setVar('pw_lost_show', 0);
- }
+ //* Username or password empty
+ if($error == '') $error = $app->lng('error_user_password_empty');
+ $app->plugin->raiseEvent('login_empty', $this);
+ }
+}
+
+// Maintenance mode - show message when people try to log in and also when people are forcedly logged off
+if($maintenance_mode_error != '') $error = '<strong>'.$maintenance_mode_error.'</strong><br><br>'.$error;
+if($error != ''){
+ $error = '<div class="box box_error">'.$error.'</div>';
+}
+
+$app->load('getconf');
+
+$security_config = $app->getconf->get_security_config('permissions');
+if($security_config['password_reset_allowed'] == 'yes') {
+ $app->tpl->setVar('pw_lost_show', 1);
+} else {
+ $app->tpl->setVar('pw_lost_show', 0);
+}
- $app->tpl->setVar('error', $error);
- $app->tpl->setVar('error_txt', $app->lng('error_txt'));
- $app->tpl->setVar('login_txt', $app->lng('login_txt'));
- $app->tpl->setVar('pw_lost_txt', $app->lng('pw_lost_txt'));
- $app->tpl->setVar('username_txt', $app->lng('username_txt'));
- $app->tpl->setVar('password_txt', $app->lng('password_txt'));
- $app->tpl->setVar('stay_logged_in_txt', $app->lng('stay_logged_in_txt'));
- $app->tpl->setVar('login_button_txt', $app->lng('login_button_txt'));
- $app->tpl->setVar('session_timeout', $server_config_array['session_timeout']);
- $app->tpl->setVar('session_allow_endless', $server_config_array['session_allow_endless']);
- $app->tpl->setInclude('content_tpl', 'login/templates/index.htm');
- $app->tpl_defaults();
-
- $this->status = 'OK';
-
- return $app->tpl->grab();
-
- } // << end function
-
-} // << end class
+$app->tpl->setVar('error', $error);
+$app->tpl->setVar('error_txt', $app->lng('error_txt'));
+$app->tpl->setVar('login_txt', $app->lng('login_txt'));
+$app->tpl->setVar('pw_lost_txt', $app->lng('pw_lost_txt'));
+$app->tpl->setVar('username_txt', $app->lng('username_txt'));
+$app->tpl->setVar('password_txt', $app->lng('password_txt'));
+$app->tpl->setVar('stay_logged_in_txt', $app->lng('stay_logged_in_txt'));
+$app->tpl->setVar('login_button_txt', $app->lng('login_button_txt'));
+$app->tpl->setVar('session_timeout', $server_config_array['session_timeout']);
+$app->tpl->setVar('session_allow_endless', $server_config_array['session_allow_endless']);
+//$app->tpl->setInclude('content_tpl', 'login/templates/index.htm');
+$app->tpl->setVar('current_theme', isset($_SESSION['s']['theme']) ? $_SESSION['s']['theme'] : 'default');
+//die(isset($_SESSION['s']['theme']) ? $_SESSION['s']['theme'] : 'default');
+
+// Logo
+$logo = $app->db->queryOneRecord("SELECT * FROM sys_ini WHERE sysini_id = 1");
+if($logo['custom_logo'] != ''){
+ $base64_logo_txt = $logo['custom_logo'];
+} else {
+ $base64_logo_txt = $logo['default_logo'];
+}
+$tmp_base64 = explode(',', $base64_logo_txt, 2);
+$logo_dimensions = $app->functions->getimagesizefromstring(base64_decode($tmp_base64[1]));
+$app->tpl->setVar('base64_logo_width', $logo_dimensions[0].'px');
+$app->tpl->setVar('base64_logo_height', $logo_dimensions[1].'px');
+$app->tpl->setVar('base64_logo_txt', $base64_logo_txt);
+
+// Title
+$app->tpl->setVar('company_name', $sys_config['company_name']. ' :: ');
+
+$app->tpl_defaults();
+
+$app->tpl->pparse();
?>
diff --git a/interface/web/login/lib/lang/ar.lng b/interface/web/login/lib/lang/ar.lng
index be9cb3e0dda3d9aed17af1959ca3089bcd8e7c76..18ea8c8e89ab495eba52ceb44ae5a9c183a06afe 100644
--- a/interface/web/login/lib/lang/ar.lng
+++ b/interface/web/login/lib/lang/ar.lng
@@ -10,7 +10,7 @@ $wb['pw_error_noinput'] = 'Please enter email address and username.';
$wb['pw_reset_mail_msg'] = 'The password to your ISPConfig 3 control panel account has been reset. The new password is: ';
$wb['pw_reset_mail_title'] = 'ISPConfig 3 Control panel password has been reset.';
$wb['user_regex_error'] = 'Username contains unallowed characters or is longer then 64 characters.';
-$wb['pw_error_length'] = 'The password length is > 64 characters.';
+$wb['pw_error_length'] = 'The password length is < 1 or > 64 characters.';
$wb['username_txt'] = 'Username';
$wb['password_txt'] = 'Password';
$wb['login_button_txt'] = 'Login';
diff --git a/interface/web/login/lib/lang/bg.lng b/interface/web/login/lib/lang/bg.lng
index 1e670c5949b94d93976b8a2c4acc9f4e98e2eb81..e6f158f2f9c97da3c07a722efa3ff0c797f10f6f 100644
--- a/interface/web/login/lib/lang/bg.lng
+++ b/interface/web/login/lib/lang/bg.lng
@@ -6,7 +6,7 @@ $wb['pw_error_noinput'] = 'ÐœÐ¾Ð»Ñ Ð²ÑŠÐ²ÐµÐ´ÐµÑ‚Ðµ потребителÑко
$wb['pw_reset_mail_msg'] = 'Ðовата парола за Ð²Ð°ÑˆÐ¸Ñ ISPConfig 3 контролен панел е:';
$wb['pw_reset_mail_title'] = 'Ðова парола за Ð²Ð°ÑˆÐ¸Ñ ISPConfig 3 контролен панел';
$wb['user_regex_error'] = 'ПотребителÑко име contains unallowed characters or is longer then 64 characters.';
-$wb['pw_error_length'] = 'The password length is > 64 characters.';
+$wb['pw_error_length'] = 'The password length is < 1 or > 64 characters.';
$wb['error_user_password_empty'] = 'ПотребителÑко име or Password empty.';
$wb['error_user_password_incorrect'] = 'ПотребителÑко име or Password wrong.';
$wb['error_user_blocked'] = 'User is blocked.';
diff --git a/interface/web/login/lib/lang/br.lng b/interface/web/login/lib/lang/br.lng
index 83c7987e64e0f9d7f985c77d0657fc3b8c5292a8..54ad4b15b138651b41d97080b68e0415c6da16d4 100644
--- a/interface/web/login/lib/lang/br.lng
+++ b/interface/web/login/lib/lang/br.lng
@@ -9,7 +9,7 @@ $wb['pw_error'] = 'Nome de usuário ou correio eletrônico não coincidem.';
$wb['pw_error_noinput'] = 'Favor informar nome de usuário e endereço de correio válidos.';
$wb['pw_reset_mail_msg'] = 'Sua senha do painel de controle foi restabelecida. A sua nova senha é: ';
$wb['pw_reset_mail_title'] = 'Sua senha do painel de controle foi restabelecida.';
-$wb['user_regex_error'] = 'O nome de usuário contém mais de 64 caracteres ou contém caracteres inválidos.';
+$wb['user_regex_error'] = 'O nome de usuário contém < 1 or mais de 64 caracteres ou contém caracteres inválidos.';
$wb['pw_error_length'] = 'Tamanho da senha não pode ser maior do que 64 caracteres.';
$wb['username_txt'] = 'Usuário';
$wb['password_txt'] = 'Senha';
diff --git a/interface/web/login/lib/lang/de.lng b/interface/web/login/lib/lang/de.lng
index 44f677b7b36d0015d948038be62d2b02e4141c68..9a41ad860cf6567e5c4f86bfbec2989dbcbc0d5b 100644
--- a/interface/web/login/lib/lang/de.lng
+++ b/interface/web/login/lib/lang/de.lng
@@ -10,7 +10,7 @@ $wb['pw_error_noinput'] = 'Bitte geben Sie Ihre E-Mail Adresse und Ihren Benutze
$wb['pw_reset_mail_msg'] = 'Das Passwort wurde zurückgesetzt. Das neue Passwort lautet: ';
$wb['pw_reset_mail_title'] = 'Ihr Passwort wurde zurückgesetzt.';
$wb['user_regex_error'] = 'Benutzername beinhaltet nicht erlaubte Zeichen oder ist länger als 64 Zeichen.';
-$wb['pw_error_length'] = 'Die Passwortlänge ist > 64 Zeichen.';
+$wb['pw_error_length'] = 'Die Passwortlänge ist < 1 oder > 64 Zeichen.';
$wb['login_txt'] = 'Anmelden';
$wb['username_txt'] = 'Benutzername';
$wb['password_txt'] = 'Passwort';
diff --git a/interface/web/login/lib/lang/en.lng b/interface/web/login/lib/lang/en.lng
