From ef72f8daa3025e8eb3ed7dd1e6e6211903fa5b17 Mon Sep 17 00:00:00 2001
From: Gamonoid <team@gamonoid.com>
Date: Tue, 6 Dec 2016 17:39:20 +0100
Subject: [PATCH] No need to have an extended login

---
 core-ext/login.php | 409 ---------------------------------------
 src/login.php      | 471 +++++++++++++++++++++++++++------------------
 2 files changed, 288 insertions(+), 592 deletions(-)
 delete mode 100644 core-ext/login.php

diff --git a/core-ext/login.php b/core-ext/login.php
deleted file mode 100644
index 8743ad38..00000000
--- a/core-ext/login.php
+++ /dev/null
@@ -1,409 +0,0 @@
-<?php
-define('CLIENT_PATH',dirname(__FILE__));
-include ("config.base.php");
-include ("include.common.php");
-include("server.includes.inc.php");
-
-error_log(print_r($_REQUEST,true));
-
-if(empty($user)){
-
-    if(!isset($_REQUEST['f']) && isset($_COOKIE['icehrmLF']) && @$_REQUEST['login'] != 'no' && !isset($_REQUEST['username'])){
-        $tempUser = new User();
-        $tempUser->Load("login_hash = ?",array($_COOKIE['icehrmLF']));
-
-        if(!empty($tempUser->id) &&
-            sha1($tempUser->email."_".$tempUser->password) == $_COOKIE['icehrmLF']){
-
-            $_REQUEST['username'] = $tempUser->username;
-            $_REQUEST['password'] = $tempUser->password;
-            $_REQUEST['hashedPwd'] = $tempUser->password;
-        }
-    }
-
-    if(!empty($_REQUEST['username']) && !empty($_REQUEST['password'])){
-
-        $suser = null;
-        $ssoUserLoaded = false;
-
-        if($_REQUEST['username'] != "admin") {
-            LogManager::getInstance()->debug("LDAP: Enabled :" . SettingsManager::getInstance()->getSetting("LDAP: Enabled"));
-            if (SettingsManager::getInstance()->getSetting("LDAP: Enabled") == "1") {
-                $ldapResp = LDAPManager::getInstance()->checkLDAPLogin($_REQUEST['username'], $_REQUEST['password']);
-                LogManager::getInstance()->debug("LDAP Response :" . print_r($ldapResp, true));
-                LogManager::getInstance()->debug("LDAP Response Status :" . $ldapResp->getStatus());
-                if ($ldapResp->getStatus() == IceResponse::ERROR) {
-                    header("Location:" . CLIENT_BASE_URL . "login.php?f=1");
-                    exit();
-                } else {
-                    $suser = new User();
-                    $suser->Load("username = ?", array($_REQUEST['username']));
-                    LogManager::getInstance()->debug("LDAP Response :[".$_REQUEST['username']."]" . print_r($suser, true));
-                    if (empty($suser)) {
-                        header("Location:" . CLIENT_BASE_URL . "login.php?f=1");
-                        exit();
-                    }
-
-                    $ssoUserLoaded = true;
-                }
-            }
-        }
-
-
-        if(!isset($_REQUEST['hashedPwd'])){
-            $_REQUEST['hashedPwd'] = md5($_REQUEST['password']);
-        }
-
-        include 'login.com.inc.php';
-
-        if(empty($suser)){
-            $suser = new User();
-            $suser->Load("(username = ? or email = ?) and password = ?",array($_REQUEST['username'],$_REQUEST['username'],$_REQUEST['hashedPwd']));
-        }
-
-        if($suser->password == $_REQUEST['hashedPwd'] || $ssoUserLoaded){
-            $user = $suser;
-            SessionUtils::saveSessionObject('user', $user);
-            $suser->last_login = date("Y-m-d H:i:s");
-            $suser->Save();
-
-            if(!$ssoUserLoaded && !empty(BaseService::getInstance()->auditManager)){
-                BaseService::getInstance()->auditManager->user = $user;
-                BaseService::getInstance()->audit(IceConstants::AUDIT_AUTHENTICATION, "User Login");
-            }
-
-            if(!$ssoUserLoaded && isset($_REQUEST['remember'])){
-                //Add cookie
-                $suser->login_hash = sha1($suser->email."_".$suser->password);
-                $suser->Save();
-
-                setcookie('icehrmLF',$suser->login_hash);
-            }
-
-            if(!isset($_REQUEST['remember'])){
-                setcookie('icehrmLF');
-            }
-
-            $redirectUrl = SessionUtils::getSessionObject('loginRedirect');
-            if(!empty($redirectUrl)){
-                header("Location:".$redirectUrl);
-            }else{
-                if($user->user_level == "Admin"){
-                    if(SessionUtils::getSessionObject('account_locked') == "1"){
-                        header("Location:".CLIENT_BASE_URL."?g=admin&n=billing&m=admin_System");
-                    }else{
-                        header("Location:".HOME_LINK_ADMIN);
-                    }
-
-                }else{
-                    if(empty($user->default_module)){
-                        header("Location:".HOME_LINK_OTHERS);
-                    }else{
-                        $defaultModule = new Module();
-                        $defaultModule->Load("id = ?",array($user->default_module));
-                        if($defaultModule->mod_group == "user"){
-                            $defaultModule->mod_group = "modules";
-                        }
-                        $homeLink = CLIENT_BASE_URL."?g=".$defaultModule->mod_group."&&n=".$defaultModule->name.
-                            "&m=".$defaultModule->mod_group."_".str_replace(" ","_",$defaultModule->menu);
-                        header("Location:".$homeLink);
-                    }
-                }
-            }
-
-        }else{
-            header("Location:".CLIENT_BASE_URL."login.php?f=1");
-        }
-    }
-}else{
-    if($user->user_level == "Admin"){
-        header("Location:".HOME_LINK_ADMIN);
-    }else{
-        if(empty($user->default_module)){
-            header("Location:".HOME_LINK_OTHERS);
