anomalist
/
survey-manager
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
244 MiB
 
 
 
 
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
survey-manager/survey-nginx/cgi-bin/login.pl

230 lines
7.6 KiB
Raw Permalink Blame History

#!/usr/bin/perl
#
# $Id: login.pl,v 1.16 2006/10/19 17:35:29 psims Exp $
#
# Source File: login.pl
# Get config
require 'sitecfg.pl';
require 'testlib.pl';
&traceoutput("login.pl"); # TRACE IF ACTIVE
&app_initialize;
$SESSION{'temptime'} = time();
$SESSION{'clid'} = $FORM{'clid'};
$SESSION{'lang'} = $FORM{'lang'};
&get_client_configuration();
&traceoutput("login.pl:$FORM{'clid'}:$FORM{'uid'}:$FORM{'pwd'}"); # TRACE IF ACTIVE
&setbrowsertype();
## DED Patch for secure_html/tests dir permission problem 2006/10/11
if (! -x $testroot) {
print STDERR "PERMS: $testroot is not X\n";
chmod(0777, $testroot);
}
if ($FORM{'selfregister'} eq "Y") {
unless ($SESSION{'clid'}) {
warn "ERROR: Empty Client ID in Form $FORM{'clid'} " ;
print STDERR "ERROR: Empty Client ID in Form $FORM{'clid'} " ;
# &show_illegal_access_warning("user");
exit();
}
&get_client_profile($SESSION{'clid'});
unless (%CLIENT) {
warn "ERROR: Invalid Client ID $FORM{'clid'} " ;
print STDERR "ERROR: Invalid Client ID $FORM{'clid'} " ;
# &show_illegal_access_warning("user");
exit();
}
$CANDIDATE{'new'}="Y";
print "Content-Type: text/html\n\n";
&show_template("regsas");
} elsif (&verifyaccess) {
&init_session;
&LanguageSupportInit();
&log_entry($SESSION{'clid'}, $SESSION{'uid'}, "1");
$FORM{'notice'} = $SYSTEM{'message'};
### For redirect to regcnd & regsas
$vars{'tid'} = $SESSION{'tid'};
$vars{'lang'} = $SESSION{'lang'};
$vars{'testid'} = $FORM{'testid'} if ($FORM{'testid'}) ;
$vars{'badid'} = $FORM{'badid'} unless !(defined($FORM{'badid'})); #This is used if badid is passed from regsas for autorefresh location trick
$vars{'direction'} = $FORM{'direction'} unless !(defined($FORM{'direction'}));
unless ($SESSION{'clid'}) {
warn "ERROR: Empty Client ID in Form $FORM{'clid'} " ;
print STDERR "ERROR: Empty Client ID in Form $FORM{'clid'} " ;
# &show_illegal_access_warning("user");
exit();
}
&get_client_profile($SESSION{'clid'});
unless (%CLIENT || $SESSION{'clid'} eq 'std') {
warn "ERROR: Invalid Client ID $FORM{'clid'} " ;
print STDERR "ERROR: Invalid Client ID $FORM{'clid'} " ;
# &show_illegal_access_warning("user");
exit();
}
if ($SESSION{'taclid'} ne '') {
print "Content-Type: text/html\n\n";
my $opts = { restrict_to_availability_window => 1 };
&set_session($SESSION{'tid'},'taclauthtests',$SESSION{'taclauthtests'});
&set_session($SESSION{'tid'},'uid',$SESSION{'taclid'});
if ($FORM{'pwd'} eq '_____') {
&get_tacl_profile("regauto");
&regdusr("regauto");
} else {
&get_tacl_profile();
&regdusr("regtacl");
}
} elsif ($FORM{'sas'} ne '') {
## ^ support for wilcard login
# register an account to the candidate
my $opts = { restrict_to_availability_window => 1 };
unless ($SESSION{'uid'}) {
warn "ERROR: Empty Candidate ID in Session data " ;
}
&get_candidate_profile($SESSION{'clid'}, $SESSION{'uid'}, $opts);
#&regdusr("regsas");
&redirect("regsas", \%vars);
} else {
if ($FORM{'sadm'} ne '') {
print "Content-Type: text/html\n\n";
if ($SESSION{'uac'} eq 'gadmin') {
# Site administration
$CLIENT{'active'} = "X";
$CLIENT{'logo'} = "<IMG SRC=\"$PATHS{'graphroot'}/logo.gif\" BORDER=0>\n";
$CLIENT{'clorg'} = "ACTS Corporation";
&regdusr("frsadmin");
} elsif ($SESSION{'uac'} =~ /txlatr./ ) {
($FORM{'uac'},$FORM{'lang'}) = split(/\./, $SESSION{'uac'});
$CLIENT{'active'} = "X";
$CLIENT{'logo'} = "<IMG SRC=\"$PATHS{'graphroot'}/logo.gif\" BORDER=0>\n";
$CLIENT{'clorg'} = "ACTS Corporation";
print "<HTML>\n";
print "<HEAD>\n";
print "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"0; URL=$PATHS{'cgiroot'}/Interpreter.pl?tid=$SESSION{'tid'}&lang=$FORM{'lang'}\">\n";
