226 lines
6.6 KiB
PHP
226 lines
6.6 KiB
PHP
<?php
|
|
require ("system.inc.php");
|
|
require_once("mocha/system.inc.php");
|
|
require_once("fx/system.inc.php");
|
|
|
|
use Mocha\Core\InstanceKey;
|
|
use Mocha\Core\InstanceReference;
|
|
|
|
use Mocha\Core\KnownInstanceGuids;
|
|
use Mocha\Core\KnownRelationshipGuids;
|
|
|
|
use Mocha\Oms\Oms;
|
|
|
|
function _IsPostback()
|
|
{
|
|
// thanks https://stackoverflow.com/questions/4242035
|
|
return strtoupper($_SERVER['REQUEST_METHOD']) === 'POST';
|
|
//&& (basename($_SERVER['HTTP_REFERER']) == $_SERVER['SCRIPT_NAME']));
|
|
}
|
|
|
|
function get_ec_value(InstanceKey $ecid)
|
|
{
|
|
$fieldName = "ec__" . $ecid;
|
|
if (isset($_POST[$fieldName]))
|
|
{
|
|
return $_POST[$fieldName];
|
|
}
|
|
return null;
|
|
}
|
|
|
|
$oms = getOMS();
|
|
$tenant = $oms->getTenantInstance();
|
|
|
|
|
|
if (_IsPostback())
|
|
{
|
|
if ($_GET["do_pw"] == "1")
|
|
{
|
|
$password = $_POST["password"];
|
|
$password_salt = generateRandomString(32);
|
|
$password_hash = hash("sha512", $password . $password_salt);
|
|
echo($password_hash);
|
|
echo ("<br />");
|
|
echo($password_salt);
|
|
return;
|
|
}
|
|
|
|
$username = get_ec_value(new InstanceKey(56, 1));
|
|
$password = get_ec_value(new InstanceKey(56, 2));
|
|
|
|
$pdo = getPDO();
|
|
$query = "SELECT * FROM bst_users WHERE username = :username";
|
|
$statement = $pdo->prepare($query);
|
|
|
|
$statement->execute(array(
|
|
"username" => $username
|
|
));
|
|
|
|
$results = $statement->fetchAll();
|
|
|
|
if (count($results) > 0)
|
|
{
|
|
$result = $results[0];
|
|
|
|
$password_hash = $result["password_hash"];
|
|
$password_salt = $result["password_salt"];
|
|
|
|
$expected_hash = hash("sha512", $password . $password_salt);
|
|
if ($expected_hash == $password_hash)
|
|
{
|
|
$error_message = "";
|
|
|
|
$user_id = $result["id"];
|
|
$ip_address = $_SERVER["REMOTE_ADDR"];
|
|
|
|
$session_tag = generateRandomString(32);
|
|
$_SESSION["user_token"] = $session_tag;
|
|
|
|
$statement = $pdo->prepare("INSERT INTO bst_sessions (session_tag, user_id, start_datetime, ip_address) VALUES (:session_tag, :user_id, NOW(), :ip_address)");
|
|
$statement->execute(array("session_tag" => $session_tag, "user_id" => $user_id, "ip_address" => $ip_address));
|
|
|
|
if (isset($_SESSION["LoginRedirectURL"]))
|
|
{
|
|
header("Location: /" . $_SESSION["LoginRedirectURL"]);
|
|
unset($_SESSION["LoginRedirectURL"]);
|
|
}
|
|
else
|
|
{
|
|
header("Location: /bst/");
|
|
}
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
$error_message = "The user name or password you entered is incorrect. ( " . $password_hash . " ; " . $password_salt . " ; " . $expected_hash . " )";
|
|
}
|
|
}
|
|
else
|
|
{
|
|
$error_message = "The user name or password you entered is incorrect.";
|
|
}
|
|
}
|
|
|
|
function renderElementSingularVertically(Oms $oms, InstanceReference $element)
|
|
{
|
|
?>
|
|
<table class="mcx-element uwt-formview uwt-expand" data-instance-id="<?php echo($element->InstanceKey); ?>"><?php
|
|
$elementContents = $oms->getRelatedInstances($element, $oms->getInstanceByGlobalIdentifier(KnownRelationshipGuids::Element__has__Element_Content));
|
|
foreach ($elementContents as $elementContent)
|
|
{
|
|
?>
|
|
<tr data-instance-id="<?php echo($elementContent->InstanceKey); ?>">
|
|
<td><label for="ec__<?php echo($elementContent->InstanceKey); ?>"><?php echo($oms->getInstanceText($elementContent)); ?></label></td>
|
|
<td><?php
|
|
|
|
$obscuredText = false;
|
|
