luos/workflow/engine/methods/login/sysLogin.php

<?php

use Illuminate\Support\Facades\Crypt;

/*----------------------------------********---------------------------------*/
//Browser Compatibility
$browserSupported = G::checkBrowserCompatibility();
if ($browserSupported==false) {
    if (!isset($_SESSION['G_MESSAGE']) || $_SESSION['G_MESSAGE'] == "") {
        G::SendTemporalMessage('ID_CURRENT_BROWSER_NOT_SUPPORTED', 'warning');
    }
}
/*----------------------------------********---------------------------------*/
if (isset ($_POST['form']['USER_ENV'])) {
    $data = Crypt::encryptString(serialize($_POST));
    $url = sprintf('/sys%s/%s/%s/login/sysLoginVerify?d=%s', $_POST['form']['USER_ENV'], SYS_LANG, SYS_SKIN, $data);
    G::header("location: $url");
    die();
}

//Save session variables
$arraySession = array();

if (!empty($_SESSION['G_MESSAGE'])) {
    $arraySession["G_MESSAGE"] = $_SESSION["G_MESSAGE"];
}

if (!empty($_SESSION['G_MESSAGE_TYPE'])) {
    $arraySession["G_MESSAGE_TYPE"] = $_SESSION["G_MESSAGE_TYPE"];
}

//Initialize session
@session_destroy();
session_start();
session_regenerate_id();

//Set options for PHP session cookie
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60), 'httponly' => true]);
setcookie(session_name(), session_id(), $cookieOptions);

//Restore session variables
$_SESSION = array_merge($_SESSION, $arraySession);

//Required classes for dbArray work
Propel::init(PATH_CORE . "config/databases.php");
Creole::registerDriver('dbarray', 'creole.contrib.DBArrayConnection');

function getLangFiles()
{
    $dir = PATH_LANGUAGECONT;
    $filesArray = array();
    if (file_exists($dir)) {
        if ($handle = opendir($dir)) {
            while (false !== ($file = readdir($handle))) {
                $fileParts = explode(".", $file);
                if ($fileParts [0] == "translation") {
                    $filesArray [$fileParts [1]] = $file;
                }
            }
            closedir($handle);
        }
    }
    return $filesArray;
}

function getWorkspacesAvailable()
{
    $oServerConf = ServerConf::getSingleton();
    $dir = PATH_DB;
    $filesArray = array();
    if (file_exists($dir)) {
        if ($handle = opendir($dir)) {
            while (false !== ($file = readdir($handle))) {
                if (($file != ".") && ($file != "..")) {
                    if (file_exists(PATH_DB . $file . '/db.php')) {
                        if (! $oServerConf->isWSDisabled($file)) {
                            $filesArray [] = $file;
                        }
                    }
                }
            }
            closedir($handle);
        }
    }
    sort($filesArray, SORT_STRING);
    return $filesArray;
}

$availableWorkspace = getWorkspacesAvailable();

//Translations
//$Translations = G::getModel("Translation");  <-- ugly way to get a class
require_once "classes/model/Translation.php";
$Translations = new Translation();
$translationsTable = $Translations->getTranslationEnvironments();

$availableLangArray = array();
$availableLangArray [] = array('LANG_ID' => 'char', 'LANG_NAME' => 'char');

foreach ($translationsTable as $locale) {
    $aFields['LANG_ID'] = $locale['LOCALE'];
    if ($locale['COUNTRY'] != '.') {
        $aFields['LANG_NAME'] = $locale['LANGUAGE'] . ' (' . (ucwords(strtolower($locale['COUNTRY']))) . ')';
    } else {
        $aFields['LANG_NAME'] = $locale['LANGUAGE'];
    }

    $availableLangArray [] = $aFields;
}

$availableWorkspaceArray = array();
$availableWorkspaceArray [] = array('ENV_ID' => 'char', 'ENV_NAME' => 'char');
foreach ($availableWorkspace as $envKey => $envName) {
    $aFields = array('ENV_ID' => $envName, 'ENV_NAME' => $envName);
    $availableWorkspaceArray [] = $aFields;
}

global $_DBArray;