index e7487da677b5fef3ee70407db9c70cc1f7d99cc9..bf2edfe420bbb2daa26e82140a2556a7f375a7af 100644
--- a/interface/web/login/lib/lang/en.lng
+++ b/interface/web/login/lib/lang/en.lng
@@ -10,7 +10,7 @@ $wb['pw_error_noinput'] = 'Please enter email address and username.';
$wb['pw_reset_mail_msg'] = 'The password to your ISPConfig 3 control panel account has been reset. The new password is: ';
$wb['pw_reset_mail_title'] = 'ISPConfig 3 Control panel password has been reset.';
$wb['user_regex_error'] = 'Username contains unallowed characters or is longer than 64 characters.';
-$wb['pw_error_length'] = 'The password length is > 64 characters.';
+$wb['pw_error_length'] = 'The password length is < 1 or > 64 characters.';
$wb['email_error'] = 'Email contains unallowed characters or has a invalid format.';
$wb['login_txt'] = "Login";
$wb['username_txt'] = "Username";
diff --git a/interface/web/login/login_as.php b/interface/web/login/login_as.php
index 85bc3662b4d661974b529eea7e42e865eb0297f0..a17d5baff12a7eba281725162a480615595f148d 100644
--- a/interface/web/login/login_as.php
+++ b/interface/web/login/login_as.php
@@ -92,12 +92,13 @@ echo '
'.$wb['login_2_txt'].'<br />
<div style="visibility:hidden">
<input type="text" name="username" value="' . $dbData['username'] . '" />
- <input type="password" name="passwort" value="' . $dbData['passwort'] .'" />
+ <input type="password" name="password" value="' . $dbData['passwort'] .'" />
</div>
- <input type="hidden" name="s_mod" value="login" />
- <input type="hidden" name="s_pg" value="index" />
+ <input type="hidden" name="s_mod" value="dashboard" />
+ <input type="hidden" name="s_pg" value="dashboard" />
+ <input type="hidden" name="login_as" value="1" />
<div class="wf_actions buttons">
- <button class="positive iconstxt icoPositive" type="button" value="'.$wb['btn_yes_txt'].'" onclick="submitLoginForm(' . "'pageForm'" . ');"><span>'.$wb['btn_yes_txt'].'</span></button>
+ <button class="positive iconstxt icoPositive" type="button" value="'.$wb['btn_yes_txt'].'" data-submit-form="pageForm" data-form-action="/login/index.php"><span>'.$wb['btn_yes_txt'].'</span></button>
<button class="negative iconstxt icoNegative" type="button" value="'.$wb['btn_back_txt'].'" data-load-content="'.$backlink.'"><span>'.$wb['btn_back_txt'].'</span></button>
</div>
';
diff --git a/interface/web/login/logout.php b/interface/web/login/logout.php
index 5092aeb02fe648d1b69ddeb6ce4bb83e5777e482..ee6fffa31249b8acae8ed9410cd85e53edfcc729 100644
--- a/interface/web/login/logout.php
+++ b/interface/web/login/logout.php
@@ -50,12 +50,13 @@ if ((isset($_SESSION['s_old']) && ($_SESSION['s_old']['user']['typ'] == 'admin'
'.str_replace('{UTYPE}', $utype, $wb['login_as_or_logout_txt']).'<br />
<div style="visibility:hidden">
<input type="text" name="username" value="' . $_SESSION['s_old']['user']['username'] . '" />
- <input type="password" name="passwort" value="' . $_SESSION['s_old']['user']['passwort'] .'" />
+ <input type="password" name="password" value="' . $_SESSION['s_old']['user']['passwort'] .'" />
</div>
<input type="hidden" name="s_mod" value="login" />
<input type="hidden" name="s_pg" value="index" />
+ <input type="hidden" name="login_as" value="1" />
<div class="wf_actions buttons">
- <button class="positive iconstxt icoPositive" type="button" value="Yes, re-login as ' . $utype . '" onclick="submitLoginForm(' . "'pageForm'" . ');"><span>Yes, re-login as ' . $utype . '</span></button>
+ <button class="positive iconstxt icoPositive" type="button" value="Yes, re-login as ' . $utype . '" data-submit-form="pageForm" data-form-action="/login/index.php"><span>Yes, re-login as ' . $utype . '</span></button>
<button class="negative iconstxt icoNegative" type="button" value="No, logout" data-load-content="login/logout.php?l=1"><span>No, logout</span></button>
</div>
';
diff --git a/interface/web/login/password_reset.php b/interface/web/login/password_reset.php
index 683a4bc030d4e8b4c03d877cd98524bf84e723db..a92ff85855d98e263f46f064cfa0ef20a2b2e522 100644
--- a/interface/web/login/password_reset.php
+++ b/interface/web/login/password_reset.php
@@ -1,7 +1,7 @@
<?php
/*
-Copyright (c) 2008, Till Brehm, projektfarm Gmbh
+Copyright (c) 2008 - 2015, Till Brehm, ISPConfig UG
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
@@ -38,18 +38,25 @@ if($security_config['password_reset_allowed'] != 'yes') die('Password reset func
// Loading the template
$app->uses('tpl');
-$app->tpl->newTemplate("form.tpl.htm");
+$app->tpl->newTemplate('main_login.tpl.htm');
$app->tpl->setInclude('content_tpl', 'templates/password_reset.htm');
$app->tpl_defaults();
include ISPC_ROOT_PATH.'/web/login/lib/lang/'.$_SESSION['s']['language'].'.lng';
$app->tpl->setVar($wb);
+$continue = true;
if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != '' && $_POST['username'] != 'admin') {
- if(!preg_match("/^[\w\.\-\_]{1,64}$/", $_POST['username'])) die($app->lng('user_regex_error'));
- if(!preg_match("/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i", $_POST['email'])) die($app->lng('email_error'));
+ if(!preg_match("/^[\w\.\-\_]{1,64}$/", $_POST['username'])) {
+ $app->tpl->setVar("error", $wb['user_regex_error']);
+ $continue = false;
+ }
+ if(!preg_match("/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i", $_POST['email'])) {
+ $app->tpl->setVar("error", $wb['email_error']);
+ $continue = false;
+ }
$username = $_POST['username'];
$email = $_POST['email'];
@@ -58,7 +65,7 @@ if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != '
if($client['lost_password_function'] == 0) {
$app->tpl->setVar("error", $wb['lost_password_function_disabled_txt']);
- } else {
+ } elseif ($continue) {
if($client['client_id'] > 0) {
$server_config_array = $app->getconf->get_global_config();
$min_password_length = 8;
@@ -91,9 +98,26 @@ if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != '
}
}
} else {
- $app->tpl->setVar("msg", $wb['pw_error_noinput']);
+ if(isset($_POST) && count($_POST) > 0) $app->tpl->setVar("msg", $wb['pw_error_noinput']);
}
+$app->tpl->setVar('current_theme', isset($_SESSION['s']['theme']) ? $_SESSION['s']['theme'] : 'default');
+
+// Logo
+$logo = $app->db->queryOneRecord("SELECT * FROM sys_ini WHERE sysini_id = 1");
+if($logo['custom_logo'] != ''){
+ $base64_logo_txt = $logo['custom_logo'];
+} else {
+ $base64_logo_txt = $logo['default_logo'];
+}
+$tmp_base64 = explode(',', $base64_logo_txt, 2);
+$logo_dimensions = $app->functions->getimagesizefromstring(base64_decode($tmp_base64[1]));
+$app->tpl->setVar('base64_logo_width', $logo_dimensions[0].'px');
+$app->tpl->setVar('base64_logo_height', $logo_dimensions[1].'px');
+$app->tpl->setVar('base64_logo_txt', $base64_logo_txt);
+
+// Title
+$app->tpl->setVar('company_name', $sys_config['company_name']. ' :: ');
$app->tpl_defaults();
$app->tpl->pparse();
diff --git a/interface/web/login/templates/index.htm b/interface/web/login/templates/index.htm
index 3083148a88bb5c6cebd7dabcc3d1ee6cc18b5c03..8d9ff9e516af446538dfd7edc73ec36c923d58d9 100644
--- a/interface/web/login/templates/index.htm
+++ b/interface/web/login/templates/index.htm
