QwikClock is an employee time tracking app.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

index.php 4.9KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117
  1. <?php
  2. require_once __DIR__ . "/required.php";
  3. require_once __DIR__ . "/lib/login.php";
  4. /* Authenticate user */
  5. $userpass_ok = false;
  6. $multiauth = false;
  7. if ($VARS['progress'] == "1") {
  8. if (authenticate_user($VARS['username'], $VARS['password'])) {
  9. switch (get_account_status($VARS['username'])) {
  10. case "LOCKED_OR_DISABLED":
  11. $alert = lang("account locked", false);
  12. break;
  13. case "TERMINATED":
  14. $alert = lang("account terminated", false);
  15. break;
  16. case "CHANGE_PASSWORD":
  17. $alert = lang("password expired", false);
  18. case "NORMAL":
  19. $userpass_ok = true;
  20. break;
  21. case "ALERT_ON_ACCESS":
  22. sendLoginAlertEmail($VARS['username']);
  23. $userpass_ok = true;
  24. break;
  25. }
  26. if ($userpass_ok) {
  27. if (userHasTOTP($VARS['username'])) {
  28. $multiauth = true;
  29. } else {
  30. doLoginUser($VARS['username'], $VARS['password']);
  31. header('Location: app.php');
  32. die("Logged in, go to app.php");
  33. }
  34. }
  35. } else {
  36. $alert = lang("login incorrect", false);
  37. }
  38. } else if ($VARS['progress'] == "2") {
  39. if (verifyTOTP($VARS['username'], $VARS['authcode'])) {
  40. doLoginUser($VARS['username'], $VARS['password']);
  41. header('Location: app.php');
  42. die("Logged in, go to app.php");
  43. } else {
  44. $alert = lang("2fa incorrect", false);
  45. }
  46. }
  47. ?>
  48. <!DOCTYPE html>
  49. <html>
  50. <head>
  51. <meta charset="UTF-8">
  52. <meta http-equiv="X-UA-Compatible" content="IE=edge">
  53. <meta name="viewport" contgreent="width=device-width, initial-scale=1">
  54. <title><?php echo SITE_TITLE; ?></title>
  55. <link href="static/css/bootstrap.min.css" rel="stylesheet">
  56. <link href="static/css/app.css" rel="stylesheet">
  57. </head>
  58. <body>
  59. <div class="container">
  60. <div class="row">
  61. <div class="col-xs-12 col-sm-6 col-md-4 col-lg-4 col-sm-offset-3 col-md-offset-4 col-lg-offset-4">
  62. <div>
  63. <img class="img-responsive banner-image" src="static/img/banner.png" />
  64. </div>
  65. <div class="panel panel-primary">
  66. <div class="panel-heading">
  67. <h3 class="panel-title"><?php lang("sign in"); ?></h3>
  68. </div>
  69. <div class="panel-body">
  70. <form action="" method="POST">
  71. <?php
  72. if (!is_empty($alert)) {
  73. ?>
  74. <div class="alert alert-danger">
  75. <?php echo $alert; ?>
  76. </div>
  77. <?php
  78. }
  79. if ($multiauth != true) {
  80. ?>
  81. <input type="text" class="form-control" name="username" placeholder="<?php lang("username"); ?>" required="required" autofocus /><br />
  82. <input type="password" class="form-control" name="password" placeholder="<?php lang("password"); ?>" required="required" /><br />
  83. <input type="hidden" name="progress" value="1" />
  84. <?php
  85. } else if ($multiauth) {
  86. ?>
  87. <div class="alert alert-info">
  88. <?php lang("2fa prompt"); ?>
  89. </div>
  90. <input type="text" class="form-control" name="authcode" placeholder="<?php lang("authcode"); ?>" required="required" autofocus /><br />
  91. <input type="hidden" name="progress" value="2" />
  92. <input type="hidden" name="username" value="<?php echo $VARS['username']; ?>" />
  93. <?php
  94. }
  95. ?>
  96. <button type="submit" class="btn btn-primary">
  97. <?php lang("continue"); ?>
  98. </button>
  99. </form>
  100. </div>
  101. </div>
  102. </div>
  103. </div>
  104. <div class="footer">
  105. <?php echo LICENSE_TEXT; ?><br />
  106. Copyright &copy; <?php echo date('Y'); ?> <?php echo COPYRIGHT_NAME; ?>
  107. </div>
  108. </div>
  109. <script src="static/js/jquery-3.2.1.min.js"></script>
  110. <script src="static/js/bootstrap.min.js"></script>
  111. </body>
  112. </html>