2003-04-23 21:01:18 +00:00
|
|
|
<?php
|
2003-03-13 19:48:49 +00:00
|
|
|
/*
|
|
|
|
|
$Id$
|
|
|
|
|
|
2009-10-27 18:47:12 +00:00
|
|
|
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
2006-03-03 17:30:35 +00:00
|
|
|
Copyright (C) 2003 - 2006 Michael Duergner
|
2010-01-25 16:38:36 +00:00
|
|
|
2005 - 2010 Roland Gruber
|
2003-03-13 19:48:49 +00:00
|
|
|
|
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
|
the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
(at your option) any later version.
|
2003-03-14 11:32:28 +00:00
|
|
|
|
2003-03-13 19:48:49 +00:00
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
GNU General Public License for more details.
|
2003-03-14 11:32:28 +00:00
|
|
|
|
2003-03-13 19:48:49 +00:00
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
|
along with this program; if not, write to the Free Software
|
|
|
|
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
|
|
2005-07-20 18:07:10 +00:00
|
|
|
*/
|
2003-03-14 11:32:28 +00:00
|
|
|
|
2005-07-20 18:07:10 +00:00
|
|
|
/**
|
|
|
|
|
* Login form of LDAP Account Manager.
|
|
|
|
|
*
|
|
|
|
|
* @author Michael Duergner
|
2010-01-25 16:38:36 +00:00
|
|
|
* @author Roland Gruber
|
2005-07-20 18:07:10 +00:00
|
|
|
* @package main
|
2003-03-13 19:48:49 +00:00
|
|
|
*/
|
2003-03-18 20:55:43 +00:00
|
|
|
|
2005-11-03 12:31:16 +00:00
|
|
|
/** status messages */
|
|
|
|
|
include_once("../lib/status.inc");
|
2008-02-21 19:24:37 +00:00
|
|
|
|
2010-01-25 16:56:19 +00:00
|
|
|
/** check environment */
|
|
|
|
|
include '../lib/checkEnvironment.inc';
|
2008-02-21 19:24:37 +00:00
|
|
|
|
2006-04-23 16:33:25 +00:00
|
|
|
/** security functions */
|
|
|
|
|
include_once("../lib/security.inc");
|
2006-10-18 16:08:58 +00:00
|
|
|
/** self service functions */
|
|
|
|
|
include_once("../lib/selfService.inc");
|
2005-07-20 18:07:10 +00:00
|
|
|
/** access to configuration options */
|
2003-04-23 21:01:18 +00:00
|
|
|
include_once("../lib/config.inc"); // Include config.inc which provides Config class
|
2003-03-23 14:41:15 +00:00
|
|
|
|
2009-07-08 18:03:28 +00:00
|
|
|
// set session save path
|
|
|
|
|
if (strtolower(session_module_name()) == 'files') {
|
2010-02-06 11:50:26 +00:00
|
|
|
session_save_path(dirname(__FILE__) . '/../sess');
|
2009-07-08 18:03:28 +00:00
|
|
|
}
|
2010-02-06 11:50:26 +00:00
|
|
|
|
|
|
|
|
// start empty session and change ID for security reasons
|
|
|
|
|
session_start();
|
|
|
|
|
session_destroy();
|
|
|
|
|
session_start();
|
|
|
|
|
session_regenerate_id(true);
|
2003-04-23 21:01:18 +00:00
|
|
|
|
2008-05-25 16:25:09 +00:00
|
|
|
// save last selected login profile
|
|
|
|
|
if(isset($_POST['profile'])) {
|
|
|
|
|
setcookie("lam_default_profile", $_POST['profile'], time() + 365*60*60*24);
|
|
|
|
|
}
|
|
|
|
|
|
2010-02-06 11:50:26 +00:00
|
|
|
// init some session variables
|
|
|
|
|
$default_Config = new LAMCfgMain();
|
|
|
|
|
$_SESSION["cfgMain"] = $default_Config;
|
|
|
|
|
