2003-04-23 21:01:18 +00:00
< ? php
2003-03-13 19:48:49 +00:00
/*
$Id $
2009-10-27 18:47:12 +00:00
This code is part of LDAP Account Manager ( http :// www . ldap - account - manager . org / )
2006-03-03 17:30:35 +00:00
Copyright ( C ) 2003 - 2006 Michael Duergner
2003-03-13 19:48:49 +00:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
2003-03-14 11:32:28 +00:00
2003-03-13 19:48:49 +00:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2003-03-14 11:32:28 +00:00
2003-03-13 19:48:49 +00:00
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 - 1307 USA
2005-07-20 18:07:10 +00:00
*/
2003-03-14 11:32:28 +00:00
2005-07-20 18:07:10 +00:00
/**
* Login form of LDAP Account Manager .
*
* @ author Michael Duergner
* @ package main
2003-03-13 19:48:49 +00:00
*/
2003-03-18 20:55:43 +00:00
2005-11-03 12:31:16 +00:00
/** status messages */
include_once ( " ../lib/status.inc " );
2008-02-21 19:24:37 +00:00
// check if PHP >= 5.1
if ( version_compare ( phpversion (), '5.1.0' ) < 0 ) {
echo " <!DOCTYPE HTML PUBLIC \" -//W3C//DTD HTML 4.01 Transitional//EN \" \" http://www.w3.org/TR/html4/loose.dtd \" > \n \n " ;
echo " <html> \n <head> \n " ;
echo " <meta http-equiv= \" content-type \" content= \" text/html; charset=UTF-8 \" > \n " ;
echo " <meta http-equiv= \" pragma \" content= \" no-cache \" > \n <meta http-equiv= \" cache-control \" content= \" no-cache \" > \n " ;
echo " <link rel= \" stylesheet \" type= \" text/css \" href= \" ../style/layout.css \" > \n " ;
echo " <link rel= \" shortcut icon \" type= \" image/x-icon \" href= \" ../graphics/favicon.ico \" > \n " ;
echo " <title>LDAP Account Manager</title> \n " ;
echo " </head><body> \n " ;
StatusMessage ( " ERROR " , " LAM needs PHP 5 greater or equal as 5.1.0! " , " Please upgrade your PHP installation. " );
echo " <br><br> " ;
echo " </body></html> " ;
exit ();
}
2006-04-23 16:33:25 +00:00
/** security functions */
include_once ( " ../lib/security.inc " );
2006-10-18 16:08:58 +00:00
/** self service functions */
include_once ( " ../lib/selfService.inc " );
2005-11-03 12:31:16 +00:00
// check environment
$criticalErrors = array ();
// check if PHP has session support
if ( ! function_exists ( 'session_start' )) {
$criticalErrors [] = array ( " ERROR " , " Your PHP has no session support! " , " Please install the session extension for PHP. " );
}
// check if PHP has LDAP support
if ( ! function_exists ( 'ldap_search' )) {
$criticalErrors [] = array ( " ERROR " , " Your PHP has no LDAP support! " , " Please install the LDAP extension for PHP. " );
}
// check if PHP has gettext support
if ( ! function_exists ( 'gettext' ) || ! function_exists ( '_' )) {
$criticalErrors [] = array ( " ERROR " , " Your PHP has no gettext support! " , " Please install gettext for PHP. " );
}
2005-11-30 14:22:26 +00:00
// check if PHP has XML support
if ( ! function_exists ( 'utf8_decode' )) {
$criticalErrors [] = array ( " ERROR " , " Your PHP has no XML support! " , " Please install the XML extension for PHP. " );
2007-10-01 19:04:06 +00:00
}
2010-01-01 23:19:16 +00:00
// check if PHP has GD support
if ( ! function_exists ( 'getimagesize' )) {
$criticalErrors [] = array ( " ERROR " , " Your PHP has no GD support! " , " Please install the GD extension for PHP. " );
}
2005-11-03 12:31:16 +00:00
// check file permissions