-        }else{
-            $defaultModule = new Module();
-            $defaultModule->Load("id = ?",array($user->default_module));
-            if($defaultModule->mod_group == "user"){
-                $defaultModule->mod_group = "modules";
-            }
-            $homeLink = CLIENT_BASE_URL."?g=".$defaultModule->mod_group."&n=".$defaultModule->name.
-                "&m=".$defaultModule->mod_group."_".str_replace(" ","_",$defaultModule->menu);
-            header("Location:".$homeLink);
-        }
-    }
-
-}
-
-$tuser = SessionUtils::getSessionObject('user');
-$logoFileUrl = UIManager::getInstance()->getCompanyLogoUrl();
-
-?><!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="utf-8">
-    <title><?=APP_NAME?> Login</title>
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <meta name="description" content="">
-    <meta name="author" content="">
-
-    <!-- Le styles -->
-    <link href="<?=BASE_URL?>bootstrap/css/bootstrap.css" rel="stylesheet">
-
-    <script type="text/javascript" src="<?=BASE_URL?>js/jquery-1.8.1.js"></script>
-    <script src="<?=BASE_URL?>bootstrap/js/bootstrap.js"></script>
-    <script src="<?=BASE_URL?>js/jquery.placeholder.js"></script>
-    <script src="<?=BASE_URL?>js/jquery.dataTables.js"></script>
-    <script src="<?=BASE_URL?>js/bootstrap-datepicker.js"></script>
-    <link href="<?=BASE_URL?>bootstrap/css/bootstrap-responsive.css" rel="stylesheet">
-    <link href="<?=BASE_URL?>css/DT_bootstrap.css?v=0.4" rel="stylesheet">
-    <link href="<?=BASE_URL?>css/datepicker.css" rel="stylesheet">
-    <link href="<?=BASE_URL?>css/style.css?v=<?=$cssVersion?>" rel="stylesheet">
-
-    <!-- Le HTML5 shim, for IE6-8 support of HTML5 elements -->
-    <!--[if lt IE 9]>
-    <script src="<?=BASE_URL?>js/html5.js"></script>
-    <![endif]-->
-
-    <style type="text/css">
-        /* Override some defaults */
-        html, body {
-            background-color: #829AA8;
-        }
-        body {
-            padding-top: 40px;
-        }
-        .container {
-            width: 300px;
-        }
-
-        /* The white background content wrapper */
-        .container > .content {
-            min-height: 0px !important;
-            background-color: #fff;
-            padding: 20px;
-            margin: 0 -20px;
-            -webkit-border-radius:0px;
-            -moz-border-radius:0px;
-            border-radius: 0px;
-            -webkit-box-shadow: 0 1px 2px rgba(0,0,0,.15);
-            -moz-box-shadow: 0 1px 2px rgba(0,0,0,.15);
-            box-shadow: 0 1px 2px rgba(0,0,0,.15);
-        }
-
-        .login-form {
-            margin-left: 65px;
-        }
-
-        legend {
-            margin-right: -50px;
-            font-weight: bold;
-            color: #404040;
-        }
-
-        .add-on{
-            -webkit-border-radius:0px;
-            -moz-border-radius:0px;
-            border-radius: 0px;
-        }
-
-        input{
-            -webkit-border-radius:0px;
-            -moz-border-radius:0px;
-            border-radius: 0px;
-        }
-
-    </style>
-
-
-</head>
-
-<body>
-
-<script>
-    (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
-            (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
-        m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
-    })(window,document,'script','//www.google-analytics.com/analytics.js','ga');
-
-    ga('create', '<?=BaseService::getInstance()->getGAKey()?>', 'gamonoid.com');
-    ga('send', 'pageview');
-
-</script>
-
-<script type="text/javascript">
-    var key = "";
-    <?php if(isset($_REQUEST['key'])){?>
-    key = '<?=$_REQUEST['key']?>';
-    key = key.replace(/ /g,"+");
-    <?php }?>
-
-    $(document).ready(function() {
-        $(window).keydown(function(event){
-            if(event.keyCode == 13) {
-                event.preventDefault();
-                return false;
-            }
-        });
-
-        $("#password").keydown(function(event){
-            if(event.keyCode == 13) {
-                submitLogin();
-                return false;
-            }
-        });
-    });
-
-    function showForgotPassword(){
-        $("#loginForm").hide();
-        $("#requestPasswordChangeForm").show();
-    }
-
-    function requestPasswordChange(){
-        $("#requestPasswordChangeFormAlert").hide();
-        var id = $("#usernameChange").val();
-        $.post("service.php", {'a':'rpc','id':id}, function(data) {
-            if(data.status == "SUCCESS"){
-                $("#requestPasswordChangeFormAlert").show();
-                $("#requestPasswordChangeFormAlert").html(data.message);
-            }else{
-                $("#requestPasswordChangeFormAlert").show();
-                $("#requestPasswordChangeFormAlert").html(data.message);
-            }
-        },"json");
-    }
-
-    function changePassword(){
-        $("#newPasswordFormAlert").hide();
-        var password = $("#password").val();
-
-        var passwordValidation =  function (str) {
-            var val = /^[a-zA-Z0-9]\w{6,}$/;
-            return str != null && val.test(str);
-        };
-
-
-        if(!passwordValidation(password)){
-            $("#newPasswordFormAlert").show();
-            $("#newPasswordFormAlert").html("Password may contain only letters, numbers and should be longer than 6 characters");
-            return;
-        }
-
-
-        $.post("service.php", {'a':'rsp','key':key,'pwd':password,"now":"1"}, function(data) {
-            if(data.status == "SUCCESS"){
-                top.location.href = "login.php?c=1";
-            }else{
-                $("#newPasswordFormAlert").show();
-                $("#newPasswordFormAlert").html(data.message);
-            }
-        },"json");
-    }
-