$default_Profile = $default_Config->default;
|
|
|
|
|
if(isset($_COOKIE["lam_default_profile"])) {
|
|
|
|
|
$default_Profile = $_COOKIE["lam_default_profile"];
|
|
|
|
|
}
|
|
|
|
|
// Reload loginpage after a profile change
|
|
|
|
|
if(isset($_POST['profileChange'])) {
|
|
|
|
|
logNewMessage(LOG_DEBUG, "Change server profile to " . $_POST['profile']);
|
|
|
|
|
$_SESSION['config'] = new LAMConfig($_POST['profile']); // Recreate the config object with the submited
|
|
|
|
|
}
|
|
|
|
|
// Load login page
|
|
|
|
|
else {
|
|
|
|
|
$_SESSION["config"] = new LAMConfig($default_Profile); // Create new Config object
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$_SESSION['language'] = $_SESSION["config"]->get_defaultLanguage();
|
|
|
|
|
if (isset($_POST['language'])) {
|
|
|
|
|
$_SESSION['language'] = $_POST['language']; // Write selected language in session
|
|
|
|
|
}
|
|
|
|
|
$current_language = explode(":",$_SESSION['language']);
|
|
|
|
|
$_SESSION['header'] = "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n\n";
|
|
|
|
|
$_SESSION['header'] .= "<html>\n<head>\n";
|
|
|
|
|
$_SESSION['header'] .= "<meta http-equiv=\"content-type\" content=\"text/html; charset=" . $current_language[1] . "\">\n";
|
|
|
|
|
$_SESSION['header'] .= "<meta http-equiv=\"pragma\" content=\"no-cache\">\n <meta http-equiv=\"cache-control\" content=\"no-cache\">";
|
|
|
|
|
|
|
|
|
|
|
2005-06-03 12:09:08 +00:00
|
|
|
/**
|
|
|
|
|
* Displays the login window.
|
|
|
|
|
*
|
|
|
|
|
* @param object $config_object current active configuration
|
|
|
|
|
*/
|
|
|
|
|
function display_LoginPage($config_object) {
|
2010-01-25 16:38:36 +00:00
|
|
|
logNewMessage(LOG_DEBUG, "Display login page");
|
2003-05-12 20:46:58 +00:00
|
|
|
global $error_message;
|
2003-04-23 21:01:18 +00:00
|
|
|
// generate 256 bit key and initialization vector for user/passwd-encryption
|
2003-10-02 17:54:04 +00:00
|
|
|
// check if we can use /dev/random otherwise use /dev/urandom or rand()
|
2005-02-22 20:20:47 +00:00
|
|
|
if(function_exists('mcrypt_create_iv')) {
|
2005-11-18 10:41:08 +00:00
|
|
|
$key = @mcrypt_create_iv(32, MCRYPT_DEV_URANDOM);
|
2003-10-18 11:26:49 +00:00
|
|
|
if (! $key) {
|
|
|
|
|
srand((double)microtime()*1234567);
|
|
|
|
|
$key = mcrypt_create_iv(32, MCRYPT_RAND);
|
|
|
|
|
}
|
2005-11-18 10:41:08 +00:00
|
|
|
$iv = @mcrypt_create_iv(32, MCRYPT_DEV_URANDOM);
|
2003-10-18 11:26:49 +00:00
|
|
|
if (! $iv) {
|
|
|
|
|
srand((double)microtime()*1234567);
|
|
|
|
|
$iv = mcrypt_create_iv(32, MCRYPT_RAND);
|
|
|
|
|
}
|
2005-08-10 19:18:35 +00:00
|
|
|
// save both in cookie
|
|
|
|
|
setcookie("Key", base64_encode($key), 0, "/");
|
|
|
|
|
setcookie("IV", base64_encode($iv), 0, "/");
|
2003-10-02 17:54:04 +00:00
|
|
|
}
|
2003-04-23 21:01:18 +00:00
|
|
|
// loading available languages from language.conf file
|
2003-07-14 21:59:09 +00:00
|
|
|
$languagefile = "../config/language";
|
2003-04-23 21:01:18 +00:00