$elementContentDisplayOptions = $oms->getRelatedInstances($elementContent, $oms->getInstanceByGlobalIdentifier(KnownRelationshipGuids::Element_Content__has__Element_Content_Display_Option));
|
|
if ($elementContentDisplayOptions !== null)
|
|
{
|
|
foreach ($elementContentDisplayOptions as $displayOption)
|
|
{
|
|
if ($displayOption->GlobalIdentifier == KnownInstanceGuids::DisplayOption__ObscuredText)
|
|
{
|
|
$obscuredText = true;
|
|
}
|
|
}
|
|
}
|
|
|
|
if ($obscuredText)
|
|
{
|
|
?><input type="password" name="ec__<?php echo($elementContent->InstanceKey); ?>" id="ec__<?php echo($elementContent->InstanceKey); ?>" value="" /><?php
|
|
}
|
|
else
|
|
{
|
|
?><input type="text" name="ec__<?php echo($elementContent->InstanceKey); ?>" id="ec__<?php echo($elementContent->InstanceKey); ?>" value="" /><?php
|
|
}
|
|
?></td>
|
|
</tr>
|
|
<?php
|
|
}
|
|
?>
|
|
</table>
|
|
<?php
|
|
/*
|
|
<tr data-instance-id="56$2">
|
|
<td><label for="password">Password:</label></td>
|
|
<td><input type="password" name="ec__56$2" id="ec__56$2" value="" /></td>
|
|
</tr>
|
|
<?php
|
|
if ($error_message !== "")
|
|
{
|
|
?>
|
|
<tr>
|
|
<td colspan="2" style="color: #ff0000;">
|
|
<?php
|
|
echo($error_message);
|
|
?>
|
|
</td>
|
|
</tr>
|
|
<?php
|
|
}
|
|
?>
|
|
</table>
|
|
*/?>
|
|
<?php
|
|
}
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
|
<head>
|
|
<title><?php echo($oms->getAttributeValue($tenant, $oms->getInstanceByGlobalIdentifier('9153A637992E4712ADF2B03F0D9EDEA6'))); ?></title>
|
|
<link rel="manifest" href="manifest.json" />
|
|
<link rel="stylesheet" type="text/css" href="style/main.css?v=202310280055" />
|
|
<link rel="shortcut icon" href="images/favicon.ico" />
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
</head>
|
|
<body class="login-page">
|
|
<?php
|
|
|
|
?>
|
|
<form method="POST">
|
|
<div class="login-container">
|
|
<div class="uwt-content">
|
|
<div class="uwt-layout uwt-layout-box uwt-orientation-horizontal uwt-mobile-orientation-vertical">
|
|
<div class="uwt-expand" style="padding-left: 16px; padding-right: 16px;">
|
|
<div class="uwt-layout uwt-layout-box uwt-orientation-horizontal">
|
|
<img class="header-image" src="images/icon.svg" />
|
|
<div>
|
|
<h1 style="vertical-align: middle; padding: 16px;">Welcome to BST</h1>
|
|
</div>
|
|
</div>
|
|
<p>Enter your user name and password to continue. If you do not know this information, contact your system administrator.</p>
|
|
</div>
|
|
<div class="uwt-expand uwt-panel">
|
|
<div class="uwt-content">
|
|
<?php
|
|
$instElement = $oms->getInstanceByGlobalIdentifier("2b7d4481b7c24e26a917e3ff7c367a8a");
|
|
if ($instElement !== null)
|
|
{
|
|
renderElementSingularVertically($oms, $instElement);
|
|
}
|
|
else
|
|
{
|
|
echo("Error Element is Null");
|
|
}
|
|
?>
|
|
<input style="display: block; width: 100%; padding: 16px; font-size: 1.2em;" class="uwt-button uwt-color-primary" type="submit" value="Log In" />
|
|
</div>
|
|
<!--
|
|
<div class="uwt-footer">
|
|
<input class="uwt-button uwt-color-primary" type="submit" value="Log In" />
|
|
</div>
|
|
-->
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div style="text-align: center; color: #aaaaaa; font-size: 10pt; padding-top: 64px;">
|
|
<div style="margin-bottom: 8px;">Version <?php echo(get_version()); ?></div>
|
|
<div>Powered by Mocha © MBS Business Solutions</div>
|
|
<div class="uwt-badge uwt-color-purple" style="margin-top: 16px;">QA Preview</div>
|
|
</div>
|
|
</form>
|
|
</body>
|
|
</html>
|