2005-11-07 19:03:20 +00:00
$writableDirs = array ( 'sess' , 'tmp' );
2005-11-03 12:31:16 +00:00
for ( $i = 0 ; $i < sizeof ( $writableDirs ); $i ++ ) {
$path = realpath ( '../' ) . " / " . $writableDirs [ $i ];
if ( ! is_writable ( $path )) {
2005-11-05 15:45:24 +00:00
$criticalErrors [] = array ( " ERROR " , 'The directory %s is not writable for the web server. Please change your file permissions.' , '' , array ( $path ));
2005-11-03 12:31:16 +00:00
}
}
2006-07-29 09:18:53 +00:00
// check session auto start
if ( ini_get ( " session.auto_start " ) == " 1 " ) {
$criticalErrors [] = array ( " ERROR " , " Please deactivate session.auto_start in your php.ini. LAM will not work if it is activated. " );
}
2010-01-02 17:35:13 +00:00
// check memory limit
2007-07-03 16:07:28 +00:00
$memLimit = ini_get ( 'memory_limit' );
if ( isset ( $memLimit ) && ( $memLimit != '' ) && ( substr ( strtoupper ( $memLimit ), strlen ( $memLimit ) - 1 ) == 'M' )) {
if ( intval ( substr ( $memLimit , 0 , strlen ( $memLimit ) - 1 )) < 64 ) {
2007-11-02 16:12:35 +00:00
$criticalErrors [] = array ( " ERROR " , " Please increase the \" memory_limit \" parameter in your php.ini to at least \" 64M \" . " ,
" Your current memory limit is $memLimit . " );
2007-07-03 16:07:28 +00:00
}
}
2010-01-02 17:35:13 +00:00
// check PCRE regex system
if ( !@ preg_match ( '/^\p{L}+$/u' , " abc " )) {
$criticalErrors [] = array ( " ERROR " , " Your PCRE library has no complete Unicode support. Please upgrade libpcre or compile with \" --enable-unicode-properties \" . " );
}
2005-11-03 12:31:16 +00:00
// stop login if critical errors occured
if ( sizeof ( $criticalErrors ) > 0 ) {
echo " <!DOCTYPE HTML PUBLIC \" -//W3C//DTD HTML 4.01 Transitional//EN \" \" http://www.w3.org/TR/html4/loose.dtd \" > \n \n " ;
echo " <html> \n <head> \n " ;
echo " <meta http-equiv= \" content-type \" content= \" text/html; charset=UTF-8 \" > \n " ;
echo " <meta http-equiv= \" pragma \" content= \" no-cache \" > \n <meta http-equiv= \" cache-control \" content= \" no-cache \" > \n " ;
2008-01-01 13:06:51 +00:00
echo " <link rel= \" stylesheet \" type= \" text/css \" href= \" ../style/layout.css \" > \n " ;
echo " <link rel= \" shortcut icon \" type= \" image/x-icon \" href= \" ../graphics/favicon.ico \" > \n " ;
2005-11-03 12:31:16 +00:00
echo " <title>LDAP Account Manager</title> \n " ;
echo " </head><body> \n " ;
for ( $i = 0 ; $i < sizeof ( $criticalErrors ); $i ++ ) {
call_user_func_array ( " StatusMessage " , $criticalErrors [ $i ]);
echo " <br><br> " ;
}
echo " </body></html> " ;
exit ();
}
2005-07-20 18:07:10 +00:00
/** access to configuration options */
2003-04-23 21:01:18 +00:00
include_once ( " ../lib/config.inc " ); // Include config.inc which provides Config class
2003-03-23 14:41:15 +00:00
2009-07-08 18:03:28 +00:00
// set session save path
if ( strtolower ( session_module_name ()) == 'files' ) {
session_save_path ( " ../sess " );
}
2005-09-30 13:53:45 +00:00
session_start (); // Start LDAP Account Manager session
2003-04-23 21:01:18 +00:00
2008-05-25 16:25:09 +00:00
// save last selected login profile
if ( isset ( $_POST [ 'profile' ])) {
setcookie ( " lam_default_profile " , $_POST [ 'profile' ], time () + 365 * 60 * 60 * 24 );
}
2005-06-03 12:09:08 +00:00
/**
* Displays the login window .