@@ -1,43 +1,28 @@
-<div class='page-header'>
- <h1><tmpl_var name="login_txt"></h1>
-</div>
-<p><tmpl_var name="list_desc_txt"></p>
-
-<div class="panel panel_login">
-
- <tmpl_if name="msg">
- <div id="OKMsg"><p><tmpl_var name="msg"></p></div>
- </tmpl_if>
- <tmpl_if name="error">
- <div id="errorMsg"><h3>{tmpl_var name='error_txt'}</h3><ol><li><tmpl_var name="error"></li></ol><br /><a href="#" data-load-content="login/password_reset.php">{tmpl_var name='pw_lost_txt'}</a></div>
- </tmpl_if>
-
- <div class="pnl_formsarea">
- <div class="form-group">
- <label for="username" class="col-sm-3 control-label">{tmpl_var name='username_txt'}</label>
- <div class="col-sm-9"><input type="text" name="username" id="username" value="" class="form-control" onkeypress="if (event.keyCode && event.keyCode == 13) {ISPConfig.submitLoginForm('pageForm'); return false;};" /></div></div>
- <div class="form-group">
- <label for="passwort" class="col-sm-3 control-label">{tmpl_var name='password_txt'}</label>
- <div class="col-sm-9"><input type="password" name="passwort" id="passwort" value="" class="form-control" onkeypress="if (event.keyCode && event.keyCode == 13) {ISPConfig.submitLoginForm('pageForm'); return false;};" /></div></div>
- <tmpl_if name="session_timeout" op=">" value="0">
- <tmpl_if name="session_allow_endless" value="y">
- <div class="form-group">
- <label for="passwort" class="col-sm-3 control-label">{tmpl_var name='stay_logged_in_txt'}</label>
- <div class="col-sm-9"><input class="form-control" type="checkbox" name="stay" id="stay" value="1" onkeypress="if (event.keyCode && event.keyCode == 13) {ISPConfig.submitLoginForm('pageForm'); return false;};" /></div></div>
- </tmpl_if>
- </tmpl_if>
-
-
- <input type="hidden" name="s_mod" value="login" />
- <input type="hidden" name="s_pg" value="index" />
-
- <div class="clear"><div class="right">
- <button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='add_new_record_txt'}" onclick="ISPConfig.submitLoginForm('pageForm');">{tmpl_var name='login_button_txt'}</button>
- <tmpl_if name="pw_lost_show"><button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='pw_lost_txt'}" data-load-content="login/password_reset.php">{tmpl_var name='pw_lost_txt'}</button></tmpl_if>
- </div></div>
- </div>
-
-</div>
-<script language="JavaScript" type="text/javascript">
- $('#username').closest('form').attr('autocomplete','on');
-</script>
\ No newline at end of file
+ <tmpl_if name="error">
+ <div class="alert alert-danger" role="alert"><tmpl_var name="error"></div>
+ </tmpl_if>
+ <form accept-charset="UTF-8" role="form" method="post" action="index.php">
+ <fieldset>
+ <div class="form-group">
+ <input class="form-control" placeholder="{tmpl_var name='username_txt'}" name="username" id="username" type="text">
+ </div>
+ <div class="form-group">
+ <input class="form-control" placeholder="{tmpl_var name='password_txt'}" name="password" id="password" type="password" value="">
+ </div>
+ <tmpl_if name="session_timeout" op=">" value="0">
+ <tmpl_if name="session_allow_endless" value="y">
+ <div class="checkbox">
+ <label>
+ <input name="stay" id="stay" type="checkbox" value="1"> {tmpl_var name='stay_logged_in_txt'}
+ </label>
+ </div>
+ </tmpl_if>
+ </tmpl_if>
+ <input type="hidden" name="s_mod" value="login" />
+ <input type="hidden" name="s_pg" value="index" />
+ <div class="right">
+ <input class="btn btn-default formbutton-default" type="submit" value="{tmpl_var name='login_txt'}">
+ <tmpl_if name="pw_lost_show"><button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='pw_lost_txt'}" onClick="document.location.href='password_reset.php';">{tmpl_var name='pw_lost_txt'}</button></tmpl_if>
+ </div>
+ </fieldset>
+ </form>
\ No newline at end of file
diff --git a/interface/web/login/templates/password_reset.htm b/interface/web/login/templates/password_reset.htm
index 66dc06a946fd1f8718f4e099c285210aedd9e0fe..66faf490f420d2a6a577811ad3ee0fd02a640b81 100644
--- a/interface/web/login/templates/password_reset.htm
+++ b/interface/web/login/templates/password_reset.htm
@@ -1,35 +1,24 @@
-<div class='page-header'>
- <h1><tmpl_var name="pw_reset_txt"></h1>
-</div>
+<tmpl_if name="msg">
+<div class="alert alert-success" role="alert"><tmpl_var name="msg"></div>
+</tmpl_if>
+<tmpl_if name="error">
+<div class="alert alert-danger" role="alert"><tmpl_var name="error"></div>
+</tmpl_if>
+<h2><tmpl_var name="pw_reset_txt"></h2>
<p><tmpl_var name="list_desc_txt"></p>
-
-<div class="panel panel_password_reset">
-
- <tmpl_if name="msg">
- <div id="OKMsg"><p><tmpl_var name="msg"></p></div>
- </tmpl_if>
- <tmpl_if name="error">
- <div id="errorMsg"><h3><tmpl_var name="error_txt"></h3><ol><tmpl_var name="error"></ol></div>
- </tmpl_if>
-
- <div class="pnl_formsarea">
- <legend>{tmpl_var name='pw_reset_txt'}</legend>
- <div class="form-group">
- <label for="email" class="col-sm-3 control-label"><em>*</em> {tmpl_var name='email_txt'}</label>
- <div class="col-sm-9"><input type="text" name="email" id="email" value="" class="form-control" /></div></div>
- <div class="form-group">
- <label for="username" class="col-sm-3 control-label"><em>*</em> {tmpl_var name='username_txt'}</label>
- <div class="col-sm-9"><input type="text" name="username" id="username" value="" class="form-control" /></div></div>
-
-
- <input type="hidden" name="s_mod" value="login" />
- <input type="hidden" name="s_pg" value="index" />
-
- <div class="clear"><div class="right">
- <button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='pw_button_txt'}" data-submit-form="pageForm" data-form-action="login/password_reset.php">{tmpl_var name='pw_button_txt'}</button>
- <button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='back_txt'}" onclick="ISPConfig.loadInitContent();">{tmpl_var name='back_txt'}</button>
-
- </div></div>
- </div>
-
-</div>
\ No newline at end of file
+<form accept-charset="UTF-8" role="form" method="post" action="password_reset.php">
+<fieldset>
+ <div class="form-group">
+ <input class="form-control" placeholder="{tmpl_var name='email_txt'}" name="email" id="email" type="text">
+ </div>
+ <div class="form-group">
+ <input class="form-control" placeholder="{tmpl_var name='username_txt'}" name="username" id="username" type="text">
+ </div>
+ <input type="hidden" name="s_mod" value="login" />
+ <input type="hidden" name="s_pg" value="index" />
+ <div class="right">
+ <input class="btn btn-default formbutton-default" type="submit" value="{tmpl_var name='pw_button_txt'}">
+ <button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='pw_lost_txt'}" onClick="document.location.href='index.php';">{tmpl_var name='back_txt'}</button>
+ </div>
+</fieldset>
+</form>
\ No newline at end of file
diff --git a/interface/web/nav.php b/interface/web/nav.php
index 773f7d14905e57a62d87381984fd3bcea7f732ad..8a49edd7e5d6fa7ecdb0fb7a95ddd5c3f975c3bd 100644
--- a/interface/web/nav.php
+++ b/interface/web/nav.php
@@ -83,12 +83,16 @@ if(isset($_GET['nav']) && $_GET['nav'] == 'top') {
}
} else {
//* Loading Login Module
+ /*
include_once 'login/lib/module.conf.php';