$_DBArray ['langOptions'] = $availableLangArray;
$_DBArray ['availableWorkspace'] = $availableWorkspaceArray;

$_SESSION ['_DBArray'] = $_DBArray;

$aField ['LOGIN_VERIFY_MSG'] = G::loadTranslation('LOGIN_VERIFY_MSG');
$aField['USER_LANG'] = SYS_LANG;

$G_PUBLISH = new Publisher();
if (!defined('WS_IN_LOGIN')) {
    define('WS_IN_LOGIN', 'serverconf');
}
$fileLogin = 'login/sysLogin';
$version = explode('.', trim(file_get_contents(PATH_GULLIVER . 'VERSION')));
$version = isset($version[0]) ? intval($version[0]) : 0;
switch (WS_IN_LOGIN) {
    case 'serverconf':
        //Get Server Configuration
        $oServerConf = ServerConf::getSingleton();
        if ($oServerConf->getProperty('LOGIN_NO_WS')) {
            $fileLogin = $version >= 3 ? 'login/sysLoginNoWSpm3' : 'login/sysLoginNoWS';
        } else {
            $fileLogin = 'login/sysLogin';
        }
        break;
    case 'no':
        $fileLogin = $version >= 3 ? 'login/sysLoginNoWSpm3' : 'login/sysLoginNoWS';
        break;
    case 'yes':
        $fileLogin = 'login/sysLogin';
        break;
    default:
        $fileLogin = 'login/sysLogin';
        break;
}
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60), 'path' => SYS_CURRENT_URI]);
setcookie('PM-Warning', trim(G::LoadTranslation('ID_BLOCKER_MSG'), '*'), $cookieOptions);

$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60)]);
setcookie('PM-TabPrimary', uniqid(), $cookieOptions);

$oHeadPublisher = headPublisher::getSingleton();
$oHeadPublisher->addScriptFile('/jscore/src/PM.js');
$oHeadPublisher->addScriptFile('/jscore/src/Sessions.js');
$oHeadPublisher->addScriptFile('/jscore/src/Register.js');

$G_PUBLISH->AddContent('xmlform', 'xmlform', $fileLogin, '', $aField, 'sysLogin');
G::RenderPage("publish");
initial commit from rev. 632 2010-12-02 23:34:41 +00:00			`<?php`
PMCORE-3467 2021-11-26 15:58:35 +00:00
PMCORE-4049 2022-11-16 16:20:43 +00:00			`use Illuminate\Support\Facades\Crypt;`

PMCORE-3647 2022-01-26 14:18:22 -04:00			`/----------------------------------******---------------------------------/`
update styles in neoclassic for pm3 2015-04-09 16:25:47 -04:00			`//Browser Compatibility`
			`$browserSupported = G::checkBrowserCompatibility();`
HOR-4527 2017-12-04 13:25:35 +00:00			`if ($browserSupported==false) {`
			`if (!isset($_SESSION['G_MESSAGE']) \|\| $_SESSION['G_MESSAGE'] == "") {`
			`G::SendTemporalMessage('ID_CURRENT_BROWSER_NOT_SUPPORTED', 'warning');`
			`}`
PM-483 FEATURE. Warning al ingresar a PM desde un browser no soportado. Se aniadio la funcion detectBrowser() en la clase G, para poder determinar desde sysLogin.php(login sin variables en cache) y Login.php(login con variables en cache) desde que browser accede el usuario y lanzar un warning para avisarle si soportamos o no dicho navegador. Se uso los datos de la Wiki (http://wiki.processmaker.com/index.php/2.0/ProcessMaker_Installation_Requirements#Web_Browser_Compatibility) para la version 2.5.0 de pm como minimas versiones soportadas para PM2.8 (se detalla a continuacion). Versiones soportadas para PM 2.8: - IE -> 8, 9, 10, 11 - Chrome -> 26.0.x en adelante. - Firefox -> 20.x en adelante. 2014-10-20 17:41:47 -04:00			`}`
PM-1039 Aniadiendo files para a obviar codigo en la version community. 2014-12-04 10:23:06 -04:00			`/----------------------------------******---------------------------------/`
BUG 9216 Al cambiar el idioma por system settings... SOLVED - By selecting the language in settings the Dropdown shows no language predefined. - was add posts to language in the login and system for more information, and was modified the Dropdown for show the language predefined. 2012-07-10 19:01:57 -04:00			`if (isset ($_POST['form']['USER_ENV'])) {`
PMCORE-4049 2022-11-16 16:20:43 +00:00			`$data = Crypt::encryptString(serialize($_POST));`
FIX for sysLogin validations failure, now the user login from syslogin form is working fine 2014-02-18 23:20:10 -04:00			`$url = sprintf('/sys%s/%s/%s/login/sysLoginVerify?d=%s', $_POST['form']['USER_ENV'], SYS_LANG, SYS_SKIN, $data);`
			`G::header("location: $url");`
			`die();`
initial commit from rev. 632 2010-12-02 23:34:41 +00:00			`}`

