2014-03-23 16:03:30 -04:00
< ? php
/*******************************************************************************
2015-09-12 00:46:46 -04:00
* Title : Help Desk Software HESK
2016-08-10 23:21:12 -04:00
* Version : 2.6 . 8 from 10 th August 2016
2015-09-12 00:46:46 -04:00
* Author : Klemen Stirn
* Website : http :// www . hesk . com
********************************************************************************
* COPYRIGHT AND TRADEMARK NOTICE
* Copyright 2005 - 2015 Klemen Stirn . All Rights Reserved .
* HESK is a registered trademark of Klemen Stirn .
* The HESK may be used and modified free of charge by anyone
* AS LONG AS COPYRIGHT NOTICES AND ALL THE COMMENTS REMAIN INTACT .
* By using this code you agree to indemnify Klemen Stirn from any
* liability that might arise from it ' s use .
* Selling the code for this program , in part or full , without prior
* written consent is expressly forbidden .
* Using this code , in part or full , to create derivate work ,
* new scripts or products is expressly forbidden . Obtain permission
* before redistributing this software over the Internet or in
* any other medium . In all cases copyright and header must remain intact .
* This Copyright is in full effect in any country that has International
* Trade Agreements with the United States of America or
* with the European Union .
* Removing any of the copyright notices without purchasing a license
* is expressly forbidden . To remove HESK copyright notice you must purchase
* a license for this script . For more information on how to obtain
* a license please visit the page below :
* https :// www . hesk . com / buy . php
*******************************************************************************/
define ( 'IN_SCRIPT' , 1 );
define ( 'HESK_PATH' , '../' );
2014-03-23 16:03:30 -04:00
/* Get all the required files and functions */
require ( HESK_PATH . 'hesk_settings.inc.php' );
require ( HESK_PATH . 'inc/common.inc.php' );
require ( HESK_PATH . 'inc/admin_functions.inc.php' );
hesk_load_database_functions ();
hesk_session_start ();
hesk_dbConnect ();
2015-09-03 21:58:05 -04:00
$modsForHesk_settings = mfh_getSettings ();
2014-03-23 16:03:30 -04:00
/* What should we do? */
$action = hesk_REQUEST ( 'a' );
2015-09-12 00:46:46 -04:00
switch ( $action ) {
2014-03-23 16:03:30 -04:00
case 'do_login' :
2015-09-12 00:46:46 -04:00
do_login ();
2014-03-23 16:03:30 -04:00
break ;
case 'login' :
2015-09-12 00:46:46 -04:00
print_login ();
2014-03-23 16:03:30 -04:00
break ;
case 'logout' :
2015-09-12 00:46:46 -04:00
logout ();
2014-03-23 16:03:30 -04:00
break ;
default :
2015-09-12 00:46:46 -04:00
hesk_autoLogin ();
print_login ();
2014-03-23 16:03:30 -04:00
}
/* Print footer */
require_once ( HESK_PATH . 'inc/footer.inc.php' );
exit ();
/*** START FUNCTIONS ***/
function do_login ()
{
2015-09-12 00:46:46 -04:00
global $hesk_settings , $hesklang , $modsForHesk_settings ;
2014-03-23 16:03:30 -04:00
$hesk_error_buffer = array ();
2015-09-12 00:46:46 -04:00
$user = hesk_input ( hesk_POST ( 'user' ));
if ( empty ( $user )) {
$myerror = $hesk_settings [ 'list_users' ] ? $hesklang [ 'select_username' ] : $hesklang [ 'enter_username' ];
2014-03-23 16:03:30 -04:00
$hesk_error_buffer [ 'user' ] = $myerror ;
}
define ( 'HESK_USER' , $user );
2015-09-12 00:46:46 -04:00
$pass = hesk_input ( hesk_POST ( 'pass' ));
if ( empty ( $pass )) {
$hesk_error_buffer [ 'pass' ] = $hesklang [ 'enter_pass' ];
}
2014-03-23 16:03:30 -04:00
2015-09-12 00:46:46 -04:00
if ( $hesk_settings [ 'secimg_use' ] == 2 && ! isset ( $_SESSION [ 'img_a_verified' ])) {
// Using ReCaptcha?