$_SESSION['s']['module'] = $module;
$topnav[] = array( 'title' => 'Login',
'active' => 1);
$module = null;
unset($module);
+ */
+ header('Location: /login/');
+ die();
}
//* Topnavigation
diff --git a/interface/web/themes/default/assets/javascripts/ispconfig.js b/interface/web/themes/default/assets/javascripts/ispconfig.js
index 2db94df107e65516da8deafe1ae370edfa3549bb..cf82d3de9e5c2446045574137823a319a5f6bf0b 100644
--- a/interface/web/themes/default/assets/javascripts/ispconfig.js
+++ b/interface/web/themes/default/assets/javascripts/ispconfig.js
@@ -11,7 +11,7 @@ var ISPConfig = {
options: {
useLoadIndicator: false,
- useComboBox: false,
+ useComboBox: false
},
setOption: function(key, value) {
@@ -91,7 +91,7 @@ var ISPConfig = {
placeholder: '',
width: 'element',
selectOnBlur: true,
- allowClear: true,
+ allowClear: true
});
}
},
@@ -143,7 +143,7 @@ var ISPConfig = {
},
/* THIS ONE SHOULD BE REMOVED AFTER CREATING THE STATIC LOGIN PAGE!!! */
- submitLoginForm: function(formname) {
+ /*submitLoginForm: function(formname) {
//* Validate form. TODO: username and password with strip();
var frm = document.getElementById(formname);
var userNameObj = frm.username;
@@ -189,7 +189,7 @@ var ISPConfig = {
ISPConfig.reportError('Ajax Request was not successful.110');
}
});
- },
+ },*/
submitForm: function(formname, target, confirmation) {
var successMessage = arguments[3];
@@ -209,6 +209,9 @@ var ISPConfig = {
if(jqXHR.responseText.indexOf('HEADER_REDIRECT:') > -1) {
var parts = jqXHR.responseText.split(':');
ISPConfig.loadContent(parts[1]);
+ } else if (jqXHR.responseText.indexOf('LOGIN_REDIRECT:') > -1) {
+ // Go to the login page
+ document.location.href = '/index.php';
} else {
$('#pageContent').html(jqXHR.responseText);
ISPConfig.onAfterContentLoad(target, $('#'+formname).serialize());
@@ -354,8 +357,8 @@ var ISPConfig = {
loadInitContent: function() {
var pageContentObject = $.ajax({
type: "GET",
- url: "content.php",
- data: "s_mod=login&s_pg=index",
+ url: "dashboard/dashboard.php",
+ data: "",
dataType: "html",
beforeSend: function() {
ISPConfig.showLoadIndicator();
@@ -366,7 +369,7 @@ var ISPConfig = {
ISPConfig.loadContent(parts[1]);
} else {
$('#pageContent').html(jqXHR.responseText);
- ISPConfig.onAfterContentLoad('content.php', "s_mod=login&s_pg=index");
+ ISPConfig.onAfterContentLoad('dashboard/dashboard.php', "");
ISPConfig.pageFormChanged = false;
}
ISPConfig.hideLoadIndicator();
diff --git a/interface/web/themes/default/assets/javascripts/ispconfig.min.js b/interface/web/themes/default/assets/javascripts/ispconfig.min.js
index d85f7c6445dfb64c6e15f5c90d33acb6b865614b..b8c67aa25a2966293938265987cdceaa757ca575 100644
--- a/interface/web/themes/default/assets/javascripts/ispconfig.min.js
+++ b/interface/web/themes/default/assets/javascripts/ispconfig.min.js
@@ -1 +1,28 @@
-var ISPConfig={pageFormChanged:false,tabChangeWarningTxt:"",tabChangeDiscardTxt:"",tabChangeWarning:false,tabChangeDiscard:false,requestsRunning:0,indicatorCompleted:false,registeredHooks:new Array(),new_tpl_add_id:0,options:{useLoadIndicator:false,useComboBox:false,},setOption:function(a,b){ISPConfig.options[a]=b},setOptions:function(a){$.extend(ISPConfig.options,a)},reportError:function(a){},registerHook:function(a,c){if(!ISPConfig.registeredHooks[a]){ISPConfig.registeredHooks[a]=new Array()}var b=ISPConfig.registeredHooks[a].length;ISPConfig.registeredHooks[a][b]=c},callHook:function(a,c){if(!ISPConfig.registeredHooks[a]){return}for(var b=0;b<ISPConfig.registeredHooks[a].length;b++){var d=ISPConfig.registeredHooks[a][b];d(a,c)}},resetFormChanged:function(){ISPConfig.pageFormChanged=false},showLoadIndicator:function(){document.body.style.cursor="wait";if(ISPConfig.options.useLoadIndicator==true){ISPConfig.requestsRunning+=1;if(ISPConfig.requestsRunning<2){var a=$("#ajaxloader");if(a.length<1){a=$('<div id="ajaxloader" style="display: none;"></div>');a.appendTo("body")}var b=$("#content");if(b.length<1){return}ISPConfig.indicatorCompleted=false;var d=b.offset().left+150;var c=b.offset().top+150;a.css({left:d,top:c}).fadeIn("fast",function(){ISPConfig.indicatorCompleted=true;if(ISPConfig.requestsRunning<1){$(this).fadeOut("fast",function(){$(this).hide()})}})}}},hideLoadIndicator:function(){document.body.style.cursor="";ISPConfig.requestsRunning-=1;if(ISPConfig.requestsRunning<1){ISPConfig.requestsRunning=0;if(ISPConfig.indicatorCompleted==true){$("#ajaxloader").fadeOut("fast",function(){$("#ajaxloader").hide()})}}},onAfterSideNavLoaded:function(){if(ISPConfig.options.useComboBox==true){$("#sidebar").find("select:not(.chosen-select)").select2({placeholder:"",width:"element",selectOnBlur:true,allowClear:true,})}},onAfterContentLoad:function(a,b){if(!b){b=""}else{b="&"+b}if(ISPConfig.options.useComboBox==true){$("#pageContent").find("select:not(.chosen-select)").select2({placeholder:"",width:"element",selectOnBlur:true,allowClear:true,formatResult:function(c){if(c.id&&$(c.element).parent().hasClass("flags")){return'<span class="flags flag-'+c.id.toLowerCase()+'">'+c.text+"</span>"}else{return c.text}},formatSelection:function(c){if(c.id&&$(c.element).parent().hasClass("flags")){return'<span class="flags flag-'+c.id.toLowerCase()+'">'+c.text+"</span>"}else{return c.text}}}).on("change",function(c){if($("#pageForm .table #Filter").length>0){$("#pageForm .table #Filter").trigger("click")}})}$('input[data-input-element="date"]').datetimepicker({language:"en",todayHighlight:true,todayBtn:"linked",bootcssVer:3,fontAwesome:true,autoclose:true,minView:"month"});$('input[data-input-element="datetime"]').datetimepicker({language:"en",todayHighlight:true,todayBtn:"linked",bootcssVer:3,fontAwesome:true,autoclose:true});ISPConfig.callHook("onAfterContentLoad",{url:a,data:b})},submitLoginForm:function(d){var c=document.getElementById(d);var b=c.username;if(b.value==""){b.focus();return}var e=c.passwort;if(e.value==""){e.focus();return}$("#dummy_username").val(b.value);$("#dummy_passwort").val(e.value);$("#dummy_login_form").submit();var a=$.ajax({type:"POST",url:"content.php",data:$("#"+d).serialize(),dataType:"html",beforeSend:function(){ISPConfig.showLoadIndicator()},success:function(g,i,f){if(f.responseText.indexOf("HEADER_REDIRECT:")>-1){var h=f.responseText.split(":");ISPConfig.loadContent(h[1])}else{if(f.responseText.indexOf("LOGIN_REDIRECT:")>-1){document.location.href="index.php"}else{$("#pageContent").html(f.responseText);ISPConfig.onAfterContentLoad("content.php",$("#"+d).serialize());ISPConfig.pageFormChanged=false}}ISPConfig.loadMenus();ISPConfig.hideLoadIndicator()},error:function(){ISPConfig.hideLoadIndicator();ISPConfig.reportError("Ajax Request was not successful.110")}})},submitForm:function(d,e,c){var b=arguments[3];if(!c){c=false}if(!c||window.confirm(c)){var a=$.ajax({type:"POST",url:e,data:$("#"+d).serialize(),dataType:"html",beforeSend:function(){ISPConfig.showLoadIndicator()},success:function(g,i,f){if(b){alert(b)}if(f.responseText.indexOf("HEADER_REDIRECT:")>-1){var h=f.responseText.split(":");ISPConfig.loadContent(h[1])}else{$("#pageContent").html(f.responseText);ISPConfig.onAfterContentLoad(e,$("#"+d).serialize());ISPConfig.pageFormChanged=false}ISPConfig.hideLoadIndicator()},error:function(f,i,h){ISPConfig.hideLoadIndicator();var g=f.responseText.split(":");ISPConfig.reportError("Ajax Request was not successful. 