|
|
|
if(is_file($languagefile) == True)
|
|
|
|
|
{
|
|
|
|
|
$file = fopen($languagefile, "r");
|
|
|
|
|
$i = 0;
|
|
|
|
|
while(!feof($file))
|
|
|
|
|
{
|
|
|
|
|
$line = fgets($file, 1024);
|
2003-05-12 20:46:58 +00:00
|
|
|
if($line == "" || $line == "\n" || $line[0] == "#") continue; // ignore comment and empty lines
|
2003-04-23 21:01:18 +00:00
|
|
|
$value = explode(":", $line);
|
|
|
|
|
$languages[$i]["link"] = $value[0] . ":" . $value[1];
|
|
|
|
|
$languages[$i]["descr"] = $value[2];
|
2003-05-12 20:46:58 +00:00
|
|
|
if(rtrim($line) == $_SESSION["language"])
|
|
|
|
|
{
|
|
|
|
|
$languages[$i]["default"] = "YES";
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$languages[$i]["default"] = "NO";
|
|
|
|
|
}
|
2003-04-23 21:01:18 +00:00
|
|
|
$i++;
|
|
|
|
|
}
|
|
|
|
|
fclose($file);
|
|
|
|
|
}
|
|
|
|
|
|
2003-07-14 21:59:09 +00:00
|
|
|
$profiles = getConfigProfiles();
|
|
|
|
|
|
2003-05-07 19:53:58 +00:00
|
|
|
setlanguage(); // setting correct language
|
|
|
|
|
|
2003-07-23 08:08:25 +00:00
|
|
|
echo $_SESSION["header"];
|
|
|
|
|
?>
|
|
|
|
|
<title>LDAP Account Manager -Login-</title>
|
|
|
|
|
<link rel="stylesheet" type="text/css" href="../style/layout.css">
|
2008-01-01 13:06:51 +00:00
|
|
|
<link rel="shortcut icon" type="image/x-icon" href="../graphics/favicon.ico">
|
2003-07-23 08:08:25 +00:00
|
|
|
</head>
|
2009-03-07 18:17:57 +00:00
|
|
|
<body onload="focusLogin()">
|
2005-05-15 13:14:45 +00:00
|
|
|
<?php
|
|
|
|
|
// set focus on password field
|
|
|
|
|
echo "<script type=\"text/javascript\" language=\"javascript\">\n";
|
|
|
|
|
echo "<!--\n";
|
2009-03-07 18:17:57 +00:00
|
|
|
echo "function focusLogin() {\n";
|
|
|
|
|
if ($config_object->getLoginMethod() == LAMConfig::LOGIN_LIST) {
|
|
|
|
|
echo "myElement = document.getElementsByName('passwd')[0];\n";
|
|
|
|
|
echo "myElement.focus();\n";
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
echo "myElement = document.getElementsByName('username')[0];\n";
|
|
|
|
|
echo "myElement.focus();\n";
|
|
|
|
|
}
|
2005-05-15 13:14:45 +00:00
|
|
|
echo "}\n";
|
|
|
|
|
echo "//-->\n";
|
|
|
|
|
echo "</script>\n";
|
|
|
|
|
?>
|
2003-07-23 08:08:25 +00:00
|
|
|
<p align="center">
|
2009-08-10 16:13:27 +00:00
|
|
|
<a href="http://www.ldap-account-manager.org/" target="_blank"><img src="../graphics/banner.jpg" border="1" alt="LDAP Account Manager"></a>
|
2003-07-23 08:08:25 +00:00
|
|
|
</p>
|
|
|
|
|
<table width="100%" border="0">
|
|
|
|
|
<tr>
|
2009-05-03 18:23:25 +00:00
|
|
|
<td width="50%" align="left">
|
|
|
|
|
<a href="./config/index.php"><IMG alt="configuration" src="../graphics/tools.png"> <?php echo _("LAM configuration") ?></a>
|
|
|
|
|
</td>
|
|
|
|
|
<TD width="50%" align="right">
|
2006-10-18 16:08:58 +00:00
|
|
|
<?PHP
|
|
|
|
|
if (!isLAMProVersion()) {
|
2009-08-10 16:13:27 +00:00
|
|
|
echo "<a href=\"http://www.ldap-account-manager.org/lamcms/lamPro\">" . _("Want more features? Get LAM Pro!") . "</a>";
