2003-04-23 21:01:18 +00:00
< ? php
2017-03-06 18:32:30 +00:00
namespace LAM\LOGIN ;
2017-02-11 18:39:05 +00:00
use LAM\LIB\TWO_FACTOR\TwoFactorProviderService ;
2017-03-06 18:32:30 +00:00
use \LAMConfig ;
use \LAMCfgMain ;
use \htmlSpacer ;
use \htmlOutputText ;
use \htmlSelect ;
use \htmlInputField ;
use \htmlGroup ;
use \htmlInputCheckbox ;
use \htmlButton ;
use \htmlStatusMessage ;
use \Ldap ;
2017-10-31 14:22:34 +00:00
use \htmlResponsiveRow ;
use \htmlDiv ;
2003-03-13 19:48:49 +00:00
/*
2009-10-27 18:47:12 +00:00
This code is part of LDAP Account Manager ( http :// www . ldap - account - manager . org / )
2006-03-03 17:30:35 +00:00
Copyright ( C ) 2003 - 2006 Michael Duergner
2018-03-03 09:28:21 +00:00
2005 - 2018 Roland Gruber
2003-03-13 19:48:49 +00:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
2003-03-14 11:32:28 +00:00
2003-03-13 19:48:49 +00:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2003-03-14 11:32:28 +00:00
2003-03-13 19:48:49 +00:00
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 - 1307 USA
2005-07-20 18:07:10 +00:00
*/
2003-03-14 11:32:28 +00:00
2005-07-20 18:07:10 +00:00
/**
* Login form of LDAP Account Manager .
*
* @ author Michael Duergner
2010-01-25 16:38:36 +00:00
* @ author Roland Gruber
2005-07-20 18:07:10 +00:00
* @ package main
2003-03-13 19:48:49 +00:00
*/
2003-03-18 20:55:43 +00:00
2005-11-03 12:31:16 +00:00
/** status messages */
include_once ( " ../lib/status.inc " );
2008-02-21 19:24:37 +00:00
2010-01-25 16:56:19 +00:00
/** check environment */
include '../lib/checkEnvironment.inc' ;
2008-02-21 19:24:37 +00:00
2006-04-23 16:33:25 +00:00
/** security functions */
include_once ( " ../lib/security.inc " );
2006-10-18 16:08:58 +00:00
/** self service functions */
include_once ( " ../lib/selfService.inc " );
2005-07-20 18:07:10 +00:00
/** access to configuration options */
2016-08-21 09:16:44 +00:00
include_once ( " ../lib/config.inc " );
2017-03-06 18:32:30 +00:00
$licenseValidator = null ;
2016-08-21 09:16:44 +00:00
if ( isLAMProVersion ()) {
include_once ( " ../lib/env.inc " );
2016-10-25 17:50:46 +00:00
$licenseValidator = new \LAM\ENV\LAMLicenseValidator ();
$licenseValidator -> validateAndRedirect ( 'config/mainlogin.php?invalidLicense=1' , 'config/mainlogin.php?invalidLicense=2' );
2016-08-21 09:16:44 +00:00
}
2003-03-23 14:41:15 +00:00
2012-10-28 14:37:54 +00:00
/** Upgrade functions */
include_once ( " ../lib/upgrade.inc " );
2009-07-08 18:03:28 +00:00
// set session save path
if ( strtolower ( session_module_name ()) == 'files' ) {
2010-02-06 11:50:26 +00:00
session_save_path ( dirname ( __FILE__ ) . '/../sess' );
2009-07-08 18:03:28 +00:00
}
2010-02-06 11:50:26 +00:00
// start empty session and change ID for security reasons
2018-03-10 17:48:11 +00:00
lam_start_session ();
2010-02-06 11:50:26 +00:00
session_destroy ();
2018-03-10 17:48:11 +00:00
lam_start_session ();
2010-02-06 11:50:26 +00:00
session_regenerate_id ( true );
2003-04-23 21:01:18 +00:00
2013-01-10 18:11:29 +00:00
$profiles = getConfigProfiles ();
2008-05-25 16:25:09 +00:00
// save last selected login profile
2013-07-21 10:05:16 +00:00
if ( isset ( $_GET [ 'useProfile' ])) {
2013-01-10 18:11:29 +00:00
if ( in_array ( $_GET [ 'useProfile' ], $profiles )) {
2015-12-19 09:12:47 +00:00
setcookie ( " lam_default_profile " , $_GET [ 'useProfile' ], time () + 365 * 60 * 60 * 24 , '/' , null , null , true );
2010-07-30 16:08:20 +00:00
}
else {
unset ( $_GET [ 'useProfile' ]);
}
2008-05-25 16:25:09 +00:00
}
2013-07-21 10:05:16 +00:00
// save last selected language
if ( isset ( $_POST [ 'language' ])) {
2015-12-19 09:12:47 +00:00