BUG 12540 "No muestra ningun mensaje cuando el workpace..." SOLVED - When the workspace is invalid, no displayed any message - Solved problem, session variables were being destroyed, but now saved if exist any messages * Available from version ProcessMaker-2.5.2-testing.1 2013-08-08 15:36:21 -04:00			`//Save session variables`
			`$arraySession = array();`

PMC-801 2019-05-21 10:26:41 -04:00			`if (!empty($_SESSION['G_MESSAGE'])) {`
BUG 12540 "No muestra ningun mensaje cuando el workpace..." SOLVED - When the workspace is invalid, no displayed any message - Solved problem, session variables were being destroyed, but now saved if exist any messages * Available from version ProcessMaker-2.5.2-testing.1 2013-08-08 15:36:21 -04:00			`$arraySession["G_MESSAGE"] = $_SESSION["G_MESSAGE"];`
			`}`

PMC-801 2019-05-21 10:26:41 -04:00			`if (!empty($_SESSION['G_MESSAGE_TYPE'])) {`
BUG 12540 "No muestra ningun mensaje cuando el workpace..." SOLVED - When the workspace is invalid, no displayed any message - Solved problem, session variables were being destroyed, but now saved if exist any messages * Available from version ProcessMaker-2.5.2-testing.1 2013-08-08 15:36:21 -04:00			`$arraySession["G_MESSAGE_TYPE"] = $_SESSION["G_MESSAGE_TYPE"];`
			`}`

			`//Initialize session`
First functional OAuth2 implementation, but we're still working on it (adding missing files) 2013-10-01 09:15:28 -04:00			`@session_destroy();`
Add validation when change the url without a workspace but with a session active 2012-10-01 13:44:27 -04:00			`session_start();`
			`session_regenerate_id();`

PMCORE-3467 2021-11-26 15:58:35 +00:00			`//Set options for PHP session cookie`
			`$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60), 'httponly' => true]);`
			`setcookie(session_name(), session_id(), $cookieOptions);`

BUG 12540 "No muestra ningun mensaje cuando el workpace..." SOLVED - When the workspace is invalid, no displayed any message - Solved problem, session variables were being destroyed, but now saved if exist any messages * Available from version ProcessMaker-2.5.2-testing.1 2013-08-08 15:36:21 -04:00			`//Restore session variables`
			`$_SESSION = array_merge($_SESSION, $arraySession);`

