require_once dirname(__FILE__).'/include/classes/user/CWebUser.php';
CWebUser::disableSessionCookie();
require_once dirname(__FILE__).'/include/config.inc.php';
require_once dirname(__FILE__).'/include/forms.inc.php';
$page['title'] = _('ZABBIX');
$page['file'] = 'index.php';
'name' => [T_ZBX_STR, O_NO, null, null, 'isset({enter}) && {enter} != "'.ZBX_GUEST_USER.'"', _('Username')],
'password' => [T_ZBX_STR, O_OPT, null, null, 'isset({enter}) && {enter} != "'.ZBX_GUEST_USER.'"'],
'sessionid' => [T_ZBX_STR, O_OPT, null, null, null],
'reconnect' => [T_ZBX_INT, O_OPT, P_SYS, null, null],
'enter' => [T_ZBX_STR, O_OPT, P_SYS, null, null],
'autologin' => [T_ZBX_INT, O_OPT, null, null, null],
'request' => [T_ZBX_STR, O_OPT, null, null, null],
'form' => [T_ZBX_STR, O_OPT, null, null, null]
$config = select_config();
if (hasRequest('reconnect') && CWebUser::isLoggedIn()) {
if ($config['saml_auth_enabled'] == ZBX_AUTH_SAML_ENABLED && $config['saml_slo_url'] !== ''
&& CSession::keyExists('saml_data')) {
redirect('index_sso.php?slo');
$autologin = hasRequest('enter') ? getRequest('autologin', 0) : getRequest('autologin', 1);
$request = getRequest('request', '');
preg_match('/^\/?(?<filename>[a-z0-9\_\.]+\.php)(?<request>\?.*)?$/i', $request, $test_request);
$request = (array_key_exists('filename', $test_request) && file_exists('./'.$test_request['filename']))
? $test_request['filename'].(array_key_exists('request', $test_request) ? $test_request['request'] : '')
if (!hasRequest('form') && $config['http_auth_enabled'] == ZBX_AUTH_HTTP_ENABLED
&& $config['http_login_form'] == ZBX_AUTH_FORM_HTTP && !hasRequest('enter')) {
redirect('index_http.php');
if (hasRequest('enter') && CWebUser::login(getRequest('name', ZBX_GUEST_USER), getRequest('password', ''))) {
if (CWebUser::$data['autologin'] != $autologin) {
'userid' => CWebUser::$data['userid'],
'autologin' => $autologin
$redirect = array_filter([CWebUser::isGuest() ? '' : $request, CWebUser::$data['url'], ZBX_DEFAULT_URL]);
redirect(reset($redirect));
if (CWebUser::isLoggedIn() && !CWebUser::isGuest()) {
redirect(CWebUser::$data['url'] ? CWebUser::$data['url'] : ZBX_DEFAULT_URL);