setcookie ( 'lam_last_language' , htmlspecialchars ( $_POST [ 'language' ]), time () + 365 * 60 * 60 * 24 , '/' , null , null , true );
2013-07-21 10:05:16 +00:00
}
2010-02-06 11:50:26 +00:00
// init some session variables
$default_Config = new LAMCfgMain ();
$_SESSION [ " cfgMain " ] = $default_Config ;
2013-08-13 18:22:21 +00:00
setSSLCaCert ();
2010-02-06 11:50:26 +00:00
$default_Profile = $default_Config -> default ;
2013-01-10 18:11:29 +00:00
if ( isset ( $_COOKIE [ " lam_default_profile " ]) && in_array ( $_COOKIE [ " lam_default_profile " ], $profiles )) {
2010-02-06 11:50:26 +00:00
$default_Profile = $_COOKIE [ " lam_default_profile " ];
}
// Reload loginpage after a profile change
2013-01-10 18:11:29 +00:00
if ( isset ( $_GET [ 'useProfile' ]) && in_array ( $_GET [ 'useProfile' ], $profiles )) {
2010-07-30 16:08:20 +00:00
logNewMessage ( LOG_DEBUG , " Change server profile to " . $_GET [ 'useProfile' ]);
$_SESSION [ 'config' ] = new LAMConfig ( $_GET [ 'useProfile' ]); // Recreate the config object with the submited
2010-02-06 11:50:26 +00:00
}
// Load login page
2013-01-10 18:11:29 +00:00
elseif ( ! empty ( $default_Profile ) && in_array ( $default_Profile , $profiles )) {
2010-02-06 11:50:26 +00:00
$_SESSION [ " config " ] = new LAMConfig ( $default_Profile ); // Create new Config object
}
2013-01-10 18:11:29 +00:00
else if ( sizeof ( $profiles ) > 0 ) {
// use first profile as fallback
$_SESSION [ " config " ] = new LAMConfig ( $profiles [ 0 ]);
}
2013-01-12 11:28:43 +00:00
else {
$_SESSION [ " config " ] = null ;
}
2013-01-10 18:11:29 +00:00
2017-05-06 11:48:48 +00:00
$error_message = null ;
2013-01-10 18:11:29 +00:00
if ( ! isset ( $default_Config -> default ) || ! in_array ( $default_Config -> default , $profiles )) {
$error_message = _ ( 'No default profile set. Please set it in the server profile configuration.' );
}
2010-02-06 11:50:26 +00:00
2014-02-02 12:36:12 +00:00
$possibleLanguages = getLanguages ();
$encoding = 'UTF-8' ;
2013-07-21 10:05:16 +00:00
if ( isset ( $_COOKIE [ 'lam_last_language' ])) {
2014-02-02 12:36:12 +00:00
foreach ( $possibleLanguages as $lang ) {
if ( strpos ( $_COOKIE [ 'lam_last_language' ], $lang -> code ) === 0 ) {
$_SESSION [ 'language' ] = $lang -> code ;
$encoding = $lang -> encoding ;
break ;
}
}
2013-07-21 10:05:16 +00:00
}
elseif ( ! empty ( $_SESSION [ " config " ])) {
2014-02-02 12:36:12 +00:00
$defaultLang = $_SESSION [ " config " ] -> get_defaultLanguage ();
foreach ( $possibleLanguages as $lang ) {
if ( strpos ( $defaultLang , $lang -> code ) === 0 ) {
$_SESSION [ 'language' ] = $lang -> code ;
$encoding = $lang -> encoding ;
break ;
}
}
2013-01-05 16:22:58 +00:00
}
else {
2014-02-02 12:36:12 +00:00
$_SESSION [ 'language' ] = 'en_GB.utf8' ;
2013-01-05 16:22:58 +00:00
}
2010-02-06 11:50:26 +00:00
if ( isset ( $_POST [ 'language' ])) {
2014-02-02 12:36:12 +00:00
foreach ( $possibleLanguages as $lang ) {
if ( strpos ( $_POST [ 'language' ], $lang -> code ) === 0 ) {
$_SESSION [ 'language' ] = $lang -> code ;
$encoding = $lang -> encoding ;
break ;
}
}
2010-02-06 11:50:26 +00:00
}
2014-02-02 12:36:12 +00:00
2010-02-06 11:50:26 +00:00
$_SESSION [ 'header' ] = " <!DOCTYPE HTML PUBLIC \" -//W3C//DTD HTML 4.01 Transitional//EN \" \" http://www.w3.org/TR/html4/loose.dtd \" > \n \n " ;
$_SESSION [ 'header' ] .= " <html> \n <head> \n " ;
2014-02-02 12:36:12 +00:00
$_SESSION [ 'header' ] .= " <meta http-equiv= \" content-type \" content= \" text/html; charset= " . $encoding . " \" > \n " ;
2010-02-06 11:50:26 +00:00
$_SESSION [ 'header' ] .= " <meta http-equiv= \" pragma \" content= \" no-cache \" > \n <meta http-equiv= \" cache-control \" content= \" no-cache \" > " ;
2005-06-03 12:09:08 +00:00
/**
* Displays the login window .