-    function submitLogin(){
-        try{
-            localStorage.clear();
-        }catch(e){}
-        $("#loginForm").submit();
-    }
-
-</script>
-<div class="container">
-    <?php if(defined('DEMO_MODE')){?>
-        <div class="content" style="top: 30px;
-			position: absolute;
-			left: 50px;
-			width: 380px;
-			height: 100px;">
-
-            <ul class="list-group" style="font-size:12px;">
-                <li style="padding-bottom:3px;" class="list-group-item">Admin: (Username = admin/ Password = admin)</li>
-                <li style="padding-bottom:3px;" class="list-group-item">Manager: (Username = manager/ Password = demouserpwd)</li>
-                <li style="padding-bottom:3px;" class="list-group-item">User: (Username = user1/ Password = demouserpwd)</li>
-                <li style="padding-bottom:3px;" class="list-group-item">User: (Username = user2/ Password = demouserpwd)</li>
-            </ul>
-        </div>
-    <?php }?>
-    <div class="content" style="margin-top:100px;">
-        <div class="row">
-            <div class="login-form">
-                <h2><img src="<?=$logoFileUrl?>"/></h2>
-                <?php if(!isset($_REQUEST['cp'])){?>
-                    <form id="loginForm" action="login.php" method="POST">
-                        <fieldset>
-                            <div class="clearfix">
-                                <div class="input-prepend">
-                                    <span class="add-on"><i class="icon-user"></i></span>
-                                    <input class="span2" type="text" id="username" name="username" placeholder="Username">
-                                </div>
-                            </div>
-                            <div class="clearfix">
-                                <div class="input-prepend">
-                                    <span class="add-on"><i class="icon-lock"></i></span>
-                                    <input class="span2" type="password" id="password" name="password" placeholder="Password">
-                                </div>
-                            </div>
-                            <div class="clearfix">
-                                <div class="checkbox">
-                                    <label><input id="remember" name="remember" type="checkbox" value="remember" checked>Remember me</label>
-                                </div>
-                            </div>
-                            <?php if(isset($_REQUEST['f'])){?>
-                                <div class="clearfix alert alert-error" style="font-size:11px;width:147px;margin-bottom: 5px;">
-                                    Login failed
-                                    <?php if(isset($_REQUEST['fm'])){
-                                        echo $_REQUEST['fm'];
-                                    }?>
-                                </div>
-                            <?php } ?>
-                            <?php if(isset($_REQUEST['c'])){?>
-                                <div class="clearfix alert alert-info" style="font-size:11px;width:147px;margin-bottom: 5px;">
-                                    Password changed successfully
-                                </div>
-                            <?php } ?>
-                            <button class="btn" style="margin-top: 5px;" type="button" onclick="submitLogin();return false;">Sign in&nbsp;&nbsp;<span class="icon-arrow-right"></span></button>
-                        </fieldset>
-                        <div class="clearfix">
-                            <a href="" onclick="showForgotPassword();return false;" style="float:left;margin-top: 10px;">Forgot password</a>
-                            <!--
-                            <a href="<?=TWITTER_URL?>" target="_blank" style="float:right;"><img src="<?=BASE_URL?>images/32x32-Circle-53-TW.png"/></a>
-							<a href="<?=FB_URL?>" target="_blank" style="float:right;margin-right: 7px;"><img src="<?=BASE_URL?>images/32x32-Circle-54-FB.png"/></a>
-						    -->
-                        </div>
-                    </form>
-                    <form id="requestPasswordChangeForm" style="display:none;" action="">
-                        <fieldset>
-                            <div class="clearfix">
-                                <div class="input-prepend">
-                                    <span class="add-on"><i class="icon-user"></i></span>
-                                    <input class="span2" type="text" id="usernameChange" name="usernameChange" placeholder="Username or Email">
-                                </div>
-                            </div>
-                            <div id="requestPasswordChangeFormAlert" class="clearfix alert alert-info" style="font-size:11px;width:147px;margin-bottom: 5px;display:none;">
-
-                            </div>
-                            <button class="btn" style="margin-top: 5px;" type="button" onclick="requestPasswordChange();return false;">Request Password Change&nbsp;&nbsp;<span class="icon-arrow-right"></span></button>
-                        </fieldset>
-                    </form>
-                <?php }else{?>
-                    <form id="newPasswordForm" action="">
-                        <fieldset>
-                            <div class="clearfix">
-                                <div class="input-prepend">
-                                    <span class="add-on"><i class="icon-lock"></i></span>
-                                    <input class="span2" type="password" id="password" name="password" placeholder="New Password">
-                                </div>
-                            </div>
