container->requestobj->getAttribute('route')) { echo $this->doLoginForm(); } else { $body = $this->container->responseobj->getBody(); $body->write($this->doLoginForm()); return $this->container->responseobj; } } public function doLoginForm($msg = '') { $this->misc->setNoDBConnection(true); $server_id = $this->container->requestobj->getQueryParam('server'); if (null === $server_id) { $this->prtrace('invalid server param'); return $this->lang['strinvalidserverparam']; } $login_html = $this->printHeader($this->headerTitle(), $this->scripts, false); $login_html .= $this->printBody(false); $login_html .= $this->printTrail('root', false); if (!empty($_POST)) { $vars = &$_POST; } else { $vars = &$_GET; } foreach ($_REQUEST as $key => $val) { if (false !== strpos($key, '?')) { $namexploded = explode('?', $key); $_REQUEST[$namexploded[1]] = htmlspecialchars($val); } } $server_info = $this->misc->getServerInfo($server_id); $title = sprintf($this->lang['strlogintitle'], $server_info['desc']); $printTitle = $this->printTitle($title, null, false); $login_html .= $printTitle; if (isset($msg)) { $login_html .= $this->printMsg($msg, false); } $login_html .= '
'; $md5_server = md5($server_id); // Pass request vars through form (is this a security risk???) foreach ($vars as $key => $val) { if ('login' == substr($key, 0, 5)) { continue; } if (false !== strpos($key, '?')) { $key = explode('?', $key)[1]; } $login_html .= ''.PHP_EOL; } $login_html .= ''; $login_html .= ''; $login_html .= ''; $login_html .= ''; $loginusername = isset($_POST['loginUsername']) ? htmlspecialchars($_POST['loginUsername']) : ''; $login_html .= ''; $login_html .= ''; $login_html .= ''; $login_html .= ''; $login_html .= ''; $login_html .= ''; $login_html .= '
'.$this->lang['strusername'].'
'.$this->lang['strpassword'].'
'; if (sizeof($this->conf['servers']) > 1) { $checked = isset($_POST['loginShared']) ? 'checked="checked"' : ''; $login_html .= '

'; $login_html .= '

'; } $login_html .= '

'; $login_html .= '
'; $login_html .= ''; // Output footer $login_html .= $this->printFooter(false); return $login_html; } }