*
2017-03-06 18:32:30 +00:00
* @ param \LAM\ENV\LAMLicenseValidator $licenseValidator license validator
* @ param string $error_message error message to display
2005-06-03 12:09:08 +00:00
*/
2018-01-16 17:31:52 +00:00
function display_LoginPage ( $licenseValidator , $error_message ) {
$config_object = $_SESSION [ 'config' ];
$cfgMain = $_SESSION [ " cfgMain " ];
2010-01-25 16:38:36 +00:00
logNewMessage ( LOG_DEBUG , " Display login page " );
2003-04-23 21:01:18 +00:00
// generate 256 bit key and initialization vector for user/passwd-encryption
2017-04-02 17:37:06 +00:00
if ( function_exists ( 'openssl_random_pseudo_bytes' ) && ( $cfgMain -> encryptSession == 'true' )) {
$key = openssl_random_pseudo_bytes ( 32 );
$iv = openssl_random_pseudo_bytes ( 16 );
2005-08-10 19:18:35 +00:00
// save both in cookie
2015-12-19 09:12:47 +00:00
setcookie ( " Key " , base64_encode ( $key ), 0 , " / " , null , null , true );
setcookie ( " IV " , base64_encode ( $iv ), 0 , " / " , null , null , true );
2003-10-02 17:54:04 +00:00
}
2015-08-02 19:16:46 +00:00
2003-07-14 21:59:09 +00:00
$profiles = getConfigProfiles ();
2003-05-07 19:53:58 +00:00
setlanguage (); // setting correct language
2003-07-23 08:08:25 +00:00
echo $_SESSION [ " header " ];
2017-11-04 10:29:38 +00:00
printHeaderContents ( 'LDAP Account Manager' , '..' );
2003-07-23 08:08:25 +00:00
?>
</ head >
2017-11-24 18:22:11 +00:00
< body class = " admin " >
2005-05-15 13:14:45 +00:00
< ? php
2010-07-30 16:08:20 +00:00
// include all JavaScript files
2017-11-04 10:29:38 +00:00
printJsIncludes ( '..' );
2015-08-02 19:16:46 +00:00
2012-10-28 14:37:54 +00:00
// upgrade if pdf/profiles contain single files
if ( containsFiles ( '../config/profiles' ) || containsFiles ( '../config/pdf' )) {
$result = testPermissions ();
if ( sizeof ( $result ) > 0 ) {
StatusMessage ( 'ERROR' , 'Unable to migrate configuration files. Please allow write access to these paths:' , implode ( '<br>' , $result ));
}
else {
2013-01-10 18:11:29 +00:00
upgradeConfigToServerProfileFolders ( $profiles );
2012-10-29 19:41:22 +00:00
StatusMessage ( 'INFO' , 'Config file migration finished.' );
2012-10-28 14:37:54 +00:00
}
}
2015-08-02 19:16:46 +00:00
2016-10-25 17:50:46 +00:00
if ( isLAMProVersion () && $licenseValidator -> isEvaluationLicense ()) {
StatusMessage ( 'INFO' , _ ( 'Evaluation Licence' ));
}
2005-05-15 13:14:45 +00:00
?>
2010-07-30 16:08:20 +00:00
2010-08-31 18:05:17 +00:00
< table border = 0 width = " 100% " class = " lamHeader ui-corner-all " >
2003-07-23 08:08:25 +00:00
< tr >
2017-11-23 17:40:04 +00:00
< td align = " left " height = " 30 " width = " 34% " >
2017-10-31 14:22:34 +00:00
< a class = " lamLogo " href = " http://www.ldap-account-manager.org/ " target = " new_window " >
2017-12-15 15:58:54 +00:00
LAM
2017-10-31 14:22:34 +00:00
< ? php
if ( isLAMProVersion ()) {
echo 'Pro ' ;
}
echo ' - ' . LAMVersion ();
?>
</ a >
2009-05-03 18:23:25 +00:00
</ td >
2017-11-23 17:40:04 +00:00
< td align = " center " height = 30 width = " 34% " >
< span class = " hide-for-small " >
< a href = " http://www.ldap-account-manager.org/lamcms/lamPro " > < ? php if ( ! isLAMProVersion ()) { echo ( _ ( " Want more features? Get LAM Pro! " ));} ?> </a>
</ span >
</ td >
< td align = " right " height = 30 width = " 34% " >
< a class = " margin-right5 " href = " ./config/index.php " >< IMG alt = " configuration " src = " ../graphics/tools.png " >& nbsp ; < span class = " hide-for-small " >< ? php echo _ ( " LAM configuration " ) ?> </span></a>
</ td >
2003-07-23 08:08:25 +00:00
</ tr >
</ table >
2015-08-02 19:16:46 +00:00
2017-10-31 14:22:34 +00:00
< br >
2010-07-30 16:08:20 +00:00
2003-10-18 11:26:49 +00:00
< ? php
2013-01-05 16:08:51 +00:00