-                            <div id="newPasswordFormAlert" class="clearfix alert alert-error" style="font-size:11px;width:147px;margin-bottom: 5px;display:none;">
-
-                            </div>
-                            <button class="btn" style="margin-top: 5px;" type="button" onclick="changePassword();return false;">Change Password&nbsp;&nbsp;<span class="icon-arrow-right"></span></button>
-                        </fieldset>
-                    </form>
-                <?php }?>
-            </div>
-        </div>
-    </div>
-</div> <!-- /container -->
-</body>
-</html>
diff --git a/src/login.php b/src/login.php
index 721fedff..3182edba 100644
--- a/src/login.php
+++ b/src/login.php
@@ -1,304 +1,409 @@
 <?php
 define('CLIENT_PATH',dirname(__FILE__));
 include ("config.base.php");
-include ("include.common.php"); 
+include ("include.common.php");
 include("server.includes.inc.php");
+
+error_log(print_r($_REQUEST,true));
+
 if(empty($user)){
+
+	if(!isset($_REQUEST['f']) && isset($_COOKIE['icehrmLF']) && @$_REQUEST['login'] != 'no' && !isset($_REQUEST['username'])){
+		$tempUser = new User();
+		$tempUser->Load("login_hash = ?",array($_COOKIE['icehrmLF']));
+
+		if(!empty($tempUser->id) &&
+			sha1($tempUser->email."_".$tempUser->password) == $_COOKIE['icehrmLF']){
+
+			$_REQUEST['username'] = $tempUser->username;
+			$_REQUEST['password'] = $tempUser->password;
+			$_REQUEST['hashedPwd'] = $tempUser->password;
+		}
+	}
+
 	if(!empty($_REQUEST['username']) && !empty($_REQUEST['password'])){
+
 		$suser = null;
 		$ssoUserLoaded = false;
-		
+
+		if($_REQUEST['username'] != "admin") {
+			//LogManager::getInstance()->debug("LDAP: Enabled :" . SettingsManager::getInstance()->getSetting("LDAP: Enabled"));
+			if (SettingsManager::getInstance()->getSetting("LDAP: Enabled") == "1") {
+				$ldapResp = LDAPManager::getInstance()->checkLDAPLogin($_REQUEST['username'], $_REQUEST['password']);
+				//LogManager::getInstance()->debug("LDAP Response :" . print_r($ldapResp, true));
+				//LogManager::getInstance()->debug("LDAP Response Status :" . $ldapResp->getStatus());
+				if ($ldapResp->getStatus() == IceResponse::ERROR) {
+					header("Location:" . CLIENT_BASE_URL . "login.php?f=1");
+					exit();
+				} else {
+					$suser = new User();
+					$suser->Load("username = ?", array($_REQUEST['username']));
+					//LogManager::getInstance()->debug("LDAP Response :[".$_REQUEST['username']."]" . print_r($suser, true));
+					if (empty($suser)) {
+						header("Location:" . CLIENT_BASE_URL . "login.php?f=1");
+						exit();
+					}
+
+					$ssoUserLoaded = true;
+				}
+			}
+		}
+
+
+		if(!isset($_REQUEST['hashedPwd'])){
+			$_REQUEST['hashedPwd'] = md5($_REQUEST['password']);
+		}
+
 		include 'login.com.inc.php';
-		
+
 		if(empty($suser)){
 			$suser = new User();
-			$suser->Load("(username = ? or email = ?) and password = ?",array($_REQUEST['username'],$_REQUEST['username'],md5($_REQUEST['password'])));
+			$suser->Load("(username = ? or email = ?) and password = ?",array($_REQUEST['username'],$_REQUEST['username'],$_REQUEST['hashedPwd']));
 		}
-		
-		if($suser->password == md5($_REQUEST['password']) || $ssoUserLoaded){
+
+		if($suser->password == $_REQUEST['hashedPwd'] || $ssoUserLoaded){
 			$user = $suser;
 			SessionUtils::saveSessionObject('user', $user);
 			$suser->last_login = date("Y-m-d H:i:s");
 			$suser->Save();
-			
+
 			if(!$ssoUserLoaded && !empty(BaseService::getInstance()->auditManager)){
 				BaseService::getInstance()->auditManager->user = $user;
 				BaseService::getInstance()->audit(IceConstants::AUDIT_AUTHENTICATION, "User Login");
 			}
-			
-			if($user->user_level == "Admin"){
-				header("Location:".HOME_LINK_ADMIN);	
-			}else{
-				header("Location:".HOME_LINK_OTHERS);	
+
+			if(!$ssoUserLoaded && isset($_REQUEST['remember'])){
+				//Add cookie
+				$suser->login_hash = sha1($suser->email."_".$suser->password);
+				$suser->Save();
+
+				setcookie('icehrmLF',$suser->login_hash);
 			}
+
+			if(!isset($_REQUEST['remember'])){
+				setcookie('icehrmLF');
+			}
+
+			$redirectUrl = SessionUtils::getSessionObject('loginRedirect');
+			if(!empty($redirectUrl)){
+				header("Location:".$redirectUrl);
+			}else{
+				if($user->user_level == "Admin"){
+					if(SessionUtils::getSessionObject('account_locked') == "1"){
+						header("Location:".CLIENT_BASE_URL."?g=admin&n=billing&m=admin_System");
+					}else{
+						header("Location:".HOME_LINK_ADMIN);
+					}
+
+				}else{
+					if(empty($user->default_module)){
+						header("Location:".HOME_LINK_OTHERS);
+					}else{
+						$defaultModule = new Module();
+						$defaultModule->Load("id = ?",array($user->default_module));
+						if($defaultModule->mod_group == "user"){
+							$defaultModule->mod_group = "modules";
+						}
+						$homeLink = CLIENT_BASE_URL."?g=".$defaultModule->mod_group."&&n=".$defaultModule->name.
+							"&m=".$defaultModule->mod_group."_".str_replace(" ","_",$defaultModule->menu);
+						header("Location:".$homeLink);
+					}
+				}
+			}
+
 		}else{
 			header("Location:".CLIENT_BASE_URL."login.php?f=1");
-		}			
+		}
 	}
 }else{
 	if($user->user_level == "Admin"){
-		header("Location:".HOME_LINK_ADMIN);	
+		header("Location:".HOME_LINK_ADMIN);
 	}else{
-		header("Location:".HOME_LINK_OTHERS);	
+		if(empty($user->default_module)){
+			header("Location:".HOME_LINK_OTHERS);
+		}else{
+			$defaultModule = new Module();
+			$defaultModule->Load("id = ?",array($user->default_module));
+			if($defaultModule->mod_group == "user"){
+				$defaultModule->mod_group = "modules";
+			}
+			$homeLink = CLIENT_BASE_URL."?g=".$defaultModule->mod_group."&n=".$defaultModule->name.
+				"&m=".$defaultModule->mod_group."_".str_replace(" ","_",$defaultModule->menu);
+			header("Location:".$homeLink);
+		}
 	}
-	
+
 }
 
