2003-04-23 21:01:18 +00:00
< ? php
2003-03-13 19:48:49 +00:00
/*
$Id $
This code is part of LDAP Account Manager ( http :// www . sourceforge . net / projects / lam )
Copyright ( C ) 2003 Michael Duergner
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
2003-03-14 11:32:28 +00:00
2003-03-13 19:48:49 +00:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2003-03-14 11:32:28 +00:00
2003-03-13 19:48:49 +00:00
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 - 1307 USA
2005-07-20 18:07:10 +00:00
*/
2003-03-14 11:32:28 +00:00
2005-07-20 18:07:10 +00:00
/**
* Login form of LDAP Account Manager .
*
* @ author Michael Duergner
* @ package main
2003-03-13 19:48:49 +00:00
*/
2003-03-18 20:55:43 +00:00
2005-11-03 12:31:16 +00:00
/** status messages */
include_once ( " ../lib/status.inc " );
// check environment
$criticalErrors = array ();
// check if PHP has session support
if ( ! function_exists ( 'session_start' )) {
$criticalErrors [] = array ( " ERROR " , " Your PHP has no session support! " , " Please install the session extension for PHP. " );
}
// check if PHP has LDAP support
if ( ! function_exists ( 'ldap_search' )) {
$criticalErrors [] = array ( " ERROR " , " Your PHP has no LDAP support! " , " Please install the LDAP extension for PHP. " );
}
// check if PHP has gettext support
if ( ! function_exists ( 'gettext' ) || ! function_exists ( '_' )) {
$criticalErrors [] = array ( " ERROR " , " Your PHP has no gettext support! " , " Please install gettext for PHP. " );
}
// check file permissions
2005-11-07 19:03:20 +00:00
$writableDirs = array ( 'sess' , 'tmp' );
2005-11-03 12:31:16 +00:00
for ( $i = 0 ; $i < sizeof ( $writableDirs ); $i ++ ) {
$path = realpath ( '../' ) . " / " . $writableDirs [ $i ];
if ( ! is_writable ( $path )) {
2005-11-05 15:45:24 +00:00
$criticalErrors [] = array ( " ERROR " , 'The directory %s is not writable for the web server. Please change your file permissions.' , '' , array ( $path ));
2005-11-03 12:31:16 +00:00
}
}
// stop login if critical errors occured
if ( sizeof ( $criticalErrors ) > 0 ) {
echo " <?xml version= \" 1.0 \" encoding= \" UTF-8 \" ?> \n " ;
echo " <!DOCTYPE HTML PUBLIC \" -//W3C//DTD HTML 4.01 Transitional//EN \" \" http://www.w3.org/TR/html4/loose.dtd \" > \n \n " ;
echo " <html> \n <head> \n " ;
echo " <meta http-equiv= \" content-type \" content= \" text/html; charset=UTF-8 \" > \n " ;
echo " <meta http-equiv= \" pragma \" content= \" no-cache \" > \n <meta http-equiv= \" cache-control \" content= \" no-cache \" > \n " ;
echo " <link rel= \" stylesheet \" type= \" text/css \" href= \" ../style/layout.css \" > " ;
echo " <title>LDAP Account Manager</title> \n " ;
echo " </head><body> \n " ;
for ( $i = 0 ; $i < sizeof ( $criticalErrors ); $i ++ ) {
call_user_func_array ( " StatusMessage " , $criticalErrors [ $i ]);
echo " <br><br> " ;
}
echo " </body></html> " ;
exit ();
}
2005-07-20 18:07:10 +00:00
/** access to configuration options */
2003-04-23 21:01:18 +00:00
include_once ( " ../lib/config.inc " ); // Include config.inc which provides Config class
2003-03-23 14:41:15 +00:00
2003-05-03 15:47:42 +00:00
session_save_path ( " ../sess " ); // Set session save path
2005-09-30 13:53:45 +00:00
session_start (); // Start LDAP Account Manager session
2003-04-23 21:01:18 +00:00
2005-06-03 12:09:08 +00:00
/**
* Displays the login window .