if ( ! empty ( $config_object )) {
2013-01-05 16:22:58 +00:00
// check extensions
$extList = getRequiredExtensions ();
2017-10-24 19:06:18 +00:00
foreach ( $extList as $extension ) {
if ( ! extension_loaded ( $extension )) {
StatusMessage ( " ERROR " , " A required PHP extension is missing! " , $extension );
2013-01-05 16:22:58 +00:00
echo " <br> " ;
}
}
// check TLS
2013-01-05 16:08:51 +00:00
$useTLS = $config_object -> getUseTLS ();
if ( isset ( $useTLS ) && ( $useTLS == " yes " )) {
if ( ! function_exists ( 'ldap_start_tls' )) {
StatusMessage ( " ERROR " , " Your PHP installation does not support TLS encryption! " );
echo " <br> " ;
}
2009-05-03 17:31:39 +00:00
}
}
2013-01-12 11:28:43 +00:00
else {
StatusMessage ( 'WARN' , _ ( 'Please enter the configuration and create a server profile.' ));
}
2006-05-01 08:56:40 +00:00
// check if session expired
if ( isset ( $_GET [ 'expired' ])) {
StatusMessage ( " ERROR " , _ ( " Your session expired, please log in again. " ));
echo " <br> " ;
}
2010-05-28 08:48:57 +00:00
// check if main config was saved
if ( isset ( $_GET [ 'confMainSavedOk' ])) {
StatusMessage ( " INFO " , _ ( " Your settings were successfully saved. " ));
echo " <br> " ;
}
2010-05-28 13:45:34 +00:00
// check if a server profile was saved
if ( isset ( $_GET [ 'configSaveOk' ])) {
StatusMessage ( " INFO " , _ ( " Your settings were successfully saved. " ), htmlspecialchars ( $_GET [ 'configSaveFile' ]));
echo " <br> " ;
}
elseif ( isset ( $_GET [ 'configSaveFailed' ])) {
StatusMessage ( " ERROR " , _ ( " Cannot open config file! " ), htmlspecialchars ( $_GET [ 'configSaveFile' ]));
echo " <br> " ;
}
2010-08-28 13:00:12 +00:00
// check if self service was saved
if ( isset ( $_GET [ 'selfserviceSaveOk' ])) {
2011-08-16 17:14:49 +00:00
StatusMessage ( " INFO " , _ ( " Your settings were successfully saved. " ), htmlspecialchars ( $_GET [ 'selfserviceSaveOk' ]));
2010-08-28 13:00:12 +00:00
echo " <br> " ;
2017-02-11 21:07:38 +00:00
}
if ( isset ( $_GET [ '2factor' ]) && ( $_GET [ '2factor' ] == 'error' )) {
StatusMessage ( 'ERROR' , _ ( " Unable to start 2-factor authentication. " ));
echo " <br> " ;
}
elseif ( isset ( $_GET [ '2factor' ]) && ( $_GET [ '2factor' ] == 'noToken' )) {
StatusMessage ( 'ERROR' , _ ( " Unable to start 2-factor authentication because no tokens were found. " ));
echo " <br> " ;
2010-08-28 13:00:12 +00:00
}
2013-01-05 16:08:51 +00:00
if ( ! empty ( $config_object )) {
2003-07-23 08:08:25 +00:00
?>
2012-09-09 14:02:27 +00:00
< br >< br >
2015-08-02 19:16:46 +00:00
< div class = " centeredTable " >
2017-10-31 14:22:34 +00:00
< div class = " roundedShadowBox limitWidth " style = " position:relative; z-index:5; " >
< table border = " 0 " rules = " none " bgcolor = " white " class = " ui-corner-all " >
2005-01-15 12:11:03 +00:00
< tr >
2017-10-31 14:22:34 +00:00
< td class = " loginLogo hide-for-small " style = " border-style:none " rowspan = " 3 " >
2005-01-15 12:11:03 +00:00
</ td >
2015-08-02 19:16:46 +00:00
< td style = " border-style:none " >
2005-01-15 12:11:03 +00:00
< form action = " login.php " method = " post " >
2012-09-09 14:02:27 +00:00
< ? php
2017-10-31 14:22:34 +00:00
$tabindex = 1 ;
$row = new htmlResponsiveRow ();
$row -> add ( new htmlSpacer ( null , '30px' ), 0 , 12 , 12 );
2012-09-09 14:02:27 +00:00
// user name
2017-10-31 14:22:34 +00:00
$row -> addLabel ( new htmlOutputText ( _ ( " User name " )));
2012-09-09 14:02:27 +00:00
if ( $config_object -> getLoginMethod () == LAMConfig :: LOGIN_LIST ) {
$admins = $config_object -> get_Admins ();
$adminList = array ();
2017-10-24 19:06:18 +00:00
foreach ( $admins as $admin ) {
$text = explode ( " , " , $admin );
2012-09-09 14:02:27 +00:00