*
* @ param object $config_object current active configuration
*/
function display_LoginPage ( $config_object ) {
2003-05-12 20:46:58 +00:00
global $error_message ;
2003-04-23 21:01:18 +00:00
// generate 256 bit key and initialization vector for user/passwd-encryption
2003-10-02 17:54:04 +00:00
// check if we can use /dev/random otherwise use /dev/urandom or rand()
2005-02-22 20:20:47 +00:00
if ( function_exists ( 'mcrypt_create_iv' )) {
2005-11-18 10:41:08 +00:00
$key = @ mcrypt_create_iv ( 32 , MCRYPT_DEV_URANDOM );
2003-10-18 11:26:49 +00:00
if ( ! $key ) {
srand (( double ) microtime () * 1234567 );
$key = mcrypt_create_iv ( 32 , MCRYPT_RAND );
}
2005-11-18 10:41:08 +00:00
$iv = @ mcrypt_create_iv ( 32 , MCRYPT_DEV_URANDOM );
2003-10-18 11:26:49 +00:00
if ( ! $iv ) {
srand (( double ) microtime () * 1234567 );
$iv = mcrypt_create_iv ( 32 , MCRYPT_RAND );
}
2005-08-10 19:18:35 +00:00
// save both in cookie
setcookie ( " Key " , base64_encode ( $key ), 0 , " / " );
setcookie ( " IV " , base64_encode ( $iv ), 0 , " / " );
2003-10-02 17:54:04 +00:00
}
2003-04-23 21:01:18 +00:00
2003-07-20 18:28:38 +00:00
$_SESSION [ 'language' ] = $config_object -> get_defaultLanguage ();
2003-08-08 13:30:23 +00:00
$current_language = explode ( " : " , $_SESSION [ 'language' ]);
2008-03-23 10:57:34 +00:00
$_SESSION [ 'header' ] = " <!DOCTYPE HTML PUBLIC \" -//W3C//DTD HTML 4.01 Transitional//EN \" \" http://www.w3.org/TR/html4/loose.dtd \" > \n \n " ;
2003-11-17 15:47:53 +00:00
$_SESSION [ 'header' ] .= " <html> \n <head> \n " ;
$_SESSION [ 'header' ] .= " <meta http-equiv= \" content-type \" content= \" text/html; charset= " . $current_language [ 1 ] . " \" > \n " ;
$_SESSION [ 'header' ] .= " <meta http-equiv= \" pragma \" content= \" no-cache \" > \n <meta http-equiv= \" cache-control \" content= \" no-cache \" > " ;
2003-05-12 20:46:58 +00:00
2003-04-23 21:01:18 +00:00
// loading available languages from language.conf file
2003-07-14 21:59:09 +00:00
$languagefile = " ../config/language " ;
2003-04-23 21:01:18 +00:00
if ( is_file ( $languagefile ) == True )
{
$file = fopen ( $languagefile , " r " );
$i = 0 ;
while ( ! feof ( $file ))
{
$line = fgets ( $file , 1024 );
2003-05-12 20:46:58 +00:00
if ( $line == " " || $line == " \n " || $line [ 0 ] == " # " ) continue ; // ignore comment and empty lines
2003-04-23 21:01:18 +00:00
$value = explode ( " : " , $line );
$languages [ $i ][ " link " ] = $value [ 0 ] . " : " . $value [ 1 ];
$languages [ $i ][ " descr " ] = $value [ 2 ];
2003-05-12 20:46:58 +00:00
if ( rtrim ( $line ) == $_SESSION [ " language " ])
{
$languages [ $i ][ " default " ] = " YES " ;
}
else
{
$languages [ $i ][ " default " ] = " NO " ;
}
2003-04-23 21:01:18 +00:00
$i ++ ;
}
fclose ( $file );
}
2003-07-14 21:59:09 +00:00
$profiles = getConfigProfiles ();
2003-05-07 19:53:58 +00:00
setlanguage (); // setting correct language
2003-07-23 08:08:25 +00:00
echo $_SESSION [ " header " ];
?>
< title > LDAP Account Manager - Login -</ title >
< link rel = " stylesheet " type = " text/css " href = " ../style/layout.css " >
2008-01-01 13:06:51 +00:00
< link rel = " shortcut icon " type = " image/x-icon " href = " ../graphics/favicon.ico " >
2003-07-23 08:08:25 +00:00
</ head >
2009-03-07 18:17:57 +00:00
< body onload = " focusLogin() " >
2005-05-15 13:14:45 +00:00
< ? php
// set focus on password field