*
* @ param object $config_object current active configuration
*/
function display_LoginPage ( $config_object ) {
2003-05-12 20:46:58 +00:00
global $error_message ;
2003-04-23 21:01:18 +00:00
// generate 256 bit key and initialization vector for user/passwd-encryption
2003-10-02 17:54:04 +00:00
// check if we can use /dev/random otherwise use /dev/urandom or rand()
2005-02-22 20:20:47 +00:00
if ( function_exists ( 'mcrypt_create_iv' )) {
2005-11-18 10:41:08 +00:00
$key = @ mcrypt_create_iv ( 32 , MCRYPT_DEV_URANDOM );
2003-10-18 11:26:49 +00:00
if ( ! $key ) {
srand (( double ) microtime () * 1234567 );
$key = mcrypt_create_iv ( 32 , MCRYPT_RAND );
}
2005-11-18 10:41:08 +00:00
$iv = @ mcrypt_create_iv ( 32 , MCRYPT_DEV_URANDOM );
2003-10-18 11:26:49 +00:00
if ( ! $iv ) {
srand (( double ) microtime () * 1234567 );
$iv = mcrypt_create_iv ( 32 , MCRYPT_RAND );
}
2005-08-10 19:18:35 +00:00
// save both in cookie
setcookie ( " Key " , base64_encode ( $key ), 0 , " / " );
setcookie ( " IV " , base64_encode ( $iv ), 0 , " / " );
2003-10-02 17:54:04 +00:00
}
2003-04-23 21:01:18 +00:00
2003-07-20 18:28:38 +00:00
$_SESSION [ 'language' ] = $config_object -> get_defaultLanguage ();
2003-08-08 13:30:23 +00:00
$current_language = explode ( " : " , $_SESSION [ 'language' ]);
2003-11-17 15:47:53 +00:00
$_SESSION [ 'header' ] = " <?xml version= \" 1.0 \" encoding= \" " . $current_language [ 1 ] . " \" ?> \n " ;
2003-11-17 15:50:52 +00:00
$_SESSION [ 'header' ] .= " <!DOCTYPE HTML PUBLIC \" -//W3C//DTD HTML 4.01 Transitional//EN \" \" http://www.w3.org/TR/html4/loose.dtd \" > \n \n " ;
2003-11-17 15:47:53 +00:00
$_SESSION [ 'header' ] .= " <html> \n <head> \n " ;
$_SESSION [ 'header' ] .= " <meta http-equiv= \" content-type \" content= \" text/html; charset= " . $current_language [ 1 ] . " \" > \n " ;
$_SESSION [ 'header' ] .= " <meta http-equiv= \" pragma \" content= \" no-cache \" > \n <meta http-equiv= \" cache-control \" content= \" no-cache \" > " ;
2003-05-12 20:46:58 +00:00
2003-04-23 21:01:18 +00:00
// loading available languages from language.conf file
2003-07-14 21:59:09 +00:00
$languagefile = " ../config/language " ;
2003-04-23 21:01:18 +00:00
if ( is_file ( $languagefile ) == True )
{
$file = fopen ( $languagefile , " r " );
$i = 0 ;
while ( ! feof ( $file ))
{
$line = fgets ( $file , 1024 );
2003-05-12 20:46:58 +00:00
if ( $line == " " || $line == " \n " || $line [ 0 ] == " # " ) continue ; // ignore comment and empty lines
2003-04-23 21:01:18 +00:00
$value = explode ( " : " , $line );
$languages [ $i ][ " link " ] = $value [ 0 ] . " : " . $value [ 1 ];
$languages [ $i ][ " descr " ] = $value [ 2 ];
2003-05-12 20:46:58 +00:00
if ( rtrim ( $line ) == $_SESSION [ " language " ])
{
$languages [ $i ][ " default " ] = " YES " ;
}
else
{
$languages [ $i ][ " default " ] = " NO " ;
}
2003-04-23 21:01:18 +00:00
$i ++ ;
}
fclose ( $file );
}
2003-07-14 21:59:09 +00:00
$profiles = getConfigProfiles ();
2003-05-07 19:53:58 +00:00
setlanguage (); // setting correct language
2003-07-23 08:08:25 +00:00
echo $_SESSION [ " header " ];
?>
< title > LDAP Account Manager - Login -</ title >
< link rel = " stylesheet " type = " text/css " href = " ../style/layout.css " >
</ head >
< body >
2005-05-15 13:14:45 +00:00
< ? php
// set focus on password field
echo " <script type= \" text/javascript \" language= \" javascript \" > \n " ;
echo " <!-- \n " ;
echo " window.onload = function() { \n " ;
echo " loginField = document.getElementsByName('passwd')[0]; \n " ;
echo " loginField.focus(); \n " ;
echo " } \n " ;
echo " //--> \n " ;
echo " </script> \n " ;
?>
2003-07-23 08:08:25 +00:00
< p align = " center " >
2003-11-17 15:57:08 +00:00