$text = explode ( " = " , $text [ 0 ]);
2013-03-24 10:01:54 +00:00
if ( isset ( $text [ 1 ])) {
2017-10-24 19:06:18 +00:00
$adminList [ $text [ 1 ]] = $admin ;
2013-03-24 10:01:54 +00:00
}
else {
2017-10-24 19:06:18 +00:00
$adminList [ $text [ 0 ]] = $admin ;
2013-03-24 10:01:54 +00:00
}
2012-09-09 14:02:27 +00:00
}
2013-05-25 13:24:55 +00:00
$selectedAdmin = array ();
if ( isset ( $_POST [ 'username' ]) && in_array ( $_POST [ 'username' ], $adminList )) {
$selectedAdmin = array ( $_POST [ 'username' ]);
}
$userSelect = new htmlSelect ( 'username' , $adminList , $selectedAdmin );
2012-09-09 14:02:27 +00:00
$userSelect -> setHasDescriptiveElements ( true );
2017-10-31 14:22:34 +00:00
$userSelect -> setTransformSingleSelect ( false );
2017-11-24 18:22:11 +00:00
if ( empty ( $_COOKIE [ 'lam_login_name' ])) {
$userSelect -> setCSSClasses ( array ( 'lam-initial-focus' ));
}
2017-11-04 10:29:38 +00:00
$row -> addField ( new htmlDiv ( null , $userSelect ));
2012-09-09 14:02:27 +00:00
}
else {
if ( $config_object -> getHttpAuthentication () == 'true' ) {
2017-10-31 14:22:34 +00:00
$httpAuth = new htmlDiv ( null , new htmlOutputText ( $_SERVER [ 'PHP_AUTH_USER' ] . ' ' , false ));
$httpAuth -> setCSSClasses ( array ( 'text-left' , 'margin3' ));
$row -> addField ( $httpAuth );
2012-09-09 14:02:27 +00:00
}
else {
2013-01-20 19:13:27 +00:00
$user = '' ;
if ( isset ( $_COOKIE [ " lam_login_name " ])) {
$user = $_COOKIE [ " lam_login_name " ];
}
2017-11-24 18:22:11 +00:00
$userNameInput = new htmlInputField ( 'username' , $user );
if ( empty ( $_COOKIE [ 'lam_login_name' ])) {
$userNameInput -> setCSSClasses ( array ( 'lam-initial-focus' ));
}
$userInput = new htmlDiv ( null , $userNameInput );
2017-10-31 14:22:34 +00:00
$row -> addField ( $userInput );
2012-09-09 14:02:27 +00:00
}
}
// password
2017-10-31 14:22:34 +00:00
$row -> addLabel ( new \htmlOutputText ( _ ( " Password " )));
2012-09-09 14:02:27 +00:00
if (( $config_object -> getLoginMethod () == LAMConfig :: LOGIN_SEARCH ) && ( $config_object -> getHttpAuthentication () == 'true' )) {
2017-10-31 14:22:34 +00:00
$passwordInputFake = new htmlDiv ( null , new htmlOutputText ( '**********' ));
$passwordInputFake -> setCSSClasses ( array ( 'text-left' , 'margin3' ));
$row -> addField ( $passwordInputFake );
2012-09-09 14:02:27 +00:00
}
else {
$passwordInput = new htmlInputField ( 'passwd' );
$passwordInput -> setIsPassword ( true );
2017-11-24 18:22:11 +00:00
if (( $config_object -> getLoginMethod () == LAMConfig :: LOGIN_SEARCH ) && ! empty ( $_COOKIE [ 'lam_login_name' ])) {
$passwordInput -> setCSSClasses ( array ( 'lam-initial-focus' ));
}
2017-10-31 14:22:34 +00:00
$row -> addField ( $passwordInput );
2012-09-09 14:02:27 +00:00
}
// language
2017-10-31 14:22:34 +00:00
$row -> addLabel ( new htmlOutputText ( _ ( " Language " )));
2014-02-02 12:36:12 +00:00
$possibleLanguages = getLanguages ();
2012-09-09 14:02:27 +00:00
$languageList = array ();
$defaultLanguage = array ();
2014-02-02 12:36:12 +00:00
foreach ( $possibleLanguages as $lang ) {
$languageList [ $lang -> description ] = $lang -> code ;
if ( strpos ( trim ( $_SESSION [ " language " ]), $lang -> code ) === 0 ) {
$defaultLanguage [] = $lang -> code ;
2012-09-09 14:02:27 +00:00
}
}
$languageSelect = new htmlSelect ( 'language' , $languageList , $defaultLanguage );
$languageSelect -> setHasDescriptiveElements ( true );
2017-10-31 14:22:34 +00:00
$row -> addField ( $languageSelect , true );
2013-01-20 19:13:27 +00:00
// remember login user
if (( $config_object -> getLoginMethod () == LAMConfig :: LOGIN_SEARCH ) && ! ( $config_object -> getHttpAuthentication () == 'true' )) {
2017-10-31 14:22:34 +00:00
$row -> add ( new htmlOutputText ( ' ' , false ), 0 , 6 , 6 );