if ( $hesk_settings [ 'recaptcha_use' ] == 1 ) {
require_once ( HESK_PATH . 'inc/recaptcha/recaptchalib.php' );
$resp = recaptcha_check_answer ( $hesk_settings [ 'recaptcha_private_key' ],
$_SERVER [ 'REMOTE_ADDR' ],
hesk_POST ( 'recaptcha_challenge_field' , '' ),
hesk_POST ( 'recaptcha_response_field' , '' )
2014-03-23 16:03:30 -04:00
);
2015-09-12 00:46:46 -04:00
if ( $resp -> is_valid ) {
$_SESSION [ 'img_a_verified' ] = true ;
} else {
$hesk_error_buffer [ 'mysecnum' ] = $hesklang [ 'recaptcha_error' ];
}
} // Using ReCaptcha API v2?
elseif ( $hesk_settings [ 'recaptcha_use' ] == 2 ) {
2015-01-11 17:16:16 -05:00
require ( HESK_PATH . 'inc/recaptcha/recaptchalib_v2.php' );
$resp = null ;
$reCaptcha = new ReCaptcha ( $hesk_settings [ 'recaptcha_private_key' ]);
// Was there a reCAPTCHA response?
2015-09-12 00:46:46 -04:00
if ( isset ( $_POST [ " g-recaptcha-response " ])) {
$resp = $reCaptcha -> verifyResponse ( $_SERVER [ " REMOTE_ADDR " ], hesk_POST ( " g-recaptcha-response " ));
2015-01-11 17:16:16 -05:00
}
2015-09-12 00:46:46 -04:00
if ( $resp != null && $resp -> success ) {
$_SESSION [ 'img_a_verified' ] = true ;
} else {
$hesk_error_buffer [ 'mysecnum' ] = $hesklang [ 'recaptcha_error' ];
2015-01-11 17:16:16 -05:00
}
2015-09-12 00:46:46 -04:00
} // Using PHP generated image
else {
$mysecnum = intval ( hesk_POST ( 'mysecnum' , 0 ));
if ( empty ( $mysecnum )) {
$hesk_error_buffer [ 'mysecnum' ] = $hesklang [ 'sec_miss' ];
} else {
require ( HESK_PATH . 'inc/secimg.inc.php' );
$sc = new PJ_SecurityImage ( $hesk_settings [ 'secimg_sum' ]);
if ( isset ( $_SESSION [ 'checksum' ]) && $sc -> checkCode ( $mysecnum , $_SESSION [ 'checksum' ])) {
$_SESSION [ 'img_a_verified' ] = true ;
} else {
$hesk_error_buffer [ 'mysecnum' ] = $hesklang [ 'sec_wrng' ];
}
2015-01-11 17:16:16 -05:00
}
}
2015-09-12 00:46:46 -04:00
}
2014-03-23 16:03:30 -04:00
/* Any missing fields? */
2015-09-12 00:46:46 -04:00
if ( count ( $hesk_error_buffer ) != 0 ) {
$_SESSION [ 'a_iserror' ] = array_keys ( $hesk_error_buffer );
2014-03-23 16:03:30 -04:00
2015-09-12 00:46:46 -04:00
$tmp = '' ;
foreach ( $hesk_error_buffer as $error ) {
$tmp .= " <li> $error </li> \n " ;
}
$hesk_error_buffer = $tmp ;
2014-03-23 16:03:30 -04:00
2015-09-12 00:46:46 -04:00
$hesk_error_buffer = $hesklang [ 'pcer' ] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>' ;
hesk_process_messages ( $hesk_error_buffer , 'NOREDIRECT' );
2014-03-23 16:03:30 -04:00
print_login ();
exit ();
2015-09-12 00:46:46 -04:00
} elseif ( isset ( $_SESSION [ 'img_a_verified' ])) {
unset ( $_SESSION [ 'img_a_verified' ]);
2014-03-23 16:03:30 -04:00
}
2015-09-12 00:46:46 -04:00
/* User entered all required info, now lets limit brute force attempts */
hesk_limitBfAttempts ();
2014-03-23 16:03:30 -04:00
2015-09-12 00:46:46 -04:00
$result = hesk_dbQuery ( " SELECT * FROM ` " . hesk_dbEscape ( $hesk_settings [ 'db_pfix' ]) . " users` WHERE `user` = ' " . hesk_dbEscape ( $user ) . " ' LIMIT 1 " );
if ( hesk_dbNumRows ( $result ) != 1 ) {
2014-03-23 16:03:30 -04:00
hesk_session_stop ();
2015-09-12 00:46:46 -04:00
$_SESSION [ 'a_iserror' ] = array ( 'user' , 'pass' );