|
2006-10-18 16:08:58 +00:00
|
|
|
}
|
|
|
|
|
?>
|
|
|
|
|
</TD>
|
2003-07-23 08:08:25 +00:00
|
|
|
</tr>
|
|
|
|
|
</table>
|
|
|
|
|
<hr><br><br>
|
2003-10-18 11:26:49 +00:00
|
|
|
<?php
|
2006-04-29 09:58:17 +00:00
|
|
|
// check extensions
|
|
|
|
|
$extList = getRequiredExtensions();
|
|
|
|
|
for ($i = 0; $i < sizeof($extList); $i++) {
|
|
|
|
|
if (!extension_loaded($extList[$i])) {
|
2006-07-29 09:18:53 +00:00
|
|
|
StatusMessage("ERROR", "A required PHP extension is missing!", $extList[$i]);
|
2006-04-29 09:58:17 +00:00
|
|
|
echo "<br>";
|
|
|
|
|
}
|
2004-05-19 22:14:41 +00:00
|
|
|
}
|
2009-05-03 17:31:39 +00:00
|
|
|
// check TLS
|
|
|
|
|
$useTLS = $config_object->getUseTLS();
|
|
|
|
|
if (isset($useTLS) && ($useTLS == "yes")) {
|
|
|
|
|
if (!function_exists('ldap_start_tls')) {
|
|
|
|
|
StatusMessage("ERROR", "Your PHP installation does not support TLS encryption!");
|
|
|
|
|
echo "<br>";
|
|
|
|
|
}
|
|
|
|
|
}
|
2006-05-01 08:56:40 +00:00
|
|
|
// check if session expired
|
|
|
|
|
if (isset($_GET['expired'])) {
|
|
|
|
|
StatusMessage("ERROR", _("Your session expired, please log in again."));
|
|
|
|
|
echo "<br>";
|
|
|
|
|
}
|
2003-07-23 08:08:25 +00:00
|
|
|
?>
|
2008-07-30 20:34:19 +00:00
|
|
|
<div style="position:relative; z-index:5;">
|
2005-01-15 12:11:03 +00:00
|
|
|
<table width="650" align="center" border="2" rules="none" bgcolor="white">
|
|
|
|
|
<tr>
|
|
|
|
|
<td style="border-style:none" width="70" rowspan="2">
|
|
|
|
|
<img src="../graphics/lam.png" alt="Logo">
|
|
|
|
|
</td>
|
2007-02-11 13:55:03 +00:00
|
|
|
<td style="border-style:none" width="580">
|
2005-01-15 12:11:03 +00:00
|
|
|
<form action="login.php" method="post">
|
|
|
|
|
<table width="580">
|
|
|
|
|
<tr>
|
|
|
|
|
<td style="border-style:none" height="70" colspan="2" align="center">
|
2007-12-31 12:37:00 +00:00
|
|
|
<font color="#000080"><b><big><?php echo _("Please select your user name and enter your password to log in."); ?></big></b></font>
|
2005-01-15 12:11:03 +00:00
|
|
|
</td>
|
|
|
|
|
</tr>
|
|
|
|
|
<tr>
|
|
|
|
|
<td style="border-style:none" height="35" align="right"><b>
|
|
|
|
|
<?php
|
2005-05-16 09:36:33 +00:00
|
|
|
echo _("User name") . ":";
|
2005-01-15 12:11:03 +00:00
|
|
|
?>
|
|
|
|
|
</b> </td>
|
|
|
|
|
<td style="border-style:none" height="35" align="left">
|
|
|
|
|
<?php
|
2009-03-07 18:17:57 +00:00
|
|
|
if ($config_object->getLoginMethod() == LAMConfig::LOGIN_LIST) {
|
|
|
|
|
echo '<select name="username" size="1" tabindex="0">';
|
|
|
|
|
$admins = $config_object->get_Admins();
|
|
|
|
|
for($i = 0; $i < count($admins); $i++) {
|
|
|
|
|
$text = explode(",", $admins[$i]);
|
|
|
|
|
$text = explode("=", $text[0]);
|
|
|
|
|
echo '<option value="' . $admins[$i] . '">' . $text[1] . '</option>';
|
|
|
|
|
}
|
|
|
|
|
echo '</select>';
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
echo '<input type="text" name="username" tabindex="1">';