2013-01-20 19:13:27 +00:00
$rememberGroup = new htmlGroup ();
$doRemember = false ;
if ( isset ( $_COOKIE [ " lam_login_name " ])) {
$doRemember = true ;
}
$rememberGroup -> addElement ( new htmlInputCheckbox ( 'rememberLogin' , $doRemember ));
$rememberGroup -> addElement ( new htmlSpacer ( '1px' , null ));
$rememberGroup -> addElement ( new htmlOutputText ( _ ( 'Remember user name' )));
2017-10-31 14:22:34 +00:00
$rememberDiv = new htmlDiv ( null , $rememberGroup );
$rememberDiv -> setCSSClasses ( array ( 'text-left' , 'margin3' ));
$row -> add ( $rememberDiv , 12 , 6 , 6 );
2013-01-20 19:13:27 +00:00
}
2012-09-09 14:02:27 +00:00
// login button
2017-10-31 14:22:34 +00:00
$row -> add ( new htmlSpacer ( null , '20px' ), 12 );
$row -> add ( new htmlButton ( 'checklogin' , _ ( " Login " )), 12 );
2012-09-09 14:02:27 +00:00
// error message
2017-03-06 18:32:30 +00:00
if ( ! empty ( $error_message )) {
2017-10-31 14:22:34 +00:00
$row -> add ( new \htmlSpacer ( null , '5px' ), 12 );
2012-09-09 14:02:27 +00:00
$message = new htmlStatusMessage ( 'ERROR' , $error_message );
$message -> colspan = 3 ;
2017-10-31 14:22:34 +00:00
$row -> add ( $message , 12 );
2012-09-09 14:02:27 +00:00
}
2015-08-02 19:16:46 +00:00
2017-10-31 14:22:34 +00:00
parseHtml ( null , $row , array (), false , $tabindex , 'user' );
2012-09-09 14:02:27 +00:00
?>
2005-01-15 12:11:03 +00:00
</ form >
2004-02-16 17:02:01 +00:00
</ td >
2017-10-31 14:22:34 +00:00
< td class = " loginRightBox hide-for-small " style = " border-style:none " >
</ td >
</ tr >
< tr >
< td colspan = " 2 " style = " border-style:none; " >
< hr class = " margin20 " >
</ td >
2005-01-15 12:11:03 +00:00
</ tr >
< tr >
2017-10-31 14:22:34 +00:00
< td style = " border-style:none; " >
2005-01-15 12:11:03 +00:00
< form action = " login.php " method = " post " >
2012-09-09 14:02:27 +00:00
< ? php
2017-10-31 14:22:34 +00:00
$row = new htmlResponsiveRow ();
$row -> addLabel ( new htmlOutputText ( _ ( " LDAP server " )));
$serverUrl = new htmlOutputText ( $config_object -> getServerDisplayNameGUI ());
$serverUrlDiv = new htmlDiv ( null , $serverUrl );
$serverUrlDiv -> setCSSClasses ( array ( 'text-left' , 'margin3' ));
$row -> addField ( $serverUrlDiv );
$row -> addLabel ( new htmlOutputText ( _ ( " Server profile " )));
2012-09-09 14:02:27 +00:00
$profileSelect = new htmlSelect ( 'profile' , $profiles , array ( $_SESSION [ 'config' ] -> getName ()));
$profileSelect -> setOnchangeEvent ( 'loginProfileChanged(this)' );
2017-10-31 14:22:34 +00:00
$row -> addField ( $profileSelect );
2012-09-09 14:02:27 +00:00
2017-10-31 14:22:34 +00:00
parseHtml ( null , $row , array (), true , $tabindex , 'user' );
2012-09-09 14:02:27 +00:00
?>
2005-01-15 12:11:03 +00:00
</ form >
2004-02-16 17:02:01 +00:00
</ td >
2017-10-31 14:22:34 +00:00
< td class = " loginRightBox hide-for-small " style = " border-style:none " >
</ td >
2005-01-15 12:11:03 +00:00
</ tr >
</ table >
2008-07-30 20:34:19 +00:00
</ div >
2015-08-02 19:16:46 +00:00
</ div >
2013-01-05 16:08:51 +00:00
< ? php
}
?>
2003-07-23 08:08:25 +00:00
< br >< br >
2017-10-31 14:22:34 +00:00
< ? PHP
if ( isLAMProVersion () && $licenseValidator -> isExpiringSoon ()) {
2018-09-04 19:11:05 +00:00
$licenseMessage = sprintf ( _ ( 'Your licence expires on %s. You need to purchase a new licence to be able to use LAM Pro after this date.' ), $licenseValidator -> getLicense () -> getExpirationDate () -> format ( 'Y-m-d' ));
2017-10-31 14:22:34 +00:00
StatusMessage ( 'WARN' , $licenseMessage );
}
?>
< br >< br >
2003-07-23 08:08:25 +00:00
</ body >
</ html >
< ? php
2003-04-23 21:01:18 +00:00
}
2003-03-14 11:32:28 +00:00
// checking if the submitted username/password is correct.