hesk_process_messages ( $hesklang [ 'wrong_user' ], 'NOREDIRECT' );
2014-03-23 16:03:30 -04:00
print_login ();
exit ();
2015-09-12 00:46:46 -04:00
}
2014-03-23 16:03:30 -04:00
2015-09-12 00:46:46 -04:00
$res = hesk_dbFetchAssoc ( $result );
foreach ( $res as $k => $v ) {
$_SESSION [ $k ] = $v ;
}
2014-03-23 16:03:30 -04:00
2015-09-12 00:46:46 -04:00
/* Check password */
if ( hesk_Pass2Hash ( $pass ) != $_SESSION [ 'pass' ]) {
2014-03-23 16:03:30 -04:00
hesk_session_stop ();
2015-09-12 00:46:46 -04:00
$_SESSION [ 'a_iserror' ] = array ( 'pass' );
hesk_process_messages ( $hesklang [ 'wrong_pass' ], 'NOREDIRECT' );
print_login ();
exit ();
}
2014-03-23 16:03:30 -04:00
2015-09-12 00:46:46 -04:00
$pass_enc = hesk_Pass2Hash ( $_SESSION [ 'pass' ] . strtolower ( $user ) . $_SESSION [ 'pass' ]);
2014-03-23 16:03:30 -04:00
/* Check if default password */
2015-09-12 00:46:46 -04:00
if ( $_SESSION [ 'pass' ] == '499d74967b28a841c98bb4baaabaad699ff3c079' ) {
hesk_process_messages ( $hesklang [ 'chdp' ], 'NOREDIRECT' , 'NOTICE' );
2014-03-23 16:03:30 -04:00
}
2015-06-23 23:29:16 -04:00
// Set a tag that will be used to expire sessions after username or password change
$_SESSION [ 'session_verify' ] = hesk_activeSessionCreateTag ( $user , $_SESSION [ 'pass' ]);
// We don't need the password hash anymore
2015-09-12 00:46:46 -04:00
unset ( $_SESSION [ 'pass' ]);
2014-10-24 20:23:19 -04:00
2015-09-12 00:46:46 -04:00
/* Login successful, clean brute force attempts */
hesk_cleanBfAttempts ();
2014-03-23 16:03:30 -04:00
2014-10-24 20:23:19 -04:00
/* Make sure our user is active */
if ( ! $_SESSION [ 'active' ]) {
hesk_session_stop ();
$_SESSION [ 'a_iserror' ] = array ( 'active' );
hesk_process_messages ( $hesklang [ 'inactive_user' ], 'NOREDIRECT' );
print_login ();
exit ();
}
/* Regenerate session ID (security) */
2015-09-12 00:46:46 -04:00
hesk_session_regenerate_id ();
/* Remember username? */
if ( $hesk_settings [ 'autologin' ] && hesk_POST ( 'remember_user' ) == 'AUTOLOGIN' ) {
setcookie ( 'hesk_username' , " $user " , strtotime ( '+1 year' ));
setcookie ( 'hesk_p' , " $pass_enc " , strtotime ( '+1 year' ));
} elseif ( hesk_POST ( 'remember_user' ) == 'JUSTUSER' ) {
setcookie ( 'hesk_username' , " $user " , strtotime ( '+1 year' ));
setcookie ( 'hesk_p' , '' );
} else {
// Expire cookie if set otherwise
setcookie ( 'hesk_username' , '' );
setcookie ( 'hesk_p' , '' );
}
2014-03-23 16:03:30 -04:00
/* Close any old tickets here so Cron jobs aren't necessary */
2015-09-12 00:46:46 -04:00
if ( $hesk_settings [ 'autoclose' ]) {
$revision = sprintf ( $hesklang [ 'thist3' ], hesk_date (), $hesklang [ 'auto' ]);
$dt = date ( 'Y-m-d H:i:s' , time () - $hesk_settings [ 'autoclose' ] * 86400 );
2014-03-23 16:03:30 -04:00
2015-01-11 17:16:16 -05:00
2015-09-12 00:46:46 -04:00
$closedStatusRs = hesk_dbQuery ( 'SELECT `ID`, `Closable` FROM `' . hesk_dbEscape ( $hesk_settings [ 'db_pfix' ]) . 'statuses` WHERE `IsDefaultStaffReplyStatus` = 1' );
2015-04-09 16:27:20 -04:00
$closedStatus = hesk_dbFetchAssoc ( $closedStatusRs );
// Are we allowed to close tickets in this status?