initial commit from rev. 632 2010-12-02 23:34:41 +00:00			`//Required classes for dbArray work`
HOR-4527 2017-12-04 13:25:35 +00:00			`Propel::init(PATH_CORE . "config/databases.php");`
			`Creole::registerDriver('dbarray', 'creole.contrib.DBArrayConnection');`
BUG 9216 Al cambiar el idioma por system settings... SOLVED - By selecting the language in settings the Dropdown shows no language predefined. - was add posts to language in the login and system for more information, and was modified the Dropdown for show the language predefined. 2012-07-10 19:01:57 -04:00
			`function getLangFiles()`
			`{`
			`$dir = PATH_LANGUAGECONT;`
HOR-4527 2017-12-04 13:25:35 +00:00			`$filesArray = array();`
			`if (file_exists($dir)) {`
			`if ($handle = opendir($dir)) {`
			`while (false !== ($file = readdir($handle))) {`
			`$fileParts = explode(".", $file);`
BUG 9216 Al cambiar el idioma por system settings... SOLVED - By selecting the language in settings the Dropdown shows no language predefined. - was add posts to language in the login and system for more information, and was modified the Dropdown for show the language predefined. 2012-07-10 19:01:57 -04:00			`if ($fileParts [0] == "translation") {`
			`$filesArray [$fileParts [1]] = $file;`
			`}`
			`}`
HOR-4527 2017-12-04 13:25:35 +00:00			`closedir($handle);`
initial commit from rev. 632 2010-12-02 23:34:41 +00:00			`}`
			`}`
BUG 9216 Al cambiar el idioma por system settings... SOLVED - By selecting the language in settings the Dropdown shows no language predefined. - was add posts to language in the login and system for more information, and was modified the Dropdown for show the language predefined. 2012-07-10 19:01:57 -04:00			`return $filesArray;`
initial commit from rev. 632 2010-12-02 23:34:41 +00:00			`}`

BUG 9216 Al cambiar el idioma por system settings... SOLVED - By selecting the language in settings the Dropdown shows no language predefined. - was add posts to language in the login and system for more information, and was modified the Dropdown for show the language predefined. 2012-07-10 19:01:57 -04:00			`function getWorkspacesAvailable()`
			`{`
HOR-4527 2017-12-04 13:25:35 +00:00			`$oServerConf = ServerConf::getSingleton();`
BUG 9216 Al cambiar el idioma por system settings... SOLVED - By selecting the language in settings the Dropdown shows no language predefined. - was add posts to language in the login and system for more information, and was modified the Dropdown for show the language predefined. 2012-07-10 19:01:57 -04:00			`$dir = PATH_DB;`
HOR-4527 2017-12-04 13:25:35 +00:00			`$filesArray = array();`
			`if (file_exists($dir)) {`
			`if ($handle = opendir($dir)) {`
			`while (false !== ($file = readdir($handle))) {`
BUG 9216 Al cambiar el idioma por system settings... SOLVED - By selecting the language in settings the Dropdown shows no language predefined. - was add posts to language in the login and system for more information, and was modified the Dropdown for show the language predefined. 2012-07-10 19:01:57 -04:00			`if (($file != ".") && ($file != "..")) {`
HOR-4527 2017-12-04 13:25:35 +00:00			`if (file_exists(PATH_DB . $file . '/db.php')) {`
			`if (! $oServerConf->isWSDisabled($file)) {`
BUG 9216 Al cambiar el idioma por system settings... SOLVED - By selecting the language in settings the Dropdown shows no language predefined. - was add posts to language in the login and system for more information, and was modified the Dropdown for show the language predefined. 2012-07-10 19:01:57 -04:00			`$filesArray [] = $file;`
			`}`
			`}`
			`}`
			`}`
HOR-4527 2017-12-04 13:25:35 +00:00			`closedir($handle);`
initial commit from rev. 632 2010-12-02 23:34:41 +00:00			`}`
			`}`
HOR-4527 2017-12-04 13:25:35 +00:00			`sort($filesArray, SORT_STRING);`
BUG 9216 Al cambiar el idioma por system settings... SOLVED - By selecting the language in settings the Dropdown shows no language predefined. - was add posts to language in the login and system for more information, and was modified the Dropdown for show the language predefined. 2012-07-10 19:01:57 -04:00			`return $filesArray;`
initial commit from rev. 632 2010-12-02 23:34:41 +00:00			`}`
SPEEDY first version of boostrap.php, with many changes 2012-11-12 14:44:44 -04:00
HOR-4527 2017-12-04 13:25:35 +00:00			`$availableWorkspace = getWorkspacesAvailable();`
initial commit from rev. 632 2010-12-02 23:34:41 +00:00
moving the cache file translation.es location in ./workflow/engine/content/translation to shared directory to solve the problem in balanced environments and write permissions 2010-12-23 22:30:39 +00:00			`//Translations`
SPEEDY first version of boostrap.php, with many changes 2012-11-12 14:44:44 -04:00			`//$Translations = G::getModel("Translation"); <-- ugly way to get a class`
			`require_once "classes/model/Translation.php";`
			`$Translations = new Translation();`
moving the cache file translation.es location in ./workflow/engine/content/translation to shared directory to solve the problem in balanced environments and write permissions 2010-12-23 22:30:39 +00:00			`$translationsTable = $Translations->getTranslationEnvironments();`
initial commit from rev. 632 2010-12-02 23:34:41 +00:00
HOR-4527 2017-12-04 13:25:35 +00:00			`$availableLangArray = array();`
			`$availableLangArray [] = array('LANG_ID' => 'char', 'LANG_NAME' => 'char');`
BUG 9216 Al cambiar el idioma por system settings... SOLVED - By selecting the language in settings the Dropdown shows no language predefined. - was add posts to language in the login and system for more information, and was modified the Dropdown for show the language predefined. 2012-07-10 19:01:57 -04:00
			`foreach ($translationsTable as $locale) {`
			`$aFields['LANG_ID'] = $locale['LOCALE'];`
			`if ($locale['COUNTRY'] != '.') {`
			`$aFields['LANG_NAME'] = $locale['LANGUAGE'] . ' (' . (ucwords(strtolower($locale['COUNTRY']))) . ')';`
			`} else {`
			`$aFields['LANG_NAME'] = $locale['LANGUAGE'];`
			`}`
initial commit from rev. 632 2010-12-02 23:34:41 +00:00
BUG 9216 Al cambiar el idioma por system settings... SOLVED - By selecting the language in settings the Dropdown shows no language predefined. - was add posts to language in the login and system for more information, and was modified the Dropdown for show the language predefined. 2012-07-10 19:01:57 -04:00			`$availableLangArray [] = $aFields;`
initial commit from rev. 632 2010-12-02 23:34:41 +00:00			`}`