 $tuser = SessionUtils::getSessionObject('user');
-//check user
-/*
-$logoFileName = CLIENT_BASE_PATH."data/logo.png";
-$logoFileUrl = CLIENT_BASE_URL."data/logo.png";
-if(!file_exists($logoFileName)){
-	$logoFileUrl = BASE_URL."images/logo.png";	
-}*/
 $logoFileUrl = UIManager::getInstance()->getCompanyLogoUrl();
 
 ?><!DOCTYPE html>
 <html lang="en">
-  <head>
-    <meta charset="utf-8">
-    <title><?=APP_NAME?> Login</title>
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <meta name="description" content="">
-    <meta name="author" content="">
+<head>
+	<meta charset="utf-8">
+	<title><?=APP_NAME?> Login</title>
+	<meta name="viewport" content="width=device-width, initial-scale=1.0">
+	<meta name="description" content="">
+	<meta name="author" content="">
+
+	<!-- Le styles -->
+	<link href="<?=BASE_URL?>bootstrap/css/bootstrap.css" rel="stylesheet">
 
-    <!-- Le styles -->
-    <link href="<?=BASE_URL?>bootstrap/css/bootstrap.css" rel="stylesheet">
-	
 	<script type="text/javascript" src="<?=BASE_URL?>js/jquery-1.8.1.js"></script>
-    <script src="<?=BASE_URL?>bootstrap/js/bootstrap.js"></script>
+	<script src="<?=BASE_URL?>bootstrap/js/bootstrap.js"></script>
 	<script src="<?=BASE_URL?>js/jquery.placeholder.js"></script>
 	<script src="<?=BASE_URL?>js/jquery.dataTables.js"></script>
 	<script src="<?=BASE_URL?>js/bootstrap-datepicker.js"></script>
-    <link href="<?=BASE_URL?>bootstrap/css/bootstrap-responsive.css" rel="stylesheet">
-    <link href="<?=BASE_URL?>css/DT_bootstrap.css?v=0.4" rel="stylesheet">
-    <link href="<?=BASE_URL?>css/datepicker.css" rel="stylesheet">
-    <link href="<?=BASE_URL?>css/style.css?v=<?=$cssVersion?>" rel="stylesheet">
+	<link href="<?=BASE_URL?>bootstrap/css/bootstrap-responsive.css" rel="stylesheet">
+	<link href="<?=BASE_URL?>css/DT_bootstrap.css?v=0.4" rel="stylesheet">
+	<link href="<?=BASE_URL?>css/datepicker.css" rel="stylesheet">
+	<link href="<?=BASE_URL?>css/style.css?v=<?=$cssVersion?>" rel="stylesheet">
+
+	<!-- Le HTML5 shim, for IE6-8 support of HTML5 elements -->
+	<!--[if lt IE 9]>
+	<script src="<?=BASE_URL?>js/html5.js"></script>
+	<![endif]-->
 