if ( $closedStatus [ 'Closable' ] == 'yes' || $closedStatus [ 'Closable' ] == 'sonly' ) {
// Notify customer of closed ticket?
if ( $hesk_settings [ 'notify_closed' ]) {
// Get list of tickets
$result = hesk_dbQuery ( " SELECT * FROM ` " . $hesk_settings [ 'db_pfix' ] . " tickets` WHERE `status` = " . $closedStatus [ 'ID' ] . " AND `lastchange` <= ' " . hesk_dbEscape ( $dt ) . " ' " );
if ( hesk_dbNumRows ( $result ) > 0 ) {
global $ticket ;
// Load required functions?
if ( ! function_exists ( 'hesk_notifyCustomer' )) {
require ( HESK_PATH . 'inc/email_functions.inc.php' );
}
while ( $ticket = hesk_dbFetchAssoc ( $result )) {
$ticket [ 'dt' ] = hesk_date ( $ticket [ 'dt' ], true );
$ticket [ 'lastchange' ] = hesk_date ( $ticket [ 'lastchange' ], true );
$ticket = hesk_ticketToPlain ( $ticket , 1 , 0 );
2015-09-12 00:46:46 -04:00
hesk_notifyCustomer ( $modsForHesk_settings , 'ticket_closed' );
2015-04-09 16:27:20 -04:00
}
2015-01-11 17:16:16 -05:00
}
2014-03-23 16:03:30 -04:00
}
2015-04-09 16:27:20 -04:00
// Update ticket statuses and history in database if we're allowed to do so
2015-09-12 00:46:46 -04:00
$defaultCloseRs = hesk_dbQuery ( 'SELECT `ID` FROM `' . hesk_dbEscape ( $hesk_settings [ 'db_pfix' ]) . 'statuses` WHERE `IsAutocloseOption` = 1' );
2015-04-09 16:27:20 -04:00
$defaultCloseStatus = hesk_dbFetchAssoc ( $defaultCloseRs );
2015-09-12 00:46:46 -04:00
hesk_dbQuery ( " UPDATE ` " . $hesk_settings [ 'db_pfix' ] . " tickets` SET `status`= " . intval ( $defaultCloseStatus [ 'ID' ]) . " , `closedat`=NOW(), `closedby`='-1', `history`=CONCAT(`history`,' " . hesk_dbEscape ( $revision ) . " ') WHERE `status` = ' " . $closedStatus [ 'ID' ] . " ' AND `lastchange` <= ' " . hesk_dbEscape ( $dt ) . " ' " );
2015-04-09 16:27:20 -04:00
}
2015-01-11 17:16:16 -05:00
}
/* Redirect to the destination page */
2015-09-12 00:46:46 -04:00
header ( 'Location: ' . hesk_verifyGoto ());
exit ();
2014-03-23 16:03:30 -04:00
} // End do_login()
function print_login ()
{
global $hesk_settings , $hesklang ;
2015-01-11 17:16:16 -05:00
// Tell header to load reCaptcha API if needed
if ( $hesk_settings [ 'recaptcha_use' ] == 2 )
{
define ( 'RECAPTCHA' , 1 );
}
2014-03-23 16:03:30 -04:00
$hesk_settings [ 'tmp_title' ] = $hesk_settings [ 'hesk_title' ] . ' - ' . $hesklang [ 'admin_login' ];
require_once ( HESK_PATH . 'inc/header.inc.php' );
if ( hesk_isREQUEST ( 'notice' ) )
{
hesk_process_messages ( $hesklang [ 'session_expired' ], 'NOREDIRECT' );
}
if ( ! isset ( $_SESSION [ 'a_iserror' ]))
{
$_SESSION [ 'a_iserror' ] = array ();
}
?>
< div class = " loginError " >< ? php
/* This will handle error, success and notice messages */
hesk_handle_messages ();
?> </div>
< div >
2015-03-09 22:16:59 -04:00
< div class = " panel panel-default form-signin " >
< div class = " panel-heading " >
2016-08-10 23:21:12 -04:00