|
2005-01-15 12:11:03 +00:00
|
|
|
}
|
|
|
|
|
?>
|
|
|
|
|
</td>
|
|
|
|
|
</tr>
|
|
|
|
|
<tr>
|
|
|
|
|
<td style="border-style:none" height="35" align="right"><b>
|
|
|
|
|
<?php
|
|
|
|
|
echo _("Password") . ":";
|
|
|
|
|
?>
|
|
|
|
|
</b> </td>
|
|
|
|
|
<td style="border-style:none" height="35" align="left">
|
2009-03-07 18:17:57 +00:00
|
|
|
<input type="password" name="passwd" tabindex="2">
|
2005-01-15 12:11:03 +00:00
|
|
|
</td>
|
|
|
|
|
</tr>
|
|
|
|
|
<tr>
|
|
|
|
|
<td style="border-style:none" align="right"><b>
|
|
|
|
|
<?php
|
2005-05-16 09:36:33 +00:00
|
|
|
echo _("Language") . ":";
|
2005-01-15 12:11:03 +00:00
|
|
|
?>
|
|
|
|
|
</b> </td>
|
|
|
|
|
<td style="border-style:none" height="35" align="left">
|
2009-03-07 18:17:57 +00:00
|
|
|
<select name="language" size="1" tabindex="3">
|
2005-01-15 12:11:03 +00:00
|
|
|
<?php
|
|
|
|
|
for($i = 0; $i < count($languages); $i++) {
|
|
|
|
|
if($languages[$i]["default"] == "YES") {
|
|
|
|
|
?>
|
|
|
|
|
<option selected value="<?php echo $languages[$i]["link"] . ":" . $languages[$i]["descr"]; ?>"><?php echo $languages[$i]["descr"]; ?></option>
|
|
|
|
|
<?php
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
?>
|
|
|
|
|
<option value="<?php echo $languages[$i]["link"] . ":" . $languages[$i]["descr"]; ?>"><?php echo $languages[$i]["descr"]; ?></option>
|
|
|
|
|
<?php
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
?>
|
|
|
|
|
</select>
|
|
|
|
|
</td>
|
|
|
|
|
</tr>
|
|
|
|
|
<tr>
|
|
|
|
|
<td style="border-style:none" height="50" colspan="2" align="center">
|
|
|
|
|
<input name="checklogin" type="hidden" value="checklogin">
|
2009-03-07 18:17:57 +00:00
|
|
|
<input name="submit" type="submit" value="<?php echo _("Login"); ?>" tabindex="4">
|
2005-01-15 12:11:03 +00:00
|
|
|
</td>
|
|
|
|
|
</tr>
|
|
|
|
|
<tr>
|
2005-05-16 09:36:33 +00:00
|
|
|
<td style="border-style:none" colspan="2" align="center">
|
2005-01-15 12:11:03 +00:00
|
|
|
<?php
|
|
|
|
|
if($error_message != "") {
|
|
|
|
|
echo "<font color=\"red\"><b>" . $error_message . "</b></font>";
|
|
|
|
|
}
|
|
|
|
|
?>
|
|
|
|
|
</td>
|
|
|
|
|
</tr>
|
|
|
|
|
</table>
|
|
|
|
|
</form>
|
2004-02-16 17:02:01 +00:00
|
|
|
</td>
|
2005-01-15 12:11:03 +00:00
|
|
|
</tr>
|
|
|
|
|
<tr>
|
2007-02-11 13:55:03 +00:00
|
|
|
<td style="border-style:none">
|
2005-01-15 12:11:03 +00:00
|
|
|
<form action="login.php" method="post">
|
|
|
|
|
<table width="580">
|
|
|
|
|
<tr>
|
|
|
|
|
<td style="border-style:none" height="30" colspan="2">
|
|
|
|
|
<hr>
|
|
|
|
|
<b>
|
|
|
|
|
<?php
|
|
|
|
|
echo _("LDAP server") . ": ";
|
|
|
|
|
?></b>
|
|
|
|
|
<?php echo $config_object->get_ServerURL(); ?>
|
|
|
|
|
</td>
|
|
|
|
|
</tr>
|
|
|
|
|
<tr>
|
|
|
|
|
<td style="border-style:none" height="30"><b>
|
|
|
|
|
<?php
|
2006-04-23 16:33:25 +00:00
|
|
|
echo _("Server profile") . ": ";
|
2005-11-06 10:34:33 +00:00
|
|
|
if(empty($_POST['profileChange'])) {