-    <!-- Le HTML5 shim, for IE6-8 support of HTML5 elements -->
-    <!--[if lt IE 9]>
-      <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
-    <![endif]-->
-	
 	<style type="text/css">
-      /* Override some defaults */
-      html, body {
-        background-color: #829AA8;
-      }
-      body {
-        padding-top: 40px; 
-      }
-      .container {
-          width: 300px;
-          min-height: 0px !important;
-      }
+		/* Override some defaults */
+		html, body {
+			background-color: #829AA8;
+		}
+		body {
+			padding-top: 40px;
+		}
+		.container {
+			width: 300px;
+		}
 
-      /* The white background content wrapper */
-      .container > .content {
-          min-height: 0px !important;
-          background-color: #fff;
-          padding: 20px;
-          margin: 0 -20px;
-          -webkit-border-radius:0px;
-          -moz-border-radius:0px;
-          border-radius: 0px;
-          -webkit-box-shadow: 0 1px 2px rgba(0,0,0,.15);
-          -moz-box-shadow: 0 1px 2px rgba(0,0,0,.15);
-          box-shadow: 0 1px 2px rgba(0,0,0,.15);
-      }
+		/* The white background content wrapper */
+		.container > .content {
+			min-height: 0px !important;
+			background-color: #fff;
+			padding: 20px;
+			margin: 0 -20px;
+			-webkit-border-radius:0px;
+			-moz-border-radius:0px;
+			border-radius: 0px;
+			-webkit-box-shadow: 0 1px 2px rgba(0,0,0,.15);
+			-moz-box-shadow: 0 1px 2px rgba(0,0,0,.15);
+			box-shadow: 0 1px 2px rgba(0,0,0,.15);
+		}
 
-      .login-form {
-          margin-left: 65px;
-      }
+		.login-form {
+			margin-left: 65px;
+		}
 
-      legend {
-          margin-right: -50px;
-          font-weight: bold;
-          color: #404040;
-      }
+		legend {
+			margin-right: -50px;
+			font-weight: bold;
+			color: #404040;
+		}
 
-      .add-on{
-          -webkit-border-radius:0px;
-          -moz-border-radius:0px;
-          border-radius: 0px;
-      }
+		.add-on{
+			-webkit-border-radius:0px;
+			-moz-border-radius:0px;
+			border-radius: 0px;
+		}
 
-      input{
-          -webkit-border-radius:0px;
-          -moz-border-radius:0px;
-          border-radius: 0px;
-      }
+		input{
+			-webkit-border-radius:0px;
+			-moz-border-radius:0px;
+			border-radius: 0px;
+		}
 
-    </style>
-	
-	
-  </head>
+	</style>
 
-  <body>
-  
-  <script>
-  (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
-  (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
-  m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
-  })(window,document,'script','//www.google-analytics.com/analytics.js','ga');
 
-  ga('create', '<?=BaseService::getInstance()->getGAKey()?>', 'gamonoid.com');
-  ga('send', 'pageview');
+</head>
 
-  </script>
-  
-  <script type="text/javascript">
+<body>
+
+<script>
+	(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
+			(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
+		m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
+	})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
+
+	ga('create', '<?=BaseService::getInstance()->getGAKey()?>', 'gamonoid.com');
+	ga('send', 'pageview');
+
+</script>
+
+<script type="text/javascript">
 	var key = "";
-  <?php if(isset($_REQUEST['key'])){?>
-  	key = '<?=$_REQUEST['key']?>';
-  	key = key.replace(/ /g,"+");
-  <?php }?>
+	<?php if(isset($_REQUEST['key'])){?>
+	key = '<?=$_REQUEST['key']?>';
+	key = key.replace(/ /g,"+");
+	<?php }?>
 