111")}})}},submitUploadForm:function(c,d){var b=function(l){var g,h=l.contentWindow.document.body.innerHTML;try{g=JSON.parse(h)}catch(i){g=h}var j="";var f=$("#OKMsg",g).html();if(f){j='<div id="OKMsg">'+f+"</div>"}var k=$("#errorMsg",g).html();if(k){j=j+'<div id="errorMsg">'+k+"</div>"}return j};var a="ajaxUploader-iframe-"+Math.round(new Date().getTime()/1000);$("body").after('<iframe width="0" height="0" style="display:none;" name="'+a+'" id="'+a+'"/>');$('input[type="file"]').closest("form").attr({target:a,action:d}).submit();$("#"+a).load(function(){var e=b(this);$("#errorMsg").remove();$("#OKMsg").remove();$('input[name="id"]').before(e);$(this).remove()})},capp:function(b,c){var a=$.ajax({type:"GET",url:"capp.php",data:"mod="+b+((c!=undefined)?"&redirect="+c:""),dataType:"html",beforeSend:function(){ISPConfig.showLoadIndicator()},success:function(e,h,d){if(d.responseText!=""){if(d.responseText.indexOf("HEADER_REDIRECT:")>-1){var g=d.responseText.split(":");ISPConfig.loadContent(g[1])}else{if(d.responseText.indexOf("URL_REDIRECT:")>-1){var f=d.responseText.substr(d.responseText.indexOf("URL_REDIRECT:")+"URL_REDIRECT:".length);document.location.href=f}else{}}}ISPConfig.loadMenus();ISPConfig.hideLoadIndicator()},error:function(){ISPConfig.hideLoadIndicator();ISPConfig.reportError("Ajax Request was not successful."+b)}})},loadContent:function(b){var c=arguments[1];var a=$.ajax({type:"GET",url:b,data:(c?c:null),dataType:"html",beforeSend:function(){ISPConfig.showLoadIndicator()},success:function(e,h,d){if(d.responseText.indexOf("HEADER_REDIRECT:")>-1){var g=d.responseText.split(":");ISPConfig.loadContent(g[1])}else{if(d.responseText.indexOf("URL_REDIRECT:")>-1){var f=d.responseText.substr(d.responseText.indexOf("URL_REDIRECT:")+"URL_REDIRECT:".length);document.location.href=f}else{$("#pageContent").html(d.responseText);ISPConfig.onAfterContentLoad(b,(c?c:null));ISPConfig.pageFormChanged=false}}ISPConfig.hideLoadIndicator()},error:function(){ISPConfig.hideLoadIndicator();ISPConfig.reportError("Ajax Request was not successful. 113")}})},loadContentRefresh:function(b){if($("#refreshinterval").val()>0){var a=$.ajax({type:"GET",url:b,data:"refresh="+document.getElementById("refreshinterval").value,dataType:"html",beforeSend:function(){ISPConfig.showLoadIndicator()},success:function(d,e,c){ISPConfig.hideLoadIndicator();$("#pageContent").html(c.responseText);ISPConfig.onAfterContentLoad(b,"refresh="+document.getElementById("refreshinterval").value);ISPConfig.pageFormChanged=false},error:function(){ISPConfig.hideLoadIndicator();ISPConfig.reportError("Ajax Request was not successful."+b)}});setTimeout("ISPConfig.loadContentRefresh('"+b+"&refresh="+document.getElementById("refreshinterval").value+"')",document.getElementById("refreshinterval").value*1000*60)}},loadInitContent:function(){var a=$.ajax({type:"GET",url:"content.php",data:"s_mod=login&s_pg=index",dataType:"html",beforeSend:function(){ISPConfig.showLoadIndicator()},success:function(c,e,b){if(b.responseText.indexOf("HEADER_REDIRECT:")>-1){var d=b.responseText.split(":");ISPConfig.loadContent(d[1])}else{$("#pageContent").html(b.responseText);ISPConfig.onAfterContentLoad("content.php","s_mod=login&s_pg=index");ISPConfig.pageFormChanged=false}ISPConfig.hideLoadIndicator()},error:function(){ISPConfig.hideLoadIndicator();ISPConfig.reportError("Ajax Request was not successful. 114")}});ISPConfig.loadMenus();ISPConfig.keepalive();setTimeout(function(){try{$("form#pageForm").find('input[name="username"]').focus()}catch(b){}},1000)},loadMenus:function(){var b=$.ajax({type:"GET",url:"nav.php",data:"nav=side",dataType:"html",beforeSend:function(){ISPConfig.showLoadIndicator()},success:function(d,e,c){ISPConfig.hideLoadIndicator();$("#sidebar").html(c.responseText);ISPConfig.onAfterSideNavLoaded();ISPConfig.loadPushyMenu()},error:function(){ISPConfig.hideLoadIndicator();ISPConfig.reportError("Ajax Request was not successful. 115")}});var a=$.ajax({type:"GET",url:"nav.php",data:"nav=top",dataType:"html",beforeSend:function(){ISPConfig.showLoadIndicator()},success:function(d,e,c){ISPConfig.hideLoadIndicator();$("#topnav-container").html(c.responseText);ISPConfig.loadPushyMenu()},error:function(c){ISPConfig.hideLoadIndicator();ISPConfig.reportError("Ajax Request was not successful. 116")}})},changeTab:function(c,e,d){if(ISPConfig.requestsRunning>0){return false}document.pageForm.next_tab.value=c;var b=$("form#pageForm").find('[name="id"]');var f=null;if(b.length>0){f=b.val()}if(ISPConfig.tabChangeDiscard=="y"&&!d){if((b.length<1||f)&&(ISPConfig.pageFormChanged==false||window.confirm(ISPConfig.tabChangeDiscardTxt))){var a=c;if(f){ISPConfig.loadContent(e,{next_tab:a,id:f})}else{ISPConfig.loadContent(e,{next_tab:a})}}else{return false}}else{if(f&&ISPConfig.tabChangeWarning=="y"&&ISPConfig.pageFormChanged==true){if(window.confirm(ISPConfig.tabChangeWarningTxt)){ISPConfig.submitForm("pageForm",e)}else{var a=c;if(f){ISPConfig.loadContent(e,{next_tab:a,id:f})}else{ISPConfig.loadContent(e,{next_tab:a})}}}else{ISPConfig.submitForm("pageForm",e)}}},confirm_action:function(b,a){if(window.confirm(a)){ISPConfig.loadContent(b)}},loadContentInto:function(b,c){var a=$.ajax({type:"GET",url:c,dataType:"html",beforeSend:function(){},success:function(e,f,d){$("#"+b).html(d.responseText)},error:function(){ISPConfig.reportError("Ajax Request was not successful. 118")}})},loadOptionInto:function(b,c,d){var a=$.ajax({type:"GET",url:c,dataType:"html",beforeSend:function(){},success:function(h,l,g){var j=g.responseText;var k=j.split("#");el=document.getElementById(b);el.innerHTML="";for(var f=0;f<k.length;++f){var e=document.createElement("option");e.appendChild(document.createTextNode(k[f]));e.value=k[f];el.appendChild(e)}if(typeof(d)!="undefined"){d(b,c)}},error:function(){ISPConfig.reportError("Ajax Request was not successful. 119")}})},keepalive:function(){var a=$.ajax({type:"GET",url:"keepalive.php",dataType:"html",success:function(c,d,b){setTimeout(function(){ISPConfig.keepalive()},1000000)},error:function(){ISPConfig.reportError("Session expired. Please login again.")}})},addAdditionalTemplate:function(){var e=$("#template_additional").val();var a=$("#tpl_add_select").val().split("|",2);var d=a[0];var f=a[1];if(d>0){var c=e.split("/");ISPConfig.new_tpl_add_id+=1;var b=$('<a href="#"></a>').attr("class","button icons16 icoDelete").click(function(g){g.preventDefault();ISPConfig.delAdditionalTemplate($(this).parent().attr("rel"))});c[c.length]="n"+ISPConfig.new_tpl_add_id+":"+d;$("<li>"+f+"</li>").attr("rel","n"+new_tpl_add_id).append(b).appendTo("#template_additional_list ul");$("#template_additional").val(c.join("/"));alert("additional template "+f+" added to customer")}else{alert("no additional template selcted")}},delAdditionalTemplate:function(d){var a=$("#template_additional").val();if(d){var l=$("#template_additional_list ul").find('li[rel="'+d+'"]').eq(0);var k=l.text();l.remove();var j=a.split("/");var b=new Array();for(var e=0;e<j.length;e++){var f=j[e].split(":",2);if(f.length==2&&f[0]==d){continue}b[b.length]=j[e]}$("#template_additional").val(b.join("/"));alert("additional template "+k+" deleted from customer")}else{if(a!