HOR-4527 2017-12-04 13:25:35 +00:00			`$availableWorkspaceArray = array();`
			`$availableWorkspaceArray [] = array('ENV_ID' => 'char', 'ENV_NAME' => 'char');`
BUG 9216 Al cambiar el idioma por system settings... SOLVED - By selecting the language in settings the Dropdown shows no language predefined. - was add posts to language in the login and system for more information, and was modified the Dropdown for show the language predefined. 2012-07-10 19:01:57 -04:00			`foreach ($availableWorkspace as $envKey => $envName) {`
HOR-4527 2017-12-04 13:25:35 +00:00			`$aFields = array('ENV_ID' => $envName, 'ENV_NAME' => $envName);`
BUG 9216 Al cambiar el idioma por system settings... SOLVED - By selecting the language in settings the Dropdown shows no language predefined. - was add posts to language in the login and system for more information, and was modified the Dropdown for show the language predefined. 2012-07-10 19:01:57 -04:00			`$availableWorkspaceArray [] = $aFields;`
initial commit from rev. 632 2010-12-02 23:34:41 +00:00			`}`

			`global $_DBArray;`

			`$_DBArray ['langOptions'] = $availableLangArray;`
			`$_DBArray ['availableWorkspace'] = $availableWorkspaceArray;`