echo " <script type= \" text/javascript \" language= \" javascript \" > \n " ;
echo " <!-- \n " ;
2009-03-07 18:17:57 +00:00
echo " function focusLogin() { \n " ;
if ( $config_object -> getLoginMethod () == LAMConfig :: LOGIN_LIST ) {
echo " myElement = document.getElementsByName('passwd')[0]; \n " ;
echo " myElement.focus(); \n " ;
}
else {
echo " myElement = document.getElementsByName('username')[0]; \n " ;
echo " myElement.focus(); \n " ;
}
2005-05-15 13:14:45 +00:00
echo " } \n " ;
echo " //--> \n " ;
echo " </script> \n " ;
?>
2003-07-23 08:08:25 +00:00
< p align = " center " >
2009-08-10 16:13:27 +00:00
< a href = " http://www.ldap-account-manager.org/ " target = " _blank " >< img src = " ../graphics/banner.jpg " border = " 1 " alt = " LDAP Account Manager " ></ a >
2003-07-23 08:08:25 +00:00
</ p >
< table width = " 100% " border = " 0 " >
< tr >
2009-05-03 18:23:25 +00:00
< td width = " 50% " align = " left " >
< a href = " ./config/index.php " >< IMG alt = " configuration " src = " ../graphics/tools.png " >& nbsp ; < ? php echo _ ( " LAM configuration " ) ?> </a>
</ td >
< TD width = " 50% " align = " right " >
2006-10-18 16:08:58 +00:00
< ? PHP
if ( ! isLAMProVersion ()) {
2009-08-10 16:13:27 +00:00
echo " <a href= \" http://www.ldap-account-manager.org/lamcms/lamPro \" > " . _ ( " Want more features? Get LAM Pro! " ) . " </a> " ;
2006-10-18 16:08:58 +00:00
}
?>
</ TD >
2003-07-23 08:08:25 +00:00
</ tr >
</ table >
< hr >< br >< br >
2003-10-18 11:26:49 +00:00
< ? php
2006-04-29 09:58:17 +00:00
// check extensions
$extList = getRequiredExtensions ();
for ( $i = 0 ; $i < sizeof ( $extList ); $i ++ ) {
if ( ! extension_loaded ( $extList [ $i ])) {
2006-07-29 09:18:53 +00:00
StatusMessage ( " ERROR " , " A required PHP extension is missing! " , $extList [ $i ]);
2006-04-29 09:58:17 +00:00
echo " <br> " ;
}
2004-05-19 22:14:41 +00:00
}
2009-05-03 17:31:39 +00:00
// check TLS
$useTLS = $config_object -> getUseTLS ();
if ( isset ( $useTLS ) && ( $useTLS == " yes " )) {
if ( ! function_exists ( 'ldap_start_tls' )) {
StatusMessage ( " ERROR " , " Your PHP installation does not support TLS encryption! " );
echo " <br> " ;
}
}
2006-05-01 08:56:40 +00:00
// check if session expired
if ( isset ( $_GET [ 'expired' ])) {
StatusMessage ( " ERROR " , _ ( " Your session expired, please log in again. " ));
echo " <br> " ;
}
2003-07-23 08:08:25 +00:00
?>
2008-07-30 20:34:19 +00:00
< div style = " position:relative; z-index:5; " >
2005-01-15 12:11:03 +00:00
< table width = " 650 " align = " center " border = " 2 " rules = " none " bgcolor = " white " >
< tr >
< td style = " border-style:none " width = " 70 " rowspan = " 2 " >
< img src = " ../graphics/lam.png " alt = " Logo " >
</ td >
2007-02-11 13:55:03 +00:00
< td style = " border-style:none " width = " 580 " >
2005-01-15 12:11:03 +00:00
< form action = " login.php " method = " post " >
< table width = " 580 " >
< tr >
< td style = " border-style:none " height = " 70 " colspan = " 2 " align = " center " >
2007-12-31 12:37:00 +00:00
< font color = " #000080 " >< b >< big >< ? php echo _ ( " Please select your user name and enter your password to log in. " ); ?> </big></b></font>
2005-01-15 12:11:03 +00:00
</ td >
</ tr >
< tr >
< td style = " border-style:none " height = " 35 " align = " right " >< b >
< ? php
2005-05-16 09:36:33 +00:00