=""){var c=document.getElementById("tpl_add_select").value.split("|",2);var h=c[0];var k=c[1];$("#template_additional_list ul").find("li:not([rel])").each(function(){var i=$(this).text();if(i==k){$(this).remove();return false}return this});var b=a;var g=new RegExp("(^|/)"+h+"(/|$)");b=b.replace(g,"");b=b.replace("//","/");$("#template_additional").val(b);alert("additional template "+k+" deleted from customer")}else{alert("no additional template selcted")}}}};$(document).on("change",function(a){var b=a.target.localName;if($("#pageForm .table #Filter").length>0&&b=="select"){a.preventDefault();$("#pageForm .table #Filter").trigger("click")}if(b=="select"||b=="input"||b=="textarea"){if($(a.target).hasClass("no-page-form-change")==false){ISPConfig.pageFormChanged=true}}});$(document).on("click","a[data-load-content],button[data-load-content]",function(b){var a=$(this).attr("data-load-content");if(!a){return this}ISPConfig.loadContent(a)});$(document).on("click","a[data-capp],button[data-capp]",function(b){var a=$(this).attr("data-capp");if(!a){return this}ISPConfig.capp(a)});$(document).on("click","a[data-submit-form],button[data-submit-form]",function(d){var b=$(this);var a=b.attr("data-form-action");var c=b.attr("data-submit-form");if(b.attr("data-form-upload")=="true"){ISPConfig.submitUploadForm(c,a)}else{ISPConfig.submitForm(c,a)}});$(document).bind("keypress",function(a){if(a.which=="13"&&$("#pageForm .table #Filter").length>0&&$(a.target).hasClass("ui-autocomplete-input")==false){a.preventDefault();$("#pageForm .table #Filter").trigger("click")}if(a.which=="13"&&$(".pnl_formsarea button.positive").length>0&&a.target.localName!="textarea"&&$(a.target).is(":input")){a.preventDefault();$(".pnl_formsarea button.positive:first").not("[disabled='disabled']").trigger("click")}});$(document).on("click","th[data-column]",function(h){var i=$(this);var d=i.attr("data-column");if(!d){return this}if($("#pageForm .table #Filter").length>0&&i.attr("data-sortable")!="false"){var c=$("#Filter");var a=c.attr("data-form-action");var f=c.attr("data-submit-form");var b=i.attr("data-ordered");var g="?";if(a.indexOf("?")>=0){g="&"}a=a+g+"orderby="+d;ISPConfig.submitForm(f,a);$(document).ajaxComplete(function(){var e=$('#pageForm .table th[data-column="'+d+'"]');e.parent().children("th[data-column]").removeAttr("data-ordered");if(b&&b=="asc"){e.attr("data-ordered","desc")}else{e.attr("data-ordered","asc")}})}});$(document).on("click",".addPlaceholder",function(){var a=$(this).text();var b=$(this).siblings(":input");b.insertAtCaret(a)});$(document).on("click",".addPlaceholderContent",function(){var b=$(this).find(".addPlaceholderContent").text();var a=$(this).siblings(":input");a.insertAtCaret(b)});$(document).on("ready",function(){$.fn.extend({insertAtCaret:function(a){return this.each(function(d){if(document.selection){this.focus();sel=document.selection.createRange();sel.text=a;this.focus()}else{if(this.selectionStart||this.selectionStart=="0"){var c=this.selectionStart;var b=this.selectionEnd;var e=this.scrollTop;this.value=this.value.substring(0,c)+a+this.value.substring(b,this.value.length);this.focus();this.selectionStart=c+a.length;this.selectionEnd=c+a.length;this.scrollTop=e}else{this.value+=a;this.focus()}}})}});$(".progress .progress-bar").css("width",function(){return $(this).attr("aria-valuenow")+"%"});ISPConfig.loadInitContent();$("#searchform").submit(function(a){a.preventDefault()});$("#pageForm").submit(function(a){if($("#pageForm .table #Filter").length>0){a.preventDefault()}})});
\ No newline at end of file
+var ISPConfig={pageFormChanged:!1,tabChangeWarningTxt:"",tabChangeDiscardTxt:"",tabChangeWarning:!1,tabChangeDiscard:!1,requestsRunning:0,indicatorCompleted:!1,registeredHooks:[],new_tpl_add_id:0,options:{useLoadIndicator:!1,useComboBox:!1},setOption:function(a,b){ISPConfig.options[a]=b},setOptions:function(a){$.extend(ISPConfig.options,a)},reportError:function(a){},registerHook:function(a,b){ISPConfig.registeredHooks[a]||(ISPConfig.registeredHooks[a]=[]);ISPConfig.registeredHooks[a][ISPConfig.registeredHooks[a].length]=
+b},callHook:function(a,b){if(ISPConfig.registeredHooks[a])for(var c=0;c<ISPConfig.registeredHooks[a].length;c++)(0,ISPConfig.registeredHooks[a][c])(a,b)},resetFormChanged:function(){ISPConfig.pageFormChanged=!1},showLoadIndicator:function(){document.body.style.cursor="wait";if(1==ISPConfig.options.useLoadIndicator&&(ISPConfig.requestsRunning+=1,2>ISPConfig.requestsRunning)){var a=$("#ajaxloader");1>a.length&&(a=$('<div id="ajaxloader" style="display: none;"></div>'),a.appendTo("body"));var b=$("#content");
+if(!(1>b.length)){ISPConfig.indicatorCompleted=!1;var c=b.offset().left+150,b=b.offset().top+150;a.css({left:c,top:b}).fadeIn("fast",function(){ISPConfig.indicatorCompleted=!0;1>ISPConfig.requestsRunning&&$(this).fadeOut("fast",function(){$(this).hide()})})}}},hideLoadIndicator:function(){document.body.style.cursor="";--ISPConfig.requestsRunning;1>ISPConfig.requestsRunning&&(ISPConfig.requestsRunning=0,1==ISPConfig.indicatorCompleted&&$("#ajaxloader").fadeOut("fast",function(){$("#ajaxloader").hide()}))},
+onAfterSideNavLoaded:function(){1==ISPConfig.options.useComboBox&&$("#sidebar").find("select:not(.chosen-select)").select2({placeholder:"",width:"element",selectOnBlur:!0,allowClear:!0})},onAfterContentLoad:function(a,b){b=b?"&"+b:"";if(1==ISPConfig.options.useComboBox)$("#pageContent").find("select:not(.chosen-select)").select2({placeholder:"",width:"element",selectOnBlur:!0,allowClear:!0,formatResult:function(a){return a.id&&$(a.element).parent().hasClass("flags")?'<span class="flags flag-'+a.id.toLowerCase()+
+'">'+a.text+"</span>":a.text},formatSelection:function(a){return a.id&&$(a.element).parent().hasClass("flags")?'<span class="flags flag-'+a.id.toLowerCase()+'">'+a.text+"</span>":a.text}}).on("change",function(a){0<$("#pageForm .table #Filter").length&&$("#pageForm .table #Filter").trigger("click")});$('input[data-input-element="date"]').datetimepicker({language:"en",todayHighlight:!0,todayBtn:"linked",bootcssVer:3,fontAwesome:!0,autoclose:!0,minView:"month"});$('input[data-input-element="datetime"]').datetimepicker({language:"en",
+todayHighlight:!0,todayBtn:"linked",bootcssVer:3,fontAwesome:!0,autoclose:!0});ISPConfig.callHook("onAfterContentLoad",{url:a,data:b})},submitForm:function(a,b,c,e){c||(c=!1);c&&!window.confirm(c)||$.ajax({type:"POST",url:b,data:$("#"+a).serialize(),dataType:"html",beforeSend:function(){ISPConfig.showLoadIndicator()},success:function(c,f,g){e&&alert(e);-1<g.responseText.indexOf("HEADER_REDIRECT:")?(c=g.responseText.split(":"),ISPConfig.loadContent(c[1])):-1<g.responseText.indexOf("LOGIN_REDIRECT:")?
