1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
|
<?php
/*
** Zabbix
** Copyright (C) 2001-2021 Zabbix SIA
**
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
** the Free Software Foundation; either version 2 of the License, or
** (at your option) any later version.
**
** This program is distributed in the hope that it will be useful,
** but WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
** GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License
** along with this program; if not, write to the Free Software
** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
**/
require_once dirname(__FILE__).'/include/classes/user/CWebUser.php';
require_once dirname(__FILE__).'/include/config.inc.php';
$redirect_to = (new CUrl('index.php'))->setArgument('form', 'default');
$request = getRequest('request', '');
$test_request = [];
preg_match('/^\/?(?<filename>[a-z0-9\_\.]+\.php)(\?.*)?$/i', $request, $test_request);
if (!array_key_exists('filename', $test_request) || !file_exists('./'.$test_request['filename'])
|| $test_request['filename'] == basename(__FILE__)) {
$request = '';
}
if ($request !== '') {
$redirect_to->setArgument('request', $request);
}
if (CAuthenticationHelper::get(CAuthenticationHelper::HTTP_AUTH_ENABLED) != ZBX_AUTH_HTTP_ENABLED) {
redirect($redirect_to->toString());
}
$http_user = '';
foreach (['PHP_AUTH_USER', 'REMOTE_USER', 'AUTH_USER'] as $key) {
if (array_key_exists($key, $_SERVER) && $_SERVER[$key] !== '') {
$http_user = $_SERVER[$key];
break;
}
}
if ($http_user) {
$parser = new CADNameAttributeParser(['strict' => true]);
if ($parser->parse($http_user) === CParser::PARSE_SUCCESS) {
$strip_domain = explode(',', CAuthenticationHelper::get(CAuthenticationHelper::HTTP_STRIP_DOMAINS));
$strip_domain = array_map('trim', $strip_domain);
if ($strip_domain && in_array($parser->getDomainName(), $strip_domain)) {
$http_user = $parser->getUserName();
}
}
try {
CWebUser::$data = API::getApiService('user')->loginByUsername($http_user,
(CAuthenticationHelper::get(CAuthenticationHelper::HTTP_CASE_SENSITIVE) == ZBX_AUTH_CASE_SENSITIVE),
CAuthenticationHelper::get(CAuthenticationHelper::AUTHENTICATION_TYPE)
);
if (!empty(CWebUser::$data)) {
CSessionHelper::set('sessionid', CWebUser::$data['sessionid']);
API::getWrapper()->auth = CWebUser::$data['sessionid'];
$redirect = array_filter([$request, CWebUser::$data['url'], CMenuHelper::getFirstUrl()]);
redirect(reset($redirect));
}
}
catch (APIException $e) {
error($e->getMessage());
}
}
else {
error(_('Incorrect user name or password or account is temporarily blocked.'));
}
echo (new CView('general.warning', [
'header' => _('You are not logged in'),
'messages' => array_column(get_and_clear_messages(), 'message'),
'buttons' => [
(new CButton('login', _('Login')))->onClick('document.location = '.
json_encode($redirect_to->getUrl()).';')
],
'theme' => getUserTheme(CWebUser::$data)
]))->getOutput();
session_write_close();
|