< a href = " http://lam.sf.net " target = " _blank " >< img src = " ../graphics/banner.jpg " border = " 1 " alt = " LDAP Account Manager " ></ a >
2003-07-23 08:08:25 +00:00
</ p >
< table width = " 100% " border = " 0 " >
< tr >
< td width = " 100% " align = " right " >
2005-05-16 09:36:33 +00:00
< a href = " ./config/conflogin.php " target = " _self " >< ? php echo _ ( " Configuration login " ); ?> </a>
2003-07-23 08:08:25 +00:00
</ td >
</ tr >
</ table >
< hr >< br >< br >
2003-10-18 11:26:49 +00:00
< ? php
2004-05-19 22:14:41 +00:00
// check if all password hashes are possible
2004-01-10 11:08:10 +00:00
if (( ! function_exists ( 'mHash' )) && ( ! function_exists ( 'sha1' ))) {
StatusMessage ( " INFO " , " Your PHP does not support MHash or sha1(), you will only be able to use CRYPT/PLAIN/MD5/SMD5 for user passwords! " , " Please install MHash or update to PHP >4.3. " );
2004-05-19 22:14:41 +00:00
echo " <br><br> " ;
}
2003-07-23 08:08:25 +00:00
?>
2005-01-15 12:11:03 +00:00
< table width = " 650 " align = " center " border = " 2 " rules = " none " bgcolor = " white " >
< tr >
< td style = " border-style:none " width = " 70 " rowspan = " 2 " >
< img src = " ../graphics/lam.png " alt = " Logo " >
</ td >
< td width = " 580 " >
< form action = " login.php " method = " post " >
< table width = " 580 " >
< tr >
< td style = " border-style:none " height = " 70 " colspan = " 2 " align = " center " >
2005-05-16 09:36:33 +00:00
< font color = " darkblue " >< b >< big >< ? php echo _ ( " Please select your user name and enter your password to log in " ); ?> </big></b></font>
2005-01-15 12:11:03 +00:00
</ td >
</ tr >
< tr >
< td style = " border-style:none " height = " 35 " align = " right " >< b >
< ? php
2005-05-16 09:36:33 +00:00
echo _ ( " User name " ) . " : " ;
2005-01-15 12:11:03 +00:00
?>
</ b >& nbsp ; & nbsp ; </ td >
< td style = " border-style:none " height = " 35 " align = " left " >
< select name = " username " size = " 1 " tabindex = " 0 " >
< ? php
$admins = $config_object -> get_Admins ();
for ( $i = 0 ; $i < count ( $admins ); $i ++ ) {
$text = explode ( " , " , $admins [ $i ]);
$text = explode ( " = " , $text [ 0 ]);
?>
< option value = " <?php echo $admins[$i] ; ?> " >< ? php echo $text [ 1 ]; ?> </option>
< ? php
}
?>
</ select >
</ td >
</ tr >
< tr >
< td style = " border-style:none " height = " 35 " align = " right " >< b >
< ? php
echo _ ( " Password " ) . " : " ;
?>
</ b >& nbsp ; & nbsp ; </ td >
< td style = " border-style:none " height = " 35 " align = " left " >
< input type = " password " name = " passwd " tabindex = " 1 " >
</ td >
</ tr >
< tr >
< td style = " border-style:none " align = " right " >< b >
< ? php
2005-05-16 09:36:33 +00:00
echo _ ( " Language " ) . " : " ;
2005-01-15 12:11:03 +00:00
?>
</ b >& nbsp ; & nbsp ; </ td >
< td style = " border-style:none " height = " 35 " align = " left " >
< select name = " language " size = " 1 " tabindex = " 2 " >
< ? php
for ( $i = 0 ; $i < count ( $languages ); $i ++ ) {
if ( $languages [ $i ][ " default " ] == " YES " ) {
?>
< option selected value = " <?php echo $languages[$i] [ " link " ] . " : " . $languages[$i] [ " descr " ]; ?> " >< ? php echo $languages [ $i ][ " descr " ]; ?> </option>
< ? php
}
else
{
?>
< option value = " <?php echo $languages[$i] [ " link " ] . " : " . $languages[$i] [ " descr " ]; ?> " >< ? php echo $languages [ $i ][ " descr " ]; ?> </option>
< ? php
}
}
?>
</ select >
</ td >
</ tr >
< tr >
< td style = " border-style:none " height = " 50 " colspan = " 2 " align = " center " >
< input name = " checklogin " type = " hidden " value = " checklogin " >