-  $(document).ready(function() {
-	  $(window).keydown(function(event){
-	    if(event.keyCode == 13) {
-	      event.preventDefault();
-	      return false;
-	    }
-	  });
+	$(document).ready(function() {
+		$(window).keydown(function(event){
+			if(event.keyCode == 13) {
+				event.preventDefault();
+				return false;
+			}
+		});
 
-	  $("#password").keydown(function(event){
-		    if(event.keyCode == 13) {
-		      submitLogin();
-		      return false;
-		    }
-		  });
+		$("#password").keydown(function(event){
+			if(event.keyCode == 13) {
+				submitLogin();
+				return false;
+			}
+		});
 	});
 
-  function showForgotPassword(){
-	  $("#loginForm").hide();
-	  $("#requestPasswordChangeForm").show();
-  }
+	function showForgotPassword(){
+		$("#loginForm").hide();
+		$("#requestPasswordChangeForm").show();
+	}
 
-  function requestPasswordChange(){
-	  $("#requestPasswordChangeFormAlert").hide();
-	  var id = $("#usernameChange").val();
-	  $.post("service.php", {'a':'rpc','id':id}, function(data) {
+	function requestPasswordChange(){
+		$("#requestPasswordChangeFormAlert").hide();
+		var id = $("#usernameChange").val();
+		$.post("service.php", {'a':'rpc','id':id}, function(data) {
 			if(data.status == "SUCCESS"){
-				$("#requestPasswordChangeFormAlert").show();	
+				$("#requestPasswordChangeFormAlert").show();
 				$("#requestPasswordChangeFormAlert").html(data.message);
 			}else{
-				$("#requestPasswordChangeFormAlert").show();	
+				$("#requestPasswordChangeFormAlert").show();
 				$("#requestPasswordChangeFormAlert").html(data.message);
 			}
-	},"json");
-  }
+		},"json");
+	}
 
-  function changePassword(){
-	  $("#newPasswordFormAlert").hide();
-	  var password = $("#password").val();
+	function changePassword(){
+		$("#newPasswordFormAlert").hide();
+		var password = $("#password").val();
 
-	  	var passwordValidation =  function (str) {  
-			var val = /^[a-zA-Z0-9]\w{6,}$/;  
-			return str != null && val.test(str);  
+		var passwordValidation =  function (str) {
+			var val = /^[a-zA-Z0-9]\w{6,}$/;
+			return str != null && val.test(str);
 		};
-	
-		
+
+
 		if(!passwordValidation(password)){
-			$("#newPasswordFormAlert").show();	
+			$("#newPasswordFormAlert").show();
 			$("#newPasswordFormAlert").html("Password may contain only letters, numbers and should be longer than 6 characters");
 			return;
 		}
 
-	  
-	  $.post("service.php", {'a':'rsp','key':key,'pwd':password,"now":"1"}, function(data) {
-		  if(data.status == "SUCCESS"){
-			  top.location.href = "login.php?c=1";
+
+		$.post("service.php", {'a':'rsp','key':key,'pwd':password,"now":"1"}, function(data) {
+			if(data.status == "SUCCESS"){
+				top.location.href = "login.php?c=1";
 			}else{
-				$("#newPasswordFormAlert").show();	
+				$("#newPasswordFormAlert").show();
 				$("#newPasswordFormAlert").html(data.message);
 			}
-	},"json");
-  }
+		},"json");
+	}
 