|
2007-12-29 18:59:09 +00:00
|
|
|
$_POST['profile'] = $_SESSION['config']->getName();
|
2005-01-15 12:11:03 +00:00
|
|
|
}
|
|
|
|
|
?></b>
|
|
|
|
|
<?php echo $_POST['profile']; ?>
|
|
|
|
|
</td>
|
|
|
|
|
<td style="border-style:none" height="30" align="right">
|
2009-03-07 18:17:57 +00:00
|
|
|
<select name="profile" size="1" tabindex="5">
|
2005-01-15 12:11:03 +00:00
|
|
|
<?php
|
|
|
|
|
for($i=0;$i<count($profiles);$i++) {
|
|
|
|
|
?>
|
|
|
|
|
<option value="<?php echo $profiles[$i]; ?>"><?php echo $profiles[$i]; ?></option>
|
|
|
|
|
<?php
|
|
|
|
|
}
|
|
|
|
|
?>
|
|
|
|
|
</select>
|
|
|
|
|
<input name="profileChange" type="hidden" value="profileChange">
|
2009-03-07 18:17:57 +00:00
|
|
|
<input name="submit" type="submit" value="<?php echo _("Change profile"); ?>" tabindex="6">
|
2005-01-15 12:11:03 +00:00
|
|
|
</td>
|
|
|
|
|
</tr>
|
|
|
|
|
<tr>
|
|
|
|
|
<td style="border-style:none" height="10" colspan="2"></td>
|
|
|
|
|
</tr>
|
|
|
|
|
</table>
|
|
|
|
|
</form>
|
2004-02-16 17:02:01 +00:00
|
|
|
</td>
|
2005-01-15 12:11:03 +00:00
|
|
|
</tr>
|
|
|
|
|
</table>
|
2008-07-30 20:34:19 +00:00
|
|
|
</div>
|
2003-07-23 08:08:25 +00:00
|
|
|
<br><br>
|
2005-05-06 10:55:20 +00:00
|
|
|
<TABLE style="position:absolute; bottom:10px;" border="0" width="99%">
|
|
|
|
|
<TR><TD align="right"><HR>
|
|
|
|
|
<SMALL>
|
|
|
|
|
<?php
|
2006-10-18 16:08:58 +00:00
|
|
|
if (isLAMProVersion()) {
|
2006-07-30 10:41:12 +00:00
|
|
|
echo "LDAP Account Manager <b>Pro</b>: <b>" . LAMVersion() . "</b> ";
|
2010-01-25 16:38:36 +00:00
|
|
|
logNewMessage(LOG_DEBUG, "LAM Pro " . LAMVersion());
|
2006-07-30 10:41:12 +00:00
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
echo "LDAP Account Manager: <b>" . LAMVersion() . "</b> ";
|
2010-01-25 16:38:36 +00:00
|
|
|
logNewMessage(LOG_DEBUG, "LAM " . LAMVersion());
|
2006-07-30 10:41:12 +00:00
|
|
|
}
|
2005-05-06 10:55:20 +00:00
|
|
|
?>
|
|
|
|
|
</SMALL>
|
|
|
|
|
</TD></TR>
|
|
|
|
|
</TABLE>
|
2003-07-23 08:08:25 +00:00
|
|
|
</body>
|
|
|
|
|
</html>
|
|
|
|
|
<?php
|
2003-04-23 21:01:18 +00:00
|
|
|
}
|
|
|
|
|
|
2003-03-14 11:32:28 +00:00
|
|
|
// checking if the submitted username/password is correct.
|
2009-05-03 15:40:14 +00:00
|
|
|
if(!empty($_POST['checklogin'])) {
|
2003-04-23 21:01:18 +00:00
|
|
|
include_once("../lib/ldap.inc"); // Include ldap.php which provides Ldap class
|
2003-03-20 16:41:52 +00:00
|
|
|
|
2003-08-13 19:21:36 +00:00
|
|
|
$_SESSION['ldap'] = new Ldap($_SESSION['config']); // Create new Ldap object
|
2003-10-18 11:26:49 +00:00
|
|
|
|
2009-05-03 15:40:14 +00:00
|
|
|
if($_POST['passwd'] == "") {
|
2010-01-25 16:38:36 +00:00
|
|
|
logNewMessage(LOG_DEBUG, "Empty password for login");
|
2005-05-16 09:36:33 +00:00
|
|
|
$error_message = _("Empty password submitted. Please try again.");
|
2005-06-03 12:09:08 +00:00
|
|
|
display_LoginPage($_SESSION['config']); // Empty password submitted. Return to login page.