< h4 >< span < ? php echo $iconDisplay ; ?> ><span class="mega-octicon octicon-sign-in"></span> </span><?php echo $hesklang['admin_login']; ?></h4>
2015-03-09 22:16:59 -04:00
</ div >
< div class = " panel-body " >
< form class = " form-signin form-horizontal " role = " form " action = " index.php " method = " post " name = " form1 " >
< ? php if ( in_array ( 'pass' , $_SESSION [ 'a_iserror' ])) { echo '<div class="form-group has-error">' ;} else { echo '<div class="form-group">' ;} ?>
< label for = " user " class = " col-sm-4 control-label " >< ? php echo $hesklang [ 'username' ]; ?> :</label>
< div class = " col-sm-8 " >
2014-03-23 16:03:30 -04:00
< ? php
2015-03-09 22:16:59 -04:00
if ( defined ( 'HESK_USER' ))
{
$savedUser = HESK_USER ;
}
else
{
$savedUser = hesk_htmlspecialchars ( hesk_COOKIE ( 'hesk_username' ) );
}
$is_1 = '' ;
$is_2 = '' ;
$is_3 = '' ;
$remember_user = hesk_POST ( 'remember_user' );
if ( $hesk_settings [ 'autologin' ] && ( isset ( $_COOKIE [ 'hesk_p' ]) || $remember_user == 'AUTOLOGIN' ) )
{
$is_1 = 'checked="checked"' ;
}
elseif ( isset ( $_COOKIE [ 'hesk_username' ]) || $remember_user == 'JUSTUSER' )
{
$is_2 = 'checked="checked"' ;
}
else
{
$is_3 = 'checked="checked"' ;
}
if ( $hesk_settings [ 'list_users' ])
{
echo '<select class="form-control" name="user">' ;
2015-01-11 17:16:16 -05:00
$res = hesk_dbQuery ( 'SELECT `user` FROM `' . hesk_dbEscape ( $hesk_settings [ 'db_pfix' ]) . 'users` ORDER BY `user` ASC' );
2015-03-09 22:16:59 -04:00
while ( $row = hesk_dbFetchAssoc ( $res ))
{
$sel = ( strtolower ( $savedUser ) == strtolower ( $row [ 'user' ])) ? 'selected="selected"' : '' ;
echo '<option value="' . $row [ 'user' ] . '" ' . $sel . '>' . $row [ 'user' ] . '</option>' ;
}
echo '</select>' ;
}
else
{
2015-03-19 21:12:50 -04:00
echo '<input class="form-control" type="text" name="user" size="35" placeholder="' . htmlspecialchars ( $hesklang [ 'username' ]) . '" value="' . $savedUser . '" />' ;
2015-03-09 22:16:59 -04:00
}
?>
2014-03-23 16:03:30 -04:00
</ div >
</ div >
< ? php if ( in_array ( 'pass' , $_SESSION [ 'a_iserror' ])) { echo '<div class="form-group has-error">' ;} else { echo '<div class="form-group">' ;} ?>
2015-03-09 22:16:59 -04:00
< label for = " pass " class = " col-sm-4 control-label " >< ? php echo $hesklang [ 'pass' ]; ?> :</label>
< div class = " col-sm-8 " >
2015-03-19 21:12:50 -04:00
< input type = " password " class = " form-control " id = " pass " name = " pass " size = " 35 " placeholder = " <?php echo htmlspecialchars( $hesklang['pass'] ); ?> " />
2014-03-23 16:03:30 -04:00
</ div >
2015-03-09 22:16:59 -04:00
</ div >
< ? php
if ( $hesk_settings [ 'secimg_use' ] == 2 )
{
// SPAM prevention verified for this session
if ( isset ( $_SESSION [ 'img_a_verified' ]))
{
echo '<img src="' . HESK_PATH . 'img/success.png" width="16" height="16" border="0" alt="" style="vertical-align:text-bottom" /> ' . $hesklang [ 'vrfy' ];
}
// Not verified yet, should we use Recaptcha?