-  function submitLogin(){
-      try{
-          localStorage.clear();
-      }catch(e){}
-	$("#loginForm").submit();  
-  }
-  
-  </script>
-	<div class="container">
-		<div class="content" style="margin-top:100px;">
-			<div class="row">
-				<div class="login-form">
-					<h2><img src="<?=$logoFileUrl?>"/></h2>
-					<?php if(!isset($_REQUEST['cp'])){?>
+	function submitLogin(){
+		try{
+			localStorage.clear();
+		}catch(e){}
+		$("#loginForm").submit();
+	}
+
+</script>
+<div class="container">
+	<?php if(defined('DEMO_MODE')){?>
+		<div class="content" style="top: 30px;
+			position: absolute;
+			left: 50px;
+			width: 380px;
+			height: 100px;">
+
+			<ul class="list-group" style="font-size:12px;">
+				<li style="padding-bottom:3px;" class="list-group-item">Admin: (Username = admin/ Password = admin)</li>
+				<li style="padding-bottom:3px;" class="list-group-item">Manager: (Username = manager/ Password = demouserpwd)</li>
+				<li style="padding-bottom:3px;" class="list-group-item">User: (Username = user1/ Password = demouserpwd)</li>
+				<li style="padding-bottom:3px;" class="list-group-item">User: (Username = user2/ Password = demouserpwd)</li>
+			</ul>
+		</div>
+	<?php }?>
+	<div class="content" style="margin-top:100px;">
+		<div class="row">
+			<div class="login-form">
+				<h2><img src="<?=$logoFileUrl?>"/></h2>
+				<?php if(!isset($_REQUEST['cp'])){?>
 					<form id="loginForm" action="login.php" method="POST">
 						<fieldset>
 							<div class="clearfix">
 								<div class="input-prepend">
-								  	<span class="add-on"><i class="icon-user"></i></span>
-								  	<input class="span2" type="text" id="username" name="username" placeholder="Username">
+									<span class="add-on"><i class="icon-user"></i></span>
+									<input class="span2" type="text" id="username" name="username" placeholder="Username">
 								</div>
 							</div>
 							<div class="clearfix">
 								<div class="input-prepend">
-								  	<span class="add-on"><i class="icon-lock"></i></span>
-								  	<input class="span2" type="password" id="password" name="password" placeholder="Password">
+									<span class="add-on"><i class="icon-lock"></i></span>
+									<input class="span2" type="password" id="password" name="password" placeholder="Password">
+								</div>
+							</div>
+							<div class="clearfix">
+								<div class="checkbox">
+									<label><input id="remember" name="remember" type="checkbox" value="remember" checked>Remember me</label>
 								</div>
 							</div>
 							<?php if(isset($_REQUEST['f'])){?>
-							<div class="clearfix alert alert-error" style="font-size:11px;width:147px;margin-bottom: 5px;">
-								Login failed
-								<?php if(isset($_REQUEST['fm'])){
-									echo $_REQUEST['fm'];	
-								}?>
-							</div>
+								<div class="clearfix alert alert-error" style="font-size:11px;width:147px;margin-bottom: 5px;">
+									Login failed
+									<?php if(isset($_REQUEST['fm'])){
+										echo $_REQUEST['fm'];
+									}?>
+								</div>
 							<?php } ?>
 							<?php if(isset($_REQUEST['c'])){?>
-							<div class="clearfix alert alert-info" style="font-size:11px;width:147px;margin-bottom: 5px;">
-								Password changed successfully	
-							</div>
+								<div class="clearfix alert alert-info" style="font-size:11px;width:147px;margin-bottom: 5px;">
+									Password changed successfully
+								</div>
 							<?php } ?>
 							<button class="btn" style="margin-top: 5px;" type="button" onclick="submitLogin();return false;">Sign in&nbsp;&nbsp;<span class="icon-arrow-right"></span></button>
 						</fieldset>
 						<div class="clearfix">
 							<a href="" onclick="showForgotPassword();return false;" style="float:left;margin-top: 10px;">Forgot password</a>
-							<a href="<?=TWITTER_URL?>" target="_blank" style="float:right;"><img src="<?=BASE_URL?>images/32x32-Circle-53-TW.png"/></a>
+							<!--
+                            <a href="<?=TWITTER_URL?>" target="_blank" style="float:right;"><img src="<?=BASE_URL?>images/32x32-Circle-53-TW.png"/></a>
 							<a href="<?=FB_URL?>" target="_blank" style="float:right;margin-right: 7px;"><img src="<?=BASE_URL?>images/32x32-Circle-54-FB.png"/></a>
+						    -->
 						</div>
 					</form>
 					<form id="requestPasswordChangeForm" style="display:none;" action="">
 						<fieldset>
 							<div class="clearfix">
 								<div class="input-prepend">
-								  	<span class="add-on"><i class="icon-user"></i></span>
-								  	<input class="span2" type="text" id="usernameChange" name="usernameChange" placeholder="Username or Email">
+									<span class="add-on"><i class="icon-user"></i></span>
+									<input class="span2" type="text" id="usernameChange" name="usernameChange" placeholder="Username or Email">
 								</div>
 							</div>
 							<div id="requestPasswordChangeFormAlert" class="clearfix alert alert-info" style="font-size:11px;width:147px;margin-bottom: 5px;display:none;">
-									
+
 							</div>
 							<button class="btn" style="margin-top: 5px;" type="button" onclick="requestPasswordChange();return false;">Request Password Change&nbsp;&nbsp;<span class="icon-arrow-right"></span></button>
 						</fieldset>
 					</form>
-					<?php }else{?>
+				<?php }else{?>
 					<form id="newPasswordForm" action="">
 						<fieldset>
 							<div class="clearfix">
 								<div class="input-prepend">
-								  	<span class="add-on"><i class="icon-lock"></i></span>
-								  	<input class="span2" type="password" id="password" name="password" placeholder="New Password">
+									<span class="add-on"><i class="icon-lock"></i></span>
+									<input class="span2" type="password" id="password" name="password" placeholder="New Password">
 								</div>
 							</div>
 							<div id="newPasswordFormAlert" class="clearfix alert alert-error" style="font-size:11px;width:147px;margin-bottom: 5px;display:none;">
-									
+
 							</div>
 							<button class="btn" style="margin-top: 5px;" type="button" onclick="changePassword();return false;">Change Password&nbsp;&nbsp;<span class="icon-arrow-right"></span></button>
 						</fieldset>
 					</form>
-					<?php }?>
-				</div>
+				<?php }?>
 			</div>
 		</div>
-	</div> <!-- /container -->
+	</div>
+</div> <!-- /container -->
 </body>
 </html>