|
2010-03-28 11:44:17 +00:00
|
|
|
exit();
|
2003-03-14 11:32:28 +00:00
|
|
|
}
|
2009-05-03 15:40:14 +00:00
|
|
|
else {
|
|
|
|
|
$clientSource = $_SERVER['REMOTE_ADDR'] . '/' . $_SERVER['REMOTE_HOST'];
|
2004-12-16 19:29:28 +00:00
|
|
|
if (get_magic_quotes_gpc() == 1) {
|
|
|
|
|
$_POST['passwd'] = stripslashes($_POST['passwd']);
|
|
|
|
|
}
|
2009-03-07 18:17:57 +00:00
|
|
|
$username = $_POST['username'];
|
|
|
|
|
// search user in LDAP if needed
|
|
|
|
|
if ($_SESSION['config']->getLoginMethod() == LAMConfig::LOGIN_SEARCH) {
|
|
|
|
|
$searchFilter = $_SESSION['config']->getLoginSearchFilter();
|
|
|
|
|
$searchFilter = str_replace('%USER%', $username ,$searchFilter);
|
|
|
|
|
$searchSuccess = true;
|
|
|
|
|
$searchError = '';
|
2009-11-03 20:57:53 +00:00
|
|
|
$searchLDAP = new Ldap($_SESSION['config']);
|
|
|
|
|
$searchLDAPResult = $searchLDAP->connect('', '', true);
|
|
|
|
|
if (! ($searchLDAPResult == 0)) {
|
|
|
|
|
$searchSuccess = false;
|
|
|
|
|
$searchError = _('Cannot connect to specified LDAP server. Please try again.') . ' ' . @ldap_error($searchLDAP->server());
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$searchResult = @ldap_search($searchLDAP->server(), $_SESSION['config']->getLoginSearchSuffix(), $searchFilter, array('dn'), 0, 0, 0, LDAP_DEREF_NEVER);
|
|
|
|
|
if ($searchResult) {
|
|
|
|
|
$searchInfo = @ldap_get_entries($searchLDAP->server(), $searchResult);
|
|
|
|
|
if ($searchInfo) {
|
2009-12-19 16:28:16 +00:00
|
|
|
$searchInfo = cleanLDAPResult($searchInfo);
|
|
|
|
|
if (sizeof($searchInfo) == 0) {
|
2009-11-03 20:57:53 +00:00
|
|
|
$searchSuccess = false;
|
|
|
|
|
$searchError = _('Wrong password/user name combination. Please try again.');
|
|
|
|
|
}
|
2009-12-19 16:28:16 +00:00
|
|
|
elseif (sizeof($searchInfo) > 1) {
|
2009-11-03 20:57:53 +00:00
|
|
|
$searchSuccess = false;
|
|
|
|
|
$searchError = _('The given user name matches multiple LDAP entries.');
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$username = $searchInfo[0]['dn'];
|
|
|
|
|
}
|
2009-03-07 18:17:57 +00:00
|
|
|
}
|
|
|
|
|
else {
|
2009-11-03 20:57:53 +00:00
|
|
|
$searchSuccess = false;
|
|
|
|
|
$searchError = _('Unable to find the user name in LDAP.');
|
|
|
|
|
if (ldap_errno($searchLDAP->server()) != 0) $searchError .= ' ' . ldap_error($searchLDAP->server());
|
2009-03-07 18:17:57 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$searchSuccess = false;
|
2009-11-03 20:57:53 +00:00
|
|
|
$searchError = _('Unable to find the user name in LDAP.');
|
|
|
|
|
if (ldap_errno($searchLDAP->server()) != 0) $searchError .= ' ' . ldap_error($searchLDAP->server());
|
2009-03-07 18:17:57 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (!$searchSuccess) {
|
|
|
|
|
$error_message = $searchError;
|
2009-05-03 15:40:14 +00:00
|
|
|
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' (' . $clientSource . ') failed to log in. ' . $searchError . '');
|
2009-03-07 18:17:57 +00:00
|
|
|
$searchLDAP->close();
|
|
|
|
|
display_LoginPage($_SESSION['config']);
|
|
|
|
|
exit();
|
|
|
|
|
}
|
|
|
|
|
$searchLDAP->close();
|
|
|
|
|
}
|
|
|
|
|
// try to connect to LDAP
|
|
|
|
|
$result = $_SESSION['ldap']->connect($username,$_POST['passwd']); // Connect to LDAP server for verifing username/password
|
|
|
|
|
if($result === 0) {// Username/password correct. Do some configuration and load main frame.