echo _ ( " User name " ) . " : " ;
2005-01-15 12:11:03 +00:00
?>
</ b >& nbsp ; & nbsp ; </ td >
< td style = " border-style:none " height = " 35 " align = " left " >
< ? php
2009-03-07 18:17:57 +00:00
if ( $config_object -> getLoginMethod () == LAMConfig :: LOGIN_LIST ) {
echo '<select name="username" size="1" tabindex="0">' ;
$admins = $config_object -> get_Admins ();
for ( $i = 0 ; $i < count ( $admins ); $i ++ ) {
$text = explode ( " , " , $admins [ $i ]);
$text = explode ( " = " , $text [ 0 ]);
echo '<option value="' . $admins [ $i ] . '">' . $text [ 1 ] . '</option>' ;
}
echo '</select>' ;
}
else {
echo '<input type="text" name="username" tabindex="1">' ;
2005-01-15 12:11:03 +00:00
}
?>
</ td >
</ tr >
< tr >
< td style = " border-style:none " height = " 35 " align = " right " >< b >
< ? php
echo _ ( " Password " ) . " : " ;
?>
</ b >& nbsp ; & nbsp ; </ td >
< td style = " border-style:none " height = " 35 " align = " left " >
2009-03-07 18:17:57 +00:00
< input type = " password " name = " passwd " tabindex = " 2 " >
2005-01-15 12:11:03 +00:00
</ td >
</ tr >
< tr >
< td style = " border-style:none " align = " right " >< b >
< ? php
2005-05-16 09:36:33 +00:00
echo _ ( " Language " ) . " : " ;
2005-01-15 12:11:03 +00:00
?>
</ b >& nbsp ; & nbsp ; </ td >
< td style = " border-style:none " height = " 35 " align = " left " >
2009-03-07 18:17:57 +00:00
< select name = " language " size = " 1 " tabindex = " 3 " >
2005-01-15 12:11:03 +00:00
< ? php
for ( $i = 0 ; $i < count ( $languages ); $i ++ ) {
if ( $languages [ $i ][ " default " ] == " YES " ) {
?>
< option selected value = " <?php echo $languages[$i] [ " link " ] . " : " . $languages[$i] [ " descr " ]; ?> " >< ? php echo $languages [ $i ][ " descr " ]; ?> </option>
< ? php
}
else
{
?>
< option value = " <?php echo $languages[$i] [ " link " ] . " : " . $languages[$i] [ " descr " ]; ?> " >< ? php echo $languages [ $i ][ " descr " ]; ?> </option>
< ? php
}
}
?>
</ select >
</ td >
</ tr >
< tr >
< td style = " border-style:none " height = " 50 " colspan = " 2 " align = " center " >
< input name = " checklogin " type = " hidden " value = " checklogin " >
2009-03-07 18:17:57 +00:00
< input name = " submit " type = " submit " value = " <?php echo _( " Login " ); ?> " tabindex = " 4 " >
2005-01-15 12:11:03 +00:00
</ td >
</ tr >
< tr >
2005-05-16 09:36:33 +00:00
< td style = " border-style:none " colspan = " 2 " align = " center " >
2005-01-15 12:11:03 +00:00
< ? php
if ( $error_message != " " ) {
echo " <font color= \" red \" ><b> " . $error_message . " </b></font> " ;
}
?>
</ td >
</ tr >
</ table >
</ form >
2004-02-16 17:02:01 +00:00
</ td >
2005-01-15 12:11:03 +00:00
</ tr >
< tr >
2007-02-11 13:55:03 +00:00
< td style = " border-style:none " >
2005-01-15 12:11:03 +00:00
< form action = " login.php " method = " post " >
< table width = " 580 " >
< tr >
< td style = " border-style:none " height = " 30 " colspan = " 2 " >
< hr >
< b >
< ? php
echo _ ( " LDAP server " ) . " : " ;
?> </b>
< ? php echo $config_object -> get_ServerURL (); ?>
</ td >
</ tr >
< tr >
< td style = " border-style:none " height = " 30 " >< b >
< ? php
2006-04-23 16:33:25 +00:00
echo _ ( " Server profile " ) . " : " ;
2005-11-06 10:34:33 +00:00
if ( empty ( $_POST [ 'profileChange' ])) {
2007-12-29 18:59:09 +00:00
$_POST [ 'profile' ] = $_SESSION [ 'config' ] -> getName ();