2017-10-31 14:22:34 +00:00
if ( isset ( $_POST [ 'checklogin' ])) {
2003-04-23 21:01:18 +00:00
include_once ( " ../lib/ldap.inc " ); // Include ldap.php which provides Ldap class
2003-03-20 16:41:52 +00:00
2003-08-13 19:21:36 +00:00
$_SESSION [ 'ldap' ] = new Ldap ( $_SESSION [ 'config' ]); // Create new Ldap object
2015-08-02 19:16:46 +00:00
2011-08-23 19:05:05 +00:00
$clientSource = $_SERVER [ 'REMOTE_ADDR' ];
if ( isset ( $_SERVER [ 'REMOTE_HOST' ])) {
$clientSource .= '/' . $_SERVER [ 'REMOTE_HOST' ];
}
if (( $_SESSION [ 'config' ] -> getLoginMethod () == LAMConfig :: LOGIN_SEARCH ) && ( $_SESSION [ 'config' ] -> getHttpAuthentication () == 'true' )) {
$username = $_SERVER [ 'PHP_AUTH_USER' ];
$password = $_SERVER [ 'PHP_AUTH_PW' ];
2003-03-14 11:32:28 +00:00
}
2009-05-03 15:40:14 +00:00
else {
2013-01-20 19:13:27 +00:00
if ( isset ( $_POST [ 'rememberLogin' ]) && ( $_POST [ 'rememberLogin' ] == 'on' )) {
2015-12-19 09:12:47 +00:00
setcookie ( 'lam_login_name' , $_POST [ 'username' ], time () + 60 * 60 * 24 * 365 , '/' , null , null , true );
2013-01-20 19:13:27 +00:00
}
2013-01-20 19:28:14 +00:00
else if ( isset ( $_COOKIE [ 'lam_login_name' ]) && ( $_SESSION [ 'config' ] -> getLoginMethod () == LAMConfig :: LOGIN_SEARCH )) {
2015-12-19 09:12:47 +00:00
setcookie ( 'lam_login_name' , '' , time () + 60 * 60 * 24 * 365 , '/' , null , null , true );
2013-01-20 19:13:27 +00:00
}
2011-08-23 19:05:05 +00:00
if ( $_POST [ 'passwd' ] == " " ) {
logNewMessage ( LOG_DEBUG , " Empty password for login " );
$error_message = _ ( " Empty password submitted. Please try again. " );
2018-01-16 17:31:52 +00:00
display_LoginPage ( $licenseValidator , $error_message ); // Empty password submitted. Return to login page.
2011-08-23 19:05:05 +00:00
exit ();
2010-05-07 19:12:06 +00:00
}
2009-03-07 18:17:57 +00:00
$username = $_POST [ 'username' ];
2011-08-23 19:05:05 +00:00
$password = $_POST [ 'passwd' ];
}
// search user in LDAP if needed
if ( $_SESSION [ 'config' ] -> getLoginMethod () == LAMConfig :: LOGIN_SEARCH ) {
$searchFilter = $_SESSION [ 'config' ] -> getLoginSearchFilter ();
$searchFilter = str_replace ( '%USER%' , $username , $searchFilter );
2011-12-03 19:02:28 +00:00
$searchDN = '' ;
$searchPassword = '' ;
2018-03-03 09:28:21 +00:00
$configLoginSearchDn = $_SESSION [ 'config' ] -> getLoginSearchDN ();
if ( ! empty ( $configLoginSearchDn )) {
$searchDN = $configLoginSearchDn ;
2011-12-03 19:02:28 +00:00
$searchPassword = $_SESSION [ 'config' ] -> getLoginSearchPassword ();
}
2011-08-23 19:05:05 +00:00
$searchSuccess = true ;
$searchError = '' ;
$searchLDAP = new Ldap ( $_SESSION [ 'config' ]);
2011-12-03 19:02:28 +00:00
$searchLDAPResult = $searchLDAP -> connect ( $searchDN , $searchPassword , true );
2011-08-23 19:05:05 +00:00
if ( ! ( $searchLDAPResult == 0 )) {
$searchSuccess = false ;
2013-10-16 17:37:17 +00:00
$searchError = _ ( 'Cannot connect to specified LDAP server. Please try again.' ) . ' ' . getDefaultLDAPErrorString ( $searchLDAP -> server ());
2011-08-23 19:05:05 +00:00
}
else {
2017-10-24 18:48:34 +00:00
$searchResult = ldap_search ( $searchLDAP -> server (), $_SESSION [ 'config' ] -> getLoginSearchSuffix (), $searchFilter , array ( 'dn' ), 0 , 0 , 0 , LDAP_DEREF_NEVER );
2011-08-23 19:05:05 +00:00
if ( $searchResult ) {
2017-10-24 18:48:34 +00:00
$searchInfo = ldap_get_entries ( $searchLDAP -> server (), $searchResult );
2011-08-23 19:05:05 +00:00
if ( $searchInfo ) {
cleanLDAPResult ( $searchInfo );
if ( sizeof ( $searchInfo ) == 0 ) {
$searchSuccess = false ;
$searchError = _ ( 'Wrong password/user name combination. Please try again.' );
2009-03-07 18:17:57 +00:00
}
2011-08-23 19:05:05 +00:00
elseif ( sizeof ( $searchInfo ) > 1 ) {
2009-11-03 20:57:53 +00:00
$searchSuccess = false ;
2011-08-23 19:05:05 +00:00
$searchError = _ ( 'The given user name matches multiple LDAP entries.' );
}
else {
$username = $searchInfo [ 0 ][ 'dn' ];
2009-03-07 18:17:57 +00:00