elseif ( $hesk_settings [ 'recaptcha_use' ] == 1 )
{
?>
< script type = " text/javascript " >
var RecaptchaOptions = {
theme : '<?php echo ( isset($_SESSION[' a_iserror ']) && in_array(' mysecnum ',$_SESSION[' a_iserror ']) ) ? ' red ' : ' white '; ?>' ,
custom_translations : {
visual_challenge : " <?php echo hesk_slashJS( $hesklang['visual_challenge'] ); ?> " ,
audio_challenge : " <?php echo hesk_slashJS( $hesklang['audio_challenge'] ); ?> " ,
refresh_btn : " <?php echo hesk_slashJS( $hesklang['refresh_btn'] ); ?> " ,
instructions_visual : " <?php echo hesk_slashJS( $hesklang['instructions_visual'] ); ?> " ,
instructions_context : " <?php echo hesk_slashJS( $hesklang['instructions_context'] ); ?> " ,
instructions_audio : " <?php echo hesk_slashJS( $hesklang['instructions_audio'] ); ?> " ,
help_btn : " <?php echo hesk_slashJS( $hesklang['help_btn'] ); ?> " ,
play_again : " <?php echo hesk_slashJS( $hesklang['play_again'] ); ?> " ,
cant_hear_this : " <?php echo hesk_slashJS( $hesklang['cant_hear_this'] ); ?> " ,
incorrect_try_again : " <?php echo hesk_slashJS( $hesklang['incorrect_try_again'] ); ?> " ,
image_alt_text : " <?php echo hesk_slashJS( $hesklang['image_alt_text'] ); ?> "
}
};
</ script >
< ? php
require_once ( HESK_PATH . 'inc/recaptcha/recaptchalib.php' );
echo '<div class="form-group"><div class="col-md-8 col-md-offset-4">' ;
2015-01-11 17:16:16 -05:00
echo recaptcha_get_html ( $hesk_settings [ 'recaptcha_public_key' ], null , true );
2015-03-09 22:16:59 -04:00
echo '</div></div>' ;
2015-01-11 17:16:16 -05:00
}
// Use reCaptcha API v2?
elseif ( $hesk_settings [ 'recaptcha_use' ] == 2 )
{
?>
2015-03-09 22:16:59 -04:00
< div class = " form-group " >
< div class = " col-md-8 col-md-offset-4 " >
< div class = " g-recaptcha " data - sitekey = " <?php echo $hesk_settings['recaptcha_public_key'] ; ?> " ></ div >
</ div >
</ div >
2015-01-11 17:16:16 -05:00
< ? php
2015-03-09 22:16:59 -04:00
}
// At least use some basic PHP generated image (better than nothing)
else
{
echo '<div class="form-group"><div class="col-md-8 col-md-offset-4">' ;
$cls = in_array ( 'mysecnum' , $_SESSION [ 'a_iserror' ]) ? ' class="isError" ' : '' ;
2014-03-23 16:03:30 -04:00
2015-03-09 22:16:59 -04:00
echo $hesklang [ 'sec_enter' ] . '<br /> <br /><img src="' . HESK_PATH . 'print_sec_img.php?' . rand ( 10000 , 99999 ) . '" width="150" height="40" alt="' . $hesklang [ 'sec_img' ] . '" title="' . $hesklang [ 'sec_img' ] . '" border="1" name="secimg" style="vertical-align:text-bottom" /> ' .
'<a href="javascript:void(0)" onclick="javascript:document.form1.secimg.src=\'' . HESK_PATH . 'print_sec_img.php?\'+ ( Math.floor((90000)*Math.random()) + 10000);"><img src="' . HESK_PATH . 'img/reload.png" height="24" width="24" alt="' . $hesklang [ 'reload' ] . '" title="' . $hesklang [ 'reload' ] . '" border="0" style="vertical-align:text-bottom" /></a>' .