+document.location.href="/index.php":($("#pageContent").html(g.responseText),ISPConfig.onAfterContentLoad(b,$("#"+a).serialize()),ISPConfig.pageFormChanged=!1);ISPConfig.hideLoadIndicator()},error:function(a,b,c){ISPConfig.hideLoadIndicator();a.responseText.split(":");ISPConfig.reportError("Ajax Request was not successful. 111")}})},submitUploadForm:function(a,b){var c="ajaxUploader-iframe-"+Math.round((new Date).getTime()/1E3);$("body").after('<iframe width="0" height="0" style="display:none;" name="'+
+c+'" id="'+c+'"/>');$('input[type="file"]').closest("form").attr({target:c,action:b}).submit();$("#"+c).load(function(){var a,b=this.contentWindow.document.body.innerHTML;try{a=JSON.parse(b)}catch(c){a=b}var b="",f=$("#OKMsg",a).html();f&&(b='<div id="OKMsg">'+f+"</div>");(a=$("#errorMsg",a).html())&&(b=b+'<div id="errorMsg">'+a+"</div>");a=b;$("#errorMsg").remove();$("#OKMsg").remove();$('input[name="id"]').before(a);$(this).remove()})},capp:function(a,b){$.ajax({type:"GET",url:"capp.php",data:"mod="+
+a+(void 0!=b?"&redirect="+b:""),dataType:"html",beforeSend:function(){ISPConfig.showLoadIndicator()},success:function(a,b,d){""!=d.responseText&&(-1<d.responseText.indexOf("HEADER_REDIRECT:")?(a=d.responseText.split(":"),ISPConfig.loadContent(a[1])):-1<d.responseText.indexOf("URL_REDIRECT:")&&(a=d.responseText.substr(d.responseText.indexOf("URL_REDIRECT:")+13),document.location.href=a));ISPConfig.loadMenus();ISPConfig.hideLoadIndicator()},error:function(){ISPConfig.hideLoadIndicator();ISPConfig.reportError("Ajax Request was not successful."+
+a)}})},loadContent:function(a,b){$.ajax({type:"GET",url:a,data:b?b:null,dataType:"html",beforeSend:function(){ISPConfig.showLoadIndicator()},success:function(c,e,d){-1<d.responseText.indexOf("HEADER_REDIRECT:")?(c=d.responseText.split(":"),ISPConfig.loadContent(c[1])):-1<d.responseText.indexOf("URL_REDIRECT:")?(c=d.responseText.substr(d.responseText.indexOf("URL_REDIRECT:")+13),document.location.href=c):($("#pageContent").html(d.responseText),ISPConfig.onAfterContentLoad(a,b?b:null),ISPConfig.pageFormChanged=
+!1);ISPConfig.hideLoadIndicator()},error:function(){ISPConfig.hideLoadIndicator();ISPConfig.reportError("Ajax Request was not successful. 113")}})},loadContentRefresh:function(a){0<$("#refreshinterval").val()&&($.ajax({type:"GET",url:a,data:"refresh="+document.getElementById("refreshinterval").value,dataType:"html",beforeSend:function(){ISPConfig.showLoadIndicator()},success:function(b,c,e){ISPConfig.hideLoadIndicator();$("#pageContent").html(e.responseText);ISPConfig.onAfterContentLoad(a,"refresh="+
+document.getElementById("refreshinterval").value);ISPConfig.pageFormChanged=!1},error:function(){ISPConfig.hideLoadIndicator();ISPConfig.reportError("Ajax Request was not successful."+a)}}),setTimeout("ISPConfig.loadContentRefresh('"+a+"&refresh="+document.getElementById("refreshinterval").value+"')",6E4*document.getElementById("refreshinterval").value))},loadInitContent:function(){$.ajax({type:"GET",url:"dashboard/dashboard.php",data:"",dataType:"html",beforeSend:function(){ISPConfig.showLoadIndicator()},
+success:function(a,b,c){-1<c.responseText.indexOf("HEADER_REDIRECT:")?(a=c.responseText.split(":"),ISPConfig.loadContent(a[1])):($("#pageContent").html(c.responseText),ISPConfig.onAfterContentLoad("dashboard/dashboard.php",""),ISPConfig.pageFormChanged=!1);ISPConfig.hideLoadIndicator()},error:function(){ISPConfig.hideLoadIndicator();ISPConfig.reportError("Ajax Request was not successful. 114")}});ISPConfig.loadMenus();ISPConfig.keepalive();setTimeout(function(){try{$("form#pageForm").find('input[name="username"]').focus()}catch(a){}},
+1E3)},loadMenus:function(){$.ajax({type:"GET",url:"nav.php",data:"nav=side",dataType:"html",beforeSend:function(){ISPConfig.showLoadIndicator()},success:function(a,b,c){ISPConfig.hideLoadIndicator();$("#sidebar").html(c.responseText);ISPConfig.onAfterSideNavLoaded();ISPConfig.loadPushyMenu()},error:function(){ISPConfig.hideLoadIndicator();ISPConfig.reportError("Ajax Request was not successful. 115")}});$.ajax({type:"GET",url:"nav.php",data:"nav=top",dataType:"html",beforeSend:function(){ISPConfig.showLoadIndicator()},
+success:function(a,b,c){ISPConfig.hideLoadIndicator();$("#topnav-container").html(c.responseText);ISPConfig.loadPushyMenu()},error:function(a){ISPConfig.hideLoadIndicator();ISPConfig.reportError("Ajax Request was not successful. 116")}})},changeTab:function(a,b,c){if(0<ISPConfig.requestsRunning)return!1;document.pageForm.next_tab.value=a;var e=$("form#pageForm").find('[name="id"]'),d=null;0<e.length&&(d=e.val());if("y"!=ISPConfig.tabChangeDiscard||c)d&&"y"==ISPConfig.tabChangeWarning&&1==ISPConfig.pageFormChanged?