}
}
else {
$searchSuccess = false ;
2009-11-03 20:57:53 +00:00
$searchError = _ ( 'Unable to find the user name in LDAP.' );
2013-10-16 17:37:17 +00:00
if ( ldap_errno ( $searchLDAP -> server ()) != 0 ) $searchError .= ' ' . getDefaultLDAPErrorString ( $searchLDAP -> server ());
2009-03-07 18:17:57 +00:00
}
}
2011-08-23 19:05:05 +00:00
else {
$searchSuccess = false ;
$searchError = _ ( 'Unable to find the user name in LDAP.' );
2013-10-16 17:37:17 +00:00
if ( ldap_errno ( $searchLDAP -> server ()) != 0 ) $searchError .= ' ' . getDefaultLDAPErrorString ( $searchLDAP -> server ());
2009-03-07 18:17:57 +00:00
}
2011-08-23 19:05:05 +00:00
}
if ( ! $searchSuccess ) {
$error_message = $searchError ;
logNewMessage ( LOG_ERR , 'User ' . $username . ' (' . $clientSource . ') failed to log in. ' . $searchError . '' );
2009-03-07 18:17:57 +00:00
$searchLDAP -> close ();
2018-01-16 17:31:52 +00:00
display_LoginPage ( $licenseValidator , $error_message );
2011-08-23 19:05:05 +00:00
exit ();
}
$searchLDAP -> close ();
}
// try to connect to LDAP
$result = $_SESSION [ 'ldap' ] -> connect ( $username , $password ); // Connect to LDAP server for verifing username/password
if ( $result === 0 ) { // Username/password correct. Do some configuration and load main frame.
$_SESSION [ 'loggedIn' ] = true ;
// set security settings for session
$_SESSION [ 'sec_session_id' ] = session_id ();
$_SESSION [ 'sec_client_ip' ] = $_SERVER [ 'REMOTE_ADDR' ];
$_SESSION [ 'sec_sessionTime' ] = time ();
2015-05-14 09:18:45 +00:00
addSecurityTokenToSession ();
2011-08-23 19:05:05 +00:00
// logging
logNewMessage ( LOG_NOTICE , 'User ' . $username . ' (' . $clientSource . ') successfully logged in.' );
2017-02-11 18:39:05 +00:00
// Load main frame or 2 factor page
if ( $_SESSION [ 'config' ] -> getTwoFactorAuthentication () == TwoFactorProviderService :: TWO_FACTOR_NONE ) {
metaRefresh ( " ./main.php " );
}
else {
$_SESSION [ '2factorRequired' ] = true ;
if (( $_SESSION [ 'config' ] -> getLoginMethod () == LAMConfig :: LOGIN_SEARCH ) && ( $_SESSION [ 'config' ] -> getHttpAuthentication () == 'true' )) {
$_SESSION [ 'user2factor' ] = $_SERVER [ 'PHP_AUTH_USER' ];
}
else {
$_SESSION [ 'user2factor' ] = $_POST [ 'username' ];
}
metaRefresh ( " ./login2Factor.php " );
}
2011-08-23 19:05:05 +00:00
die ();
}
else {
if ( $result === False ) {
// connection failed
$error_message = _ ( " Cannot connect to specified LDAP server. Please try again. " );
logNewMessage ( LOG_ERR , 'User ' . $username . ' (' . $clientSource . ') failed to log in (LDAP error: ' . ldap_err2str ( $result ) . ').' );
}
elseif ( $result == 81 ) {
// connection failed
$error_message = _ ( " Cannot connect to specified LDAP server. Please try again. " );
logNewMessage ( LOG_ERR , 'User ' . $username . ' (' . $clientSource . ') failed to log in (LDAP error: ' . ldap_err2str ( $result ) . ').' );
2009-03-07 18:17:57 +00:00
}
2011-08-23 19:05:05 +00:00
elseif ( $result == 49 ) {
// user name/password invalid. Return to login page.
$error_message = _ ( " Wrong password/user name combination. Please try again. " );
logNewMessage ( LOG_ERR , 'User ' . $username . ' (' . $clientSource . ') failed to log in (wrong password).' );
2003-03-15 12:13:49 +00:00
}
2009-03-07 18:17:57 +00:00
else {
2011-08-23 19:05:05 +00:00
// other errors
$error_message = _ ( " LDAP error, server says: " ) . " \n <br>( $result ) " . ldap_err2str ( $result );
logNewMessage ( LOG_ERR , 'User ' . $username . ' (' . $clientSource . ') failed to log in (LDAP error: ' . ldap_err2str ( $result ) . ').' );
2003-03-15 12:13:49 +00:00
}
2018-01-16 17:31:52 +00:00
display_LoginPage ( $licenseValidator , $error_message );
2011-08-23 19:05:05 +00:00
exit ();
2003-03-14 11:32:28 +00:00
}
}
2003-03-20 16:37:20 +00:00
2012-10-28 14:37:54 +00:00
//displays the login window
2018-01-16 17:31:52 +00:00
display_LoginPage ( $licenseValidator , $error_message );
2003-08-16 17:30:20 +00:00
?>