			`$_SESSION ['_DBArray'] = $_DBArray;`

HOR-4527 2017-12-04 13:25:35 +00:00			`$aField ['LOGIN_VERIFY_MSG'] = G::loadTranslation('LOGIN_VERIFY_MSG');`
BUG 9216 Al cambiar el idioma por system settings... SOLVED - By selecting the language in settings the Dropdown shows no language predefined. - was add posts to language in the login and system for more information, and was modified the Dropdown for show the language predefined. 2012-07-10 17:55:22 -04:00			`$aField['USER_LANG'] = SYS_LANG;`
SPEEDY first version of boostrap.php, with many changes 2012-11-12 14:44:44 -04:00
HOR-4527 2017-12-04 13:25:35 +00:00			`$G_PUBLISH = new Publisher();`
BUG-14988 Administrative Interfaces are Accessible... IMPROVEMENT - Change of variable to uppercase. 2014-06-25 08:50:01 -04:00			`if (!defined('WS_IN_LOGIN')) {`
			`define('WS_IN_LOGIN', 'serverconf');`
BUG-14988 Administrative Interfaces are Accessible from the Internet SOLVED 2014-06-23 15:12:57 -04:00			`}`
			`$fileLogin = 'login/sysLogin';`
PM-3474 2015-09-25 19:55:26 -04:00			`$version = explode('.', trim(file_get_contents(PATH_GULLIVER . 'VERSION')));`
			`$version = isset($version[0]) ? intval($version[0]) : 0;`
BUG-14988 Administrative Interfaces are Accessible... IMPROVEMENT - Change of variable to uppercase. 2014-06-25 08:50:01 -04:00			`switch (WS_IN_LOGIN) {`
BUG-14988 Administrative Interfaces are Accessible from the Internet SOLVED 2014-06-23 15:12:57 -04:00			`case 'serverconf':`
			`//Get Server Configuration`
HOR-4527 2017-12-04 13:25:35 +00:00			`$oServerConf = ServerConf::getSingleton();`
			`if ($oServerConf->getProperty('LOGIN_NO_WS')) {`
PM-3474 2015-09-25 19:55:26 -04:00			`$fileLogin = $version >= 3 ? 'login/sysLoginNoWSpm3' : 'login/sysLoginNoWS';`
BUG-14988 Administrative Interfaces are Accessible from the Internet SOLVED 2014-06-23 15:12:57 -04:00			`} else {`
			`$fileLogin = 'login/sysLogin';`
			`}`
			`break;`
			`case 'no':`
PM-3474 2015-09-25 19:55:26 -04:00			`$fileLogin = $version >= 3 ? 'login/sysLoginNoWSpm3' : 'login/sysLoginNoWS';`
BUG-14988 Administrative Interfaces are Accessible from the Internet SOLVED 2014-06-23 15:12:57 -04:00			`break;`
			`case 'yes':`
			`$fileLogin = 'login/sysLogin';`
			`break;`
			`default:`
			`$fileLogin = 'login/sysLogin';`
			`break;`
initial commit from rev. 632 2010-12-02 23:34:41 +00:00			`}`
PMCORE-3467 2021-11-26 15:58:35 +00:00			`$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60), 'path' => SYS_CURRENT_URI]);`
			`setcookie('PM-Warning', trim(G::LoadTranslation('ID_BLOCKER_MSG'), '*'), $cookieOptions);`

			`$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60)]);`
			`setcookie('PM-TabPrimary', uniqid(), $cookieOptions);`

HOR-4527 2017-12-04 13:25:35 +00:00			`$oHeadPublisher = headPublisher::getSingleton();`
HOR-368 Security Avoid the problem of overwriting session data opening multiple browser tabs or multiple browser instances up observations active or desactive block tab 2016-03-08 18:37:38 -04:00			`$oHeadPublisher->addScriptFile('/jscore/src/PM.js');`
			`$oHeadPublisher->addScriptFile('/jscore/src/Sessions.js');`
			`$oHeadPublisher->addScriptFile('/jscore/src/Register.js');`
PM-4250 2015-11-30 16:43:13 -04:00
HOR-4527 2017-12-04 13:25:35 +00:00			`$G_PUBLISH->AddContent('xmlform', 'xmlform', $fileLogin, '', $aField, 'sysLogin');`
			`G::RenderPage("publish");`