+window.confirm(ISPConfig.tabChangeWarningTxt)?ISPConfig.submitForm("pageForm",b):d?ISPConfig.loadContent(b,{next_tab:a,id:d}):ISPConfig.loadContent(b,{next_tab:a}):ISPConfig.submitForm("pageForm",b);else if((1>e.length||d)&&(0==ISPConfig.pageFormChanged||window.confirm(ISPConfig.tabChangeDiscardTxt)))d?ISPConfig.loadContent(b,{next_tab:a,id:d}):ISPConfig.loadContent(b,{next_tab:a});else return!1},confirm_action:function(a,b){window.confirm(b)&&ISPConfig.loadContent(a)},loadContentInto:function(a,
+b){$.ajax({type:"GET",url:b,dataType:"html",beforeSend:function(){},success:function(b,e,d){$("#"+a).html(d.responseText)},error:function(){ISPConfig.reportError("Ajax Request was not successful. 118")}})},loadOptionInto:function(a,b,c){$.ajax({type:"GET",url:b,dataType:"html",beforeSend:function(){},success:function(e,d,f){e=f.responseText.split("#");el=document.getElementById(a);el.innerHTML="";for(d=0;d<e.length;++d)f=document.createElement("option"),f.appendChild(document.createTextNode(e[d])),
+f.value=e[d],el.appendChild(f);"undefined"!=typeof c&&c(a,b)},error:function(){ISPConfig.reportError("Ajax Request was not successful. 119")}})},keepalive:function(){$.ajax({type:"GET",url:"keepalive.php",dataType:"html",success:function(a,b,c){setTimeout(function(){ISPConfig.keepalive()},1E6)},error:function(){ISPConfig.reportError("Session expired. Please login again.")}})},addAdditionalTemplate:function(){var a=$("#template_additional").val(),b=$("#tpl_add_select").val().split("|",2),c=b[0],b=
+b[1];if(0<c){a=a.split("/");ISPConfig.new_tpl_add_id+=1;var e=$('<a href="#"></a>').attr("class","button icons16 icoDelete").click(function(a){a.preventDefault();ISPConfig.delAdditionalTemplate($(this).parent().attr("rel"))});a[a.length]="n"+ISPConfig.new_tpl_add_id+":"+c;$("<li>"+b+"</li>").attr("rel","n"+new_tpl_add_id).append(e).appendTo("#template_additional_list ul");$("#template_additional").val(a.join("/"));alert("additional template "+b+" added to customer")}else alert("no additional template selcted")},
+delAdditionalTemplate:function(a){var b=$("#template_additional").val();if(a){var c=$("#template_additional_list ul").find('li[rel="'+a+'"]').eq(0),e=c.text();c.remove();for(var b=b.split("/"),c=[],d=0;d<b.length;d++){var f=b[d].split(":",2);if(2!=f.length||f[0]!=a)c[c.length]=b[d]}$("#template_additional").val(c.join("/"));alert("additional template "+e+" deleted from customer")}else""!=b?(a=document.getElementById("tpl_add_select").value.split("|",2),c=a[0],e=a[1],$("#template_additional_list ul").find("li:not([rel])").each(function(){return $(this).text()==
+e?($(this).remove(),!1):this}),c=b.replace(new RegExp("(^|/)"+c+"(/|$)"),""),c=c.replace("//","/"),$("#template_additional").val(c),alert("additional template "+e+" deleted from customer")):alert("no additional template selcted")}};
+$(document).on("change",function(a){var b=a.target.localName;0<$("#pageForm .table #Filter").length&&"select"==b&&(a.preventDefault(),$("#pageForm .table #Filter").trigger("click"));"select"!=b&&"input"!=b&&"textarea"!=b||0!=$(a.target).hasClass("no-page-form-change")||(ISPConfig.pageFormChanged=!0)});$(document).on("click","a[data-load-content],button[data-load-content]",function(a){a=$(this).attr("data-load-content");if(!a)return this;ISPConfig.loadContent(a)});
+$(document).on("click","a[data-capp],button[data-capp]",function(a){a=$(this).attr("data-capp");if(!a)return this;ISPConfig.capp(a)});$(document).on("click","a[data-submit-form],button[data-submit-form]",function(a){a=$(this);var b=a.attr("data-form-action"),c=a.attr("data-submit-form");"true"==a.attr("data-form-upload")?ISPConfig.submitUploadForm(c,b):ISPConfig.submitForm(c,b)});
+$(document).bind("keypress",function(a){"13"==a.which&&0<$("#pageForm .table #Filter").length&&0==$(a.target).hasClass("ui-autocomplete-input")&&(a.preventDefault(),$("#pageForm .table #Filter").trigger("click"));"13"==a.which&&0<$(".pnl_formsarea button.positive").length&&"textarea"!=a.target.localName&&$(a.target).is(":input")&&(a.preventDefault(),$(".pnl_formsarea button.positive:first").not("[disabled='disabled']").trigger("click"))});
+$(document).on("click","th[data-column]",function(a){var b=$(this),c=b.attr("data-column");if(!c)return this;if(0<$("#pageForm .table #Filter").length&&"false"!=b.attr("data-sortable")){var e=$("#Filter");a=e.attr("data-form-action");var e=e.attr("data-submit-form"),d=b.attr("data-ordered"),b="?";0<=a.indexOf("?")&&(b="&");ISPConfig.submitForm(e,a+b+"orderby="+c);$(document).ajaxComplete(function(){var a=$('#pageForm .table th[data-column="'+c+'"]');a.parent().children("th[data-column]").removeAttr("data-ordered");
+d&&"asc"==d?a.attr("data-ordered","desc"):a.attr("data-ordered","asc")})}});$(document).on("click",".addPlaceholder",function(){var a=$(this).text();$(this).siblings(":input").insertAtCaret(a)});$(document).on("click",".addPlaceholderContent",function(){var a=$(this).find(".addPlaceholderContent").text();$(this).siblings(":input").insertAtCaret(a)});
+$(document).on("ready",function(){$.fn.extend({insertAtCaret:function(a){return this.each(function(b){if(document.selection)this.focus(),sel=document.selection.createRange(),sel.text=a,this.focus();else if(this.selectionStart||"0"==this.selectionStart){b=this.selectionStart;var c=this.selectionEnd,e=this.scrollTop;this.value=this.value.substring(0,b)+a+this.value.substring(c,this.value.length);this.focus();this.selectionStart=b+a.length;this.selectionEnd=b+a.length;this.scrollTop=e}else this.value+=
+a,this.focus()})}});$(".progress .progress-bar").css("width",function(){return $(this).attr("aria-valuenow")+"%"});ISPConfig.loadInitContent();$("#searchform").submit(function(a){a.preventDefault()});$("#pageForm").submit(function(a){0<$("#pageForm .table #Filter").length&&a.preventDefault()})});
diff --git a/interface/web/themes/default/templates/main_login.tpl.htm b/interface/web/themes/default/templates/main_login.tpl.htm
new file mode 100644
index 0000000000000000000000000000000000000000..e5fa880e6af125558db14bc2021d437eb3c94a36
--- /dev/null
+++ b/interface/web/themes/default/templates/main_login.tpl.htm
@@ -0,0 +1,56 @@
+<!DOCTYPE html>
+<html lang='en'>
+<head>
+ <meta charset='utf-8' />
+
+ <title><tmpl_var name="company_name"><tmpl_var name="app_title"></title>
+
+ <meta name='viewport' content='width=device-width, user-scalable=yes'>
+ <meta name='description' lang='en' content='' />
+ <meta name='keywords' lang='en' content='' />
+ <meta name='robots' content='index, follow' />
+
+ <link rel='stylesheet' href='../themes/<tmpl_var name='current_theme'>/assets/stylesheets/bootstrap.min.css' />
+ <link rel='stylesheet' href='../themes/<tmpl_var name='current_theme'>/assets/stylesheets/fonts.min.css' />
+ <link rel='stylesheet' href='../themes/<tmpl_var name='current_theme'>/assets/stylesheets/ispconfig.min.css' />
+ <link rel='stylesheet' href='../themes/<tmpl_var name='current_theme'>/assets/stylesheets/pushy.min.css' />
+ <link rel='stylesheet' href='../themes/<tmpl_var name='current_theme'>/assets/stylesheets/bootstrap-datetimepicker.min.css' />
+ <link rel='stylesheet' href='../themes/<tmpl_var name='current_theme'>/assets/stylesheets/responsive.min.css' />
+ <link rel='stylesheet' href='../themes/<tmpl_var name='current_theme'>/assets/stylesheets/themes/default/theme.min.css' />
+ <link rel='stylesheet' href='../themes/<tmpl_var name='current_theme'>/assets/stylesheets/select2.css' />
+ <link rel='stylesheet' href='../themes/<tmpl_var name='current_theme'>/assets/stylesheets/select2-bootstrap.css' />
+ <link rel='stylesheet' href='../themes/<tmpl_var name='current_theme'>/assets/stylesheets/login.css' />
+</head>
+
+<body>
+<div class="container" style="min-height: 100%; min-height: 100vh; display: flex;">
+ <div class="row" style="margin: auto; width:100%;">
+ <div class="col-md-4 col-md-offset-4">
+ <div class="panel panel-default">
+ <div class="panel-heading" style="background: linear-gradient(to bottom, white, #eef0f2);">
+ <img src="{tmpl_var name='base64_logo_txt'}">
+ </div>
+ <div class="panel-body">
+ <tmpl_dyninclude name="content_tpl">
+ </div>
+ </div>
+ </div>
+ </div>
+</div>
+ <script type="text/javascript" src="js/jquery.min.js"></script>
+ <script src='../themes/<tmpl_var name='current_theme'>/assets/javascripts/bootstrap.min.js'></script>
+ <script src='../themes/<tmpl_var name='current_theme'>/assets/javascripts/bootstrap-datetimepicker.min.js'></script>
+ <script src='../themes/<tmpl_var name='current_theme'>/assets/javascripts/ispconfig.min.js'></script>
+ <script src='../themes/<tmpl_var name='current_theme'>/assets/javascripts/modernizr.custom.min.js'></script>
+ <script src='../themes/<tmpl_var name='current_theme'>/assets/javascripts/pushy.min.js'></script>
+ <script src='../themes/<tmpl_var name='current_theme'>/assets/javascripts/responsive.min.js'></script>
+ <script src='../js/select2/select2.min.js'></script>
+ <script src='../js/scrigo.js.php'></script>
+ <script type="text/javascript" src="../js/jquery.ispconfigsearch.js"></script>
+ <script type="text/javascript" src="../js/jquery.tipsy.js"></script>
+ <tmpl_loop name="js_d_includes">
+ <script type="text/javascript" src="../js/js.d/<tmpl_var name='file'>"></script>
+ </tmpl_loop>
+</body>
+
+</html>