< input name = " submit " type = " submit " value = " <?php echo _( " Login " ); ?> " tabindex = " 3 " >
</ td >
</ tr >
< tr >
2005-05-16 09:36:33 +00:00
< td style = " border-style:none " colspan = " 2 " align = " center " >
2005-01-15 12:11:03 +00:00
< ? php
if ( $error_message != " " ) {
echo " <font color= \" red \" ><b> " . $error_message . " </b></font> " ;
}
?>
</ td >
</ tr >
</ table >
</ form >
2004-02-16 17:02:01 +00:00
</ td >
2005-01-15 12:11:03 +00:00
</ tr >
< tr >
< td >
< form action = " login.php " method = " post " >
< table width = " 580 " >
< tr >
< td style = " border-style:none " height = " 30 " colspan = " 2 " >
< hr >
< b >
< ? php
echo _ ( " LDAP server " ) . " : " ;
?> </b>
< ? php echo $config_object -> get_ServerURL (); ?>
</ td >
</ tr >
< tr >
< td style = " border-style:none " height = " 30 " >< b >
< ? php
echo _ ( " Configuration profile " ) . " : " ;
2005-11-06 10:34:33 +00:00
if ( empty ( $_POST [ 'profileChange' ])) {
2005-01-15 12:11:03 +00:00
$_POST [ 'profile' ] = $_SESSION [ 'config' ] -> file ;
}
?> </b>
< ? php echo $_POST [ 'profile' ]; ?>
</ td >
< td style = " border-style:none " height = " 30 " align = " right " >
< select name = " profile " size = " 1 " tabindex = " 4 " >
< ? php
for ( $i = 0 ; $i < count ( $profiles ); $i ++ ) {
?>
< option value = " <?php echo $profiles[$i] ; ?> " >< ? php echo $profiles [ $i ]; ?> </option>
< ? php
}
?>
</ select >
< input name = " profileChange " type = " hidden " value = " profileChange " >
2005-05-16 09:36:33 +00:00
< input name = " submit " type = " submit " value = " <?php echo _( " Change profile " ); ?> " tabindex = " 5 " >
2005-01-15 12:11:03 +00:00
</ td >
</ tr >
< tr >
< td style = " border-style:none " height = " 10 " colspan = " 2 " ></ td >
</ tr >
</ table >
</ form >
2004-02-16 17:02:01 +00:00
</ td >
2005-01-15 12:11:03 +00:00
</ tr >
</ table >
2003-07-23 08:08:25 +00:00
< br >< br >
2005-05-06 10:55:20 +00:00
< TABLE style = " position:absolute; bottom:10px; " border = " 0 " width = " 99% " >
< TR >< TD align = " right " >< HR >
< SMALL >
< ? php
echo " LDAP Account Manager: <b> " . LAMVersion () . " </b> " ;
?>
</ SMALL >
</ TD ></ TR >
</ TABLE >
2003-07-23 08:08:25 +00:00
</ body >
</ html >
< ? php
2003-04-23 21:01:18 +00:00
}
2003-03-14 11:32:28 +00:00
// checking if the submitted username/password is correct.
2005-11-06 10:34:33 +00:00
if ( ! empty ( $_POST [ 'checklogin' ]))
2003-03-14 11:32:28 +00:00
{
2003-10-18 11:26:49 +00:00
$_SESSION [ 'lampath' ] = realpath ( '../' ) . " / " ; // Save full path to lam in session
2003-04-23 21:01:18 +00:00
include_once ( " ../lib/ldap.inc " ); // Include ldap.php which provides Ldap class
2003-03-20 16:41:52 +00:00
2003-08-13 19:21:36 +00:00
$_SESSION [ 'ldap' ] = new Ldap ( $_SESSION [ 'config' ]); // Create new Ldap object
2003-10-18 11:26:49 +00:00
2003-05-18 18:59:02 +00:00
if ( $_POST [ 'passwd' ] == " " )
2003-03-14 11:32:28 +00:00
{
2005-05-16 09:36:33 +00:00
$error_message = _ ( " Empty password submitted. Please try again. " );
2005-06-03 12:09:08 +00:00
display_LoginPage ( $_SESSION [ 'config' ]); // Empty password submitted. Return to login page.
2003-03-14 11:32:28 +00:00
}
2003-03-15 12:13:49 +00:00
else
2003-03-14 11:32:28 +00:00
{
2004-12-16 19:29:28 +00:00
if ( get_magic_quotes_gpc () == 1 ) {
$_POST [ 'passwd' ] = stripslashes ( $_POST [ 'passwd' ]);
}
2003-07-20 18:36:39 +00:00
$result = $_SESSION [ 'ldap' ] -> connect ( $_POST [ 'username' ], $_POST [ 'passwd' ]); // Connect to LDAP server for verifing username/password
2003-10-18 11:26:49 +00:00
2003-12-06 13:40:01 +00:00
if ( $result === 0 ) // Username/password correct. Do some configuration and load main frame.