print "</HEAD>\n";
print "<BODY>\n";
print "</BODY>\n";
print "</HTML>\n";
} elsif ($SESSION{'uac'} eq 'madmin') {
# Multiple-client admin
&regdusr("madmin");
} else {
# Client Test Administration
&get_client_profile($SESSION{'clid'});
&regdusr("frsadmin");
}
} else {
if ($FORM{'tadm'} ne '') {
print "Content-Type: text/html\n\n";
if ($SESSION{'uac'} eq 'madmin') {
# Multiple-client admin
&regdusr("madmin");
} else {
# Client Test Administration
&get_client_profile($SESSION{'clid'});
&regdusr("frsadmin");
}
} else {
if (&checkinprogress($SESSION{'clid'}, $FORM{'uid'}) ) {
# resume test at point of pause
&resumetest;
} else {
if ($FORM{'cnd'} ne '') {
&get_client_profile($SESSION{'clid'});
my $opts = { restrict_to_availability_window => 1 };
&get_candidate_profile($SESSION{'clid'}, $FORM{'uid'}, $opts);
#print STDERR "clid: $SESSION{'clid'}, uid: $FORM{'uid'}, opts: $opts\n";
if ($CANDIDATE{'grpowner'} eq 'Y') {
print "Content-Type: text/html\n\n";
&show_template("frcnd");
} elsif ($CANDIDATE{'registrar'} eq 'Y') {
print "Content-Type: text/html\n\n";
&show_template("frcnd");
} else {
&redirect("regcnd", \%vars);
}
} else {
&get_candidate_profile($SESSION{'clid'}, $FORM{'uid'});
#&regdusr("regsas");
&redirect("regsas", \%vars);
}
}
}
}
}
} else {
# Load Index.html
print "Content-Type: text/html\n\n";
if ($FORM{'home'} eq 'client') {
&get_client_profile($FORM{'clid'});
@lines = &get_template("cindex");
} else {
@lines = &get_template("shome");
}
if ($ipfilter ne '') {
if ($ipfilter =~ /$ENV{'REMOTE_ADDR'}/ ) {
# ip blocked
if ($FORM{'sas'} eq '') {
# uid or password were incorrect
$SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgbpw.gif\" ALT=\"System Maintenance In Progress.\" BORDER=0>";
} else {
# uid is used
$SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgidu.gif\" ALT=\"Requested Login ID is not available.\" BORDER=0>";
}
} else {
&logger::loginfo("Incorrect passwd 4");
$SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgipb.gif\" ALT=\"Incorrect Password.\" BORDER=0>";
}
} else {
if ($SYSTEM{'IP_ACCESS_FILTER'} ne '') {
if ($SYSTEM{'IP_ACCESS_FILTER'} =~ /$ENV{'REMOTE_ADDR'}/ ) {
if ($FORM{'sas'} eq '') {
# uid or password were incorrect
&logger::loginfo("Incorrect passwd 3");
$SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgbpw.gif\" ALT=\"Incorrect Password.\" BORDER=0>";
} else {
# uid is used
$SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgidu.gif\" ALT=\"Requested Login ID is not available.\" BORDER=0>";
}
} else {
&logger::loginfo("Incorrect passwd 2");
$SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgipb.gif\" ALT=\"Incorrect Password.\" BORDER=0>";
}
} else {
if ($FORM{'sas'} eq '') {
# uid or password were incorrect
&logger::loginfo("Incorrect passwd 1");
$SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgbpw.gif\" ALT=\"Incorrect Password.\" BORDER=0>";
} else {
# uid is used
$SYSTEM{'message'} = "<IMG SRC=\"$graphroot/msgidu.gif\" ALT=\"Requested Login ID is not available.\" BORDER=0>";
}
}
}
foreach $line (@lines) {
$line = &xlatline($line);
}
}
sub resumetest {
print "RESUMING TEST<BR>\n";
print "<INPUT TYPE=TEXT NAME=\"tid\" VALUE=\"$FORM{'tid'}\"><BR>\n";
print "<INPUT TYPE=TEXT NAME=\"uid\" VALUE=\"$FORM{'uid'}\"><BR>\n";
print "<INPUT TYPE=TEXT NAME=\"pwd\" VALUE=\"$FORM{'pwd'}\"><BR>\n";
print "<INPUT TYPE=TEXT NAME=\"uac\" VALUE=\"$FORM{'uac'}\"><BR>\n";
}
sub test {
print "<INPUT TYPE=TEXT NAME=\"tid\" VALUE=\"$FORM{'tid'}\"><BR>\n";
print "<INPUT TYPE=TEXT NAME=\"uid\" VALUE=\"$FORM{'uid'}\"><BR>\n";
print "<INPUT TYPE=TEXT NAME=\"pwd\" VALUE=\"$FORM{'pwd'}\"><BR>\n";
print "<INPUT TYPE=TEXT NAME=\"uac\" VALUE=\"$FORM{'uac'}\"><BR>\n";
&showenv;
}