|
2003-10-22 17:42:12 +00:00
|
|
|
$_SESSION['loggedIn'] = true;
|
2006-03-26 11:39:30 +00:00
|
|
|
// set security settings for session
|
|
|
|
|
$_SESSION['sec_session_id'] = session_id();
|
|
|
|
|
$_SESSION['sec_client_ip'] = $_SERVER['REMOTE_ADDR'];
|
2006-04-18 10:57:16 +00:00
|
|
|
$_SESSION['sec_sessionTime'] = time();
|
2006-04-23 16:33:25 +00:00
|
|
|
// logging
|
2009-05-03 15:40:14 +00:00
|
|
|
logNewMessage(LOG_NOTICE, 'User ' . $_POST['username'] . ' (' . $clientSource . ') successfully logged in.');
|
2006-03-26 11:39:30 +00:00
|
|
|
// Load main frame
|
2007-06-16 11:50:25 +00:00
|
|
|
metaRefresh("./main.php");
|
|
|
|
|
die();
|
2003-03-15 12:13:49 +00:00
|
|
|
}
|
2009-03-07 18:17:57 +00:00
|
|
|
else {
|
2006-04-23 16:33:25 +00:00
|
|
|
if ($result === False) {
|
2009-11-03 20:57:53 +00:00
|
|
|
// connection failed
|
2005-05-16 09:36:33 +00:00
|
|
|
$error_message = _("Cannot connect to specified LDAP server. Please try again.");
|
2009-05-03 15:40:14 +00:00
|
|
|
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' (' . $clientSource . ') failed to log in (LDAP error: ' . ldap_err2str($result) . ').');
|
2003-12-03 23:03:10 +00:00
|
|
|
}
|
2006-04-23 16:33:25 +00:00
|
|
|
elseif ($result == 81) {
|
2009-11-03 20:57:53 +00:00
|
|
|
// connection failed
|
2005-05-16 09:36:33 +00:00
|
|
|
$error_message = _("Cannot connect to specified LDAP server. Please try again.");
|
2009-05-03 15:40:14 +00:00
|
|
|
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' (' . $clientSource . ') failed to log in (LDAP error: ' . ldap_err2str($result) . ').');
|
2003-12-03 23:03:10 +00:00
|
|
|
}
|
2006-04-23 16:33:25 +00:00
|
|
|
elseif ($result == 49) {
|
2009-11-03 20:57:53 +00:00
|
|
|
// user name/password invalid. Return to login page.
|
2005-05-16 09:36:33 +00:00
|
|
|
$error_message = _("Wrong password/user name combination. Please try again.");
|
2009-05-03 15:40:14 +00:00
|
|
|
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' (' . $clientSource . ') failed to log in (wrong password).');
|
2003-05-18 18:59:02 +00:00
|
|
|
}
|
2006-04-23 16:33:25 +00:00
|
|
|
else {
|
2009-11-03 20:57:53 +00:00
|
|
|
// other errors
|
2003-12-03 23:03:10 +00:00
|
|
|
$error_message = _("LDAP error, server says:") . "\n<br>($result) " . ldap_err2str($result);
|
2009-05-03 15:40:14 +00:00
|
|
|
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' (' . $clientSource . ') failed to log in (LDAP error: ' . ldap_err2str($result) . ').');
|
2003-05-18 18:59:02 +00:00
|
|
|
}
|
2010-02-06 11:50:26 +00:00
|
|
|
display_LoginPage($_SESSION['config']);
|
|
|
|
|
exit();
|
2003-03-15 12:13:49 +00:00
|
|
|
}
|
2003-03-14 11:32:28 +00:00
|
|
|
}
|
|
|
|
|
}
|
2003-03-20 16:37:20 +00:00
|
|
|
|
2010-02-06 11:50:26 +00:00
|
|
|
display_LoginPage($_SESSION["config"]);
|
|
|
|
|
|
2003-08-16 17:30:20 +00:00
|
|
|
?>
|