2003-03-15 12:13:49 +00:00
{
2003-10-22 17:42:12 +00:00
$_SESSION [ 'loggedIn' ] = true ;
2003-07-20 18:28:38 +00:00
$_SESSION [ 'language' ] = $_POST [ 'language' ]; // Write selected language in session
2003-08-08 15:07:47 +00:00
$current_language = explode ( " : " , $_SESSION [ 'language' ]);
2003-11-17 15:47:53 +00:00
$_SESSION [ 'header' ] = " <?xml version= \" 1.0 \" encoding= \" " . $current_language [ 1 ] . " \" ?> \n " ;
2003-11-17 15:50:52 +00:00
$_SESSION [ 'header' ] .= " <!DOCTYPE HTML PUBLIC \" -//W3C//DTD HTML 4.01 Transitional//EN \" \" http://www.w3.org/TR/html4/loose.dtd \" > \n \n " ;
2003-11-17 15:47:53 +00:00
$_SESSION [ 'header' ] .= " <html> \n <head> \n " ;
$_SESSION [ 'header' ] .= " <meta http-equiv= \" content-type \" content= \" text/html; charset= " . $current_language [ 1 ] . " \" > \n " ;
$_SESSION [ 'header' ] .= " <meta http-equiv= \" pragma \" content= \" no-cache \" > \n <meta http-equiv= \" cache-control \" content= \" no-cache \" > " ;
2003-07-20 18:28:38 +00:00
2003-05-18 18:59:02 +00:00
include ( " ./main.php " ); // Load main frame
2003-03-15 12:13:49 +00:00
}
else
{
2003-12-03 23:03:10 +00:00
if ( $result === False )
{
2005-05-16 09:36:33 +00:00
$error_message = _ ( " Cannot connect to specified LDAP server. Please try again. " );
2005-06-03 12:09:08 +00:00
display_LoginPage ( $_SESSION [ 'config' ]); // connection failed
2003-12-03 23:03:10 +00:00
}
elseif ( $result == 81 )
{
2005-05-16 09:36:33 +00:00
$error_message = _ ( " Cannot connect to specified LDAP server. Please try again. " );
2005-06-03 12:09:08 +00:00
display_LoginPage ( $_SESSION [ 'config' ]); // connection failed
2003-12-03 23:03:10 +00:00
}
elseif ( $result == 49 )
2003-05-18 18:59:02 +00:00
{
2005-05-16 09:36:33 +00:00
$error_message = _ ( " Wrong password/user name combination. Please try again. " );
2005-06-03 12:09:08 +00:00
display_LoginPage ( $_SESSION [ 'config' ]); // Username/password invalid. Return to login page.
2003-05-18 18:59:02 +00:00
}
else
{
2003-12-03 23:03:10 +00:00
$error_message = _ ( " LDAP error, server says: " ) . " \n <br>( $result ) " . ldap_err2str ( $result );
2005-06-03 12:09:08 +00:00
display_LoginPage ( $_SESSION [ 'config' ]); // other errors
2003-05-18 18:59:02 +00:00
}
2003-03-15 12:13:49 +00:00
}
2003-03-14 11:32:28 +00:00
}
}
2003-07-14 21:59:09 +00:00
// Reload loginpage after a profile change
2005-11-06 10:34:33 +00:00
elseif ( ! empty ( $_POST [ 'profileChange' ])) {
2003-08-13 19:18:56 +00:00
$_SESSION [ 'config' ] = new Config ( $_POST [ 'profile' ]); // Recreate the config object with the submited
2005-06-03 12:09:08 +00:00
display_LoginPage ( $_SESSION [ 'config' ]); // Load login page
2003-07-14 21:59:09 +00:00
}
2003-03-23 14:41:15 +00:00
// Load login page
2003-03-14 11:32:28 +00:00
else
{
2003-10-22 17:42:12 +00:00
$_SESSION [ 'loggedIn' ] = false ;
2003-07-14 21:59:09 +00:00
$default_Config = new CfgMain ();
$default_Profile = $default_Config -> default ;
2003-07-20 18:28:38 +00:00
$_SESSION [ " config " ] = new Config ( $default_Profile ); // Create new Config object
2003-03-20 16:37:20 +00:00
2005-06-03 12:09:08 +00:00
display_LoginPage ( $_SESSION [ " config " ]); // Load Login page
2003-03-14 11:32:28 +00:00
}
2003-08-16 17:30:20 +00:00
?>