'<br /> <br /><input type="text" name="mysecnum" size="20" maxlength="5" ' . $cls . ' />' ;
echo '</div></div>' ;
}
} // End if $hesk_settings['secimg_use'] == 2
2014-03-23 16:03:30 -04:00
2015-03-09 22:16:59 -04:00
if ( $hesk_settings [ 'autologin' ])
{
?>
< div class = " form-group " >
< div class = " col-md-offset-4 col-md-8 " >
< div class = " radio " >
< label >< input type = " radio " name = " remember_user " value = " AUTOLOGIN " < ? php echo $is_1 ; ?> /> <?php echo $hesklang['autologin']; ?></label>
</ div >
< div class = " radio " >
< label >< input type = " radio " name = " remember_user " value = " JUSTUSER " < ? php echo $is_2 ; ?> /> <?php echo $hesklang['just_user']; ?></label>
</ div >
< div class = " radio " >
< label >< input type = " radio " name = " remember_user " value = " NOTHANKS " < ? php echo $is_3 ; ?> /> <?php echo $hesklang['nothx']; ?></label>
</ div >
2014-03-23 16:03:30 -04:00
</ div >
</ div >
2015-03-09 22:16:59 -04:00
< ? php
}
else
{
?>
< div class = " form-group " >
< div class = " col-md-offset-4 col-md-8 " >
< div class = " checkbox " >
< label >< input type = " checkbox " name = " remember_user " value = " JUSTUSER " < ? php echo $is_2 ; ?> /> <?php echo $hesklang['remember_user']; ?></label>
</ div >
2014-03-23 16:03:30 -04:00
</ div >
2015-03-09 22:16:59 -04:00
</ div >
< ? php
} // End if $hesk_settings['autologin']
?>
< div class = " form-group " >
< div class = " col-md-offset-4 col-md-8 " >
< input type = " submit " value = " <?php echo $hesklang['click_login'] ; ?> " class = " btn btn-default " />
< input type = " hidden " name = " a " value = " do_login " />
< ? php
if ( hesk_isREQUEST ( 'goto' ) && $url = hesk_REQUEST ( 'goto' ) )
{
echo '<input type="hidden" name="goto" value="' . $url . '" />' ;
}
// Do we allow staff password reset?
if ( $hesk_settings [ 'reset_pass' ])
{
echo '<br /> <br /><a href="password.php" class="smaller">' . $hesklang [ 'fpass' ] . '</a>' ;
}
?>
</ div >
2014-03-23 16:03:30 -04:00
</ div >
2015-03-09 22:16:59 -04:00
</ form >
2014-03-23 16:03:30 -04:00
</ div >
2015-03-09 22:16:59 -04:00
</ div >
2014-03-23 16:03:30 -04:00
</ div >
< p >& nbsp ; </ p >
< ? php
hesk_cleanSessionVars ( 'a_iserror' );
require_once ( HESK_PATH . 'inc/footer.inc.php' );
exit ();
} // End print_login()
2015-09-12 00:46:46 -04:00
function logout ()
{
global $hesk_settings , $hesklang ;
2014-03-23 16:03:30 -04:00
2015-09-12 00:46:46 -04:00
if ( ! hesk_token_check ( 'GET' , 0 )) {
print_login ();
2014-03-23 16:03:30 -04:00
exit ();
}
/* Delete from Who's online database */
2015-09-12 00:46:46 -04:00
if ( $hesk_settings [ 'online' ]) {
require ( HESK_PATH . 'inc/users_online.inc.php' );
hesk_setOffline ( $_SESSION [ 'id' ]);
}
2014-03-23 16:03:30 -04:00
/* Destroy session and cookies */
2015-09-12 00:46:46 -04:00
hesk_session_stop ();
2014-03-23 16:03:30 -04:00
/* If we're using the security image for admin login start a new session */
2015-09-12 00:46:46 -04:00
if ( $hesk_settings [ 'secimg_use' ] == 2 ) {
hesk_session_start ();
2014-03-23 16:03:30 -04:00
}
2015-09-12 00:46:46 -04:00
/* Show success message and reset the cookie */
hesk_process_messages ( $hesklang [ 'logout_success' ], 'NOREDIRECT' , 'SUCCESS' );
2014-03-23 16:03:30 -04:00
setcookie ( 'hesk_p' , '' );
/* Print the login form */
2015-09-12 00:46:46 -04:00
print_login ();
exit ();
2014-03-23 16:03:30 -04:00
} // End logout()
?>