2005-01-15 12:11:03 +00:00
}
?> </b>
< ? php echo $_POST [ 'profile' ]; ?>
</ td >
< td style = " border-style:none " height = " 30 " align = " right " >
2009-03-07 18:17:57 +00:00
< select name = " profile " size = " 1 " tabindex = " 5 " >
2005-01-15 12:11:03 +00:00
< ? php
for ( $i = 0 ; $i < count ( $profiles ); $i ++ ) {
?>
< option value = " <?php echo $profiles[$i] ; ?> " >< ? php echo $profiles [ $i ]; ?> </option>
< ? php
}
?>
</ select >
< input name = " profileChange " type = " hidden " value = " profileChange " >
2009-03-07 18:17:57 +00:00
< input name = " submit " type = " submit " value = " <?php echo _( " Change profile " ); ?> " tabindex = " 6 " >
2005-01-15 12:11:03 +00:00
</ td >
</ tr >
< tr >
< td style = " border-style:none " height = " 10 " colspan = " 2 " ></ td >
</ tr >
</ table >
</ form >
2004-02-16 17:02:01 +00:00
</ td >
2005-01-15 12:11:03 +00:00
</ tr >
</ table >
2008-07-30 20:34:19 +00:00
</ div >
2003-07-23 08:08:25 +00:00
< br >< br >
2005-05-06 10:55:20 +00:00
< TABLE style = " position:absolute; bottom:10px; " border = " 0 " width = " 99% " >
< TR >< TD align = " right " >< HR >
< SMALL >
< ? php
2006-10-18 16:08:58 +00:00
if ( isLAMProVersion ()) {
2006-07-30 10:41:12 +00:00
echo " LDAP Account Manager <b>Pro</b>: <b> " . LAMVersion () . " </b> " ;
}
else {
echo " LDAP Account Manager: <b> " . LAMVersion () . " </b> " ;
}
2005-05-06 10:55:20 +00:00
?>
</ SMALL >
</ TD ></ TR >
</ TABLE >
2003-07-23 08:08:25 +00:00
</ body >
</ html >
< ? php
2003-04-23 21:01:18 +00:00
}
2003-03-14 11:32:28 +00:00
// checking if the submitted username/password is correct.
2009-05-03 15:40:14 +00:00
if ( ! empty ( $_POST [ 'checklogin' ])) {
2003-10-18 11:26:49 +00:00
$_SESSION [ 'lampath' ] = realpath ( '../' ) . " / " ; // Save full path to lam in session
2003-04-23 21:01:18 +00:00
include_once ( " ../lib/ldap.inc " ); // Include ldap.php which provides Ldap class
2003-03-20 16:41:52 +00:00
2003-08-13 19:21:36 +00:00
$_SESSION [ 'ldap' ] = new Ldap ( $_SESSION [ 'config' ]); // Create new Ldap object
2003-10-18 11:26:49 +00:00
2009-05-03 15:40:14 +00:00
if ( $_POST [ 'passwd' ] == " " ) {
2005-05-16 09:36:33 +00:00
$error_message = _ ( " Empty password submitted. Please try again. " );
2005-06-03 12:09:08 +00:00
display_LoginPage ( $_SESSION [ 'config' ]); // Empty password submitted. Return to login page.
2003-03-14 11:32:28 +00:00
}
2009-05-03 15:40:14 +00:00
else {
$clientSource = $_SERVER [ 'REMOTE_ADDR' ] . '/' . $_SERVER [ 'REMOTE_HOST' ];
2004-12-16 19:29:28 +00:00
if ( get_magic_quotes_gpc () == 1 ) {
$_POST [ 'passwd' ] = stripslashes ( $_POST [ 'passwd' ]);
}
2009-03-07 18:17:57 +00:00
$username = $_POST [ 'username' ];
// search user in LDAP if needed
if ( $_SESSION [ 'config' ] -> getLoginMethod () == LAMConfig :: LOGIN_SEARCH ) {
$searchFilter = $_SESSION [ 'config' ] -> getLoginSearchFilter ();
$searchFilter = str_replace ( '%USER%' , $username , $searchFilter );
$searchSuccess = true ;
$searchError = '' ;
2009-11-03 20:57:53 +00:00
$searchLDAP = new Ldap ( $_SESSION [ 'config' ]);
$searchLDAPResult = $searchLDAP -> connect ( '' , '' , true );
if ( ! ( $searchLDAPResult == 0 )) {
$searchSuccess = false ;
$searchError = _ ( 'Cannot connect to specified LDAP server. Please try again.' ) . ' ' . @ ldap_error ( $searchLDAP -> server ());
}
else {
$searchResult = @ ldap_search ( $searchLDAP -> server (), $_SESSION [ 'config' ] -> getLoginSearchSuffix (), $searchFilter , array ( 'dn' ), 0 , 0 , 0 , LDAP_DEREF_NEVER );
if ( $searchResult ) {
$searchInfo = @ ldap_get_entries ( $searchLDAP -> server (), $searchResult );
if ( $searchInfo ) {
2009-12-19 16:28:16 +00:00
$searchInfo = cleanLDAPResult ( $searchInfo );
if ( sizeof ( $searchInfo ) == 0 ) {
2009-11-03 20:57:53 +00:00
$searchSuccess = false ;
$searchError = _ ( 'Wrong password/user name combination. Please try again.' );
}
2009-12-19 16:28:16 +00:00
elseif ( sizeof ( $searchInfo ) > 1 ) {
2009-11-03 20:57:53 +00:00
$searchSuccess = false ;
$searchError = _ ( 'The given user name matches multiple LDAP entries.' );
}
else {
$username = $searchInfo [ 0 ][ 'dn' ];
}
2009-03-07 18:17:57 +00:00
}
else {
2009-11-03 20:57:53 +00:00
$searchSuccess = false ;
$searchError = _ ( 'Unable to find the user name in LDAP.' );
if ( ldap_errno ( $searchLDAP -> server ()) != 0 ) $searchError .= ' ' . ldap_error ( $searchLDAP -> server ());
2009-03-07 18:17:57 +00:00
}
}
else {
$searchSuccess = false ;
2009-11-03 20:57:53 +00:00
$searchError = _ ( 'Unable to find the user name in LDAP.' );
if ( ldap_errno ( $searchLDAP -> server ()) != 0 ) $searchError .= ' ' . ldap_error ( $searchLDAP -> server ());
2009-03-07 18:17:57 +00:00
}
}
if ( ! $searchSuccess ) {
$error_message = $searchError ;
2009-05-03 15:40:14 +00:00
logNewMessage ( LOG_ERR , 'User ' . $_POST [ 'username' ] . ' (' . $clientSource . ') failed to log in. ' . $searchError . '' );
2009-03-07 18:17:57 +00:00
$searchLDAP -> close ();
display_LoginPage ( $_SESSION [ 'config' ]);
exit ();
}
$searchLDAP -> close ();
}
// try to connect to LDAP
$result = $_SESSION [ 'ldap' ] -> connect ( $username , $_POST [ 'passwd' ]); // Connect to LDAP server for verifing username/password
if ( $result === 0 ) { // Username/password correct. Do some configuration and load main frame.
2003-10-22 17:42:12 +00:00
$_SESSION [ 'loggedIn' ] = true ;
2003-07-20 18:28:38 +00:00
$_SESSION [ 'language' ] = $_POST [ 'language' ]; // Write selected language in session
2003-08-08 15:07:47 +00:00
$current_language = explode ( " : " , $_SESSION [ 'language' ]);
2008-03-23 10:57:34 +00:00
$_SESSION [ 'header' ] = " <!DOCTYPE HTML PUBLIC \" -//W3C//DTD HTML 4.01 Transitional//EN \" \" http://www.w3.org/TR/html4/loose.dtd \" > \n \n " ;
2003-11-17 15:47:53 +00:00
$_SESSION [ 'header' ] .= " <html> \n <head> \n " ;
$_SESSION [ 'header' ] .= " <meta http-equiv= \" content-type \" content= \" text/html; charset= " . $current_language [ 1 ] . " \" > \n " ;
$_SESSION [ 'header' ] .= " <meta http-equiv= \" pragma \" content= \" no-cache \" > \n <meta http-equiv= \" cache-control \" content= \" no-cache \" > " ;
2006-03-26 11:39:30 +00:00
// set security settings for session
$_SESSION [ 'sec_session_id' ] = session_id ();
$_SESSION [ 'sec_client_ip' ] = $_SERVER [ 'REMOTE_ADDR' ];
2006-04-18 10:57:16 +00:00
$_SESSION [ 'sec_sessionTime' ] = time ();
2006-04-23 16:33:25 +00:00
// logging
2009-05-03 15:40:14 +00:00
logNewMessage ( LOG_NOTICE , 'User ' . $_POST [ 'username' ] . ' (' . $clientSource . ') successfully logged in.' );
2006-03-26 11:39:30 +00:00
// Load main frame
2007-06-16 11:50:25 +00:00
metaRefresh ( " ./main.php " );
die ();
2003-03-15 12:13:49 +00:00
}
2009-03-07 18:17:57 +00:00
else {
2006-04-23 16:33:25 +00:00
if ( $result === False ) {
2009-11-03 20:57:53 +00:00
// connection failed
2005-05-16 09:36:33 +00:00
$error_message = _ ( " Cannot connect to specified LDAP server. Please try again. " );
2009-05-03 15:40:14 +00:00
logNewMessage ( LOG_ERR , 'User ' . $_POST [ 'username' ] . ' (' . $clientSource . ') failed to log in (LDAP error: ' . ldap_err2str ( $result ) . ').' );
2009-11-03 20:57:53 +00:00
display_LoginPage ( $_SESSION [ 'config' ]);
2009-03-07 18:17:57 +00:00
exit ();
2003-12-03 23:03:10 +00:00
}
2006-04-23 16:33:25 +00:00
elseif ( $result == 81 ) {
2009-11-03 20:57:53 +00:00
// connection failed
2005-05-16 09:36:33 +00:00
$error_message = _ ( " Cannot connect to specified LDAP server. Please try again. " );
2009-05-03 15:40:14 +00:00
logNewMessage ( LOG_ERR , 'User ' . $_POST [ 'username' ] . ' (' . $clientSource . ') failed to log in (LDAP error: ' . ldap_err2str ( $result ) . ').' );
2009-11-03 20:57:53 +00:00
display_LoginPage ( $_SESSION [ 'config' ]);
2009-03-07 18:17:57 +00:00
exit ();
2003-12-03 23:03:10 +00:00
}
2006-04-23 16:33:25 +00:00
elseif ( $result == 49 ) {
2009-11-03 20:57:53 +00:00
// user name/password invalid. Return to login page.
2005-05-16 09:36:33 +00:00
$error_message = _ ( " Wrong password/user name combination. Please try again. " );
2009-05-03 15:40:14 +00:00
logNewMessage ( LOG_ERR , 'User ' . $_POST [ 'username' ] . ' (' . $clientSource . ') failed to log in (wrong password).' );
2009-11-03 20:57:53 +00:00
display_LoginPage ( $_SESSION [ 'config' ]);
2009-03-07 18:17:57 +00:00
exit ();
2003-05-18 18:59:02 +00:00
}
2006-04-23 16:33:25 +00:00
else {
2009-11-03 20:57:53 +00:00
// other errors
2003-12-03 23:03:10 +00:00
$error_message = _ ( " LDAP error, server says: " ) . " \n <br>( $result ) " . ldap_err2str ( $result );
2009-05-03 15:40:14 +00:00
logNewMessage ( LOG_ERR , 'User ' . $_POST [ 'username' ] . ' (' . $clientSource . ') failed to log in (LDAP error: ' . ldap_err2str ( $result ) . ').' );
2009-11-03 20:57:53 +00:00
display_LoginPage ( $_SESSION [ 'config' ]);
2009-03-07 18:17:57 +00:00
exit ();
2003-05-18 18:59:02 +00:00
}
2003-03-15 12:13:49 +00:00
}
2003-03-14 11:32:28 +00:00
}
}
2003-07-14 21:59:09 +00:00
// Reload loginpage after a profile change
2005-11-06 10:34:33 +00:00
elseif ( ! empty ( $_POST [ 'profileChange' ])) {
2006-09-24 14:19:50 +00:00
$_SESSION [ 'config' ] = new LAMConfig ( $_POST [ 'profile' ]); // Recreate the config object with the submited
2005-06-03 12:09:08 +00:00
display_LoginPage ( $_SESSION [ 'config' ]); // Load login page
2003-07-14 21:59:09 +00:00
}
2003-03-23 14:41:15 +00:00
// Load login page
2008-05-15 17:32:59 +00:00
else {
2006-09-24 14:19:50 +00:00
$default_Config = new LAMCfgMain ();
2003-07-14 21:59:09 +00:00
$default_Profile = $default_Config -> default ;
2008-05-25 16:25:09 +00:00
if ( isset ( $_COOKIE [ " lam_default_profile " ])) {
$default_Profile = $_COOKIE [ " lam_default_profile " ];
}
2006-09-24 14:19:50 +00:00
$_SESSION [ " config " ] = new LAMConfig ( $default_Profile ); // Create new Config object
2006-04-18 10:57:16 +00:00
$_SESSION [ " cfgMain " ] = $default_Config ; // Create new CfgMain object
2003-03-20 16:37:20 +00:00
2005-06-03 12:09:08 +00:00
display_LoginPage ( $_SESSION [ " config " ]); // Load Login page
2003-03-14 11:32:28 +00:00
}
2003-08-16 17:30:20 +00:00
?>
