fixed bugs: IV and key were created twice; cookies could only be accessed from templates-folder

now user is logged in with his username and password
This commit is contained in:
Roland Gruber 2003-04-17 19:29:21 +00:00
parent d8a980c2af
commit 5645f54b6f
3 changed files with 9 additions and 12 deletions

View File

@ -22,9 +22,14 @@ $Id$
LDAP Account Manager main login page.
*/
?>
<?
// generate 256 bit key and initialization vector for user/passwd-encryption
$key = mcrypt_create_iv(32, MCRYPT_DEV_RANDOM);
$iv = mcrypt_create_iv(32, MCRYPT_DEV_RANDOM);
// save both in cookie
setcookie("Key", base64_encode($key), 0, "/");
setcookie("IV", base64_encode($iv), 0, "/");
// loading available languages from language.conf file

View File

@ -36,14 +36,6 @@ $session_save_path .= "/sess";
session_save_path($session_save_path); // Set session save path
@session_start(); // Start LDAP Account Manager session
// generate 256 bit key and initialization vector for user/passwd-encryption
$key = mcrypt_create_iv(32, MCRYPT_DEV_RANDOM);
$iv = mcrypt_create_iv(32, MCRYPT_DEV_RANDOM);
// save both in cookie
setcookie("Key", base64_encode($key));
setcookie("IV", base64_encode($iv));
// checking if the submitted username/password is correct.
if($action == "checklogin")
{

View File

@ -24,8 +24,8 @@ $Id$
*/
// delete key and iv in cookie
setcookie("Key", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
setcookie("IV", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
setcookie("Key", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", 0, "/");
setcookie("IV", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", 0, "/");
include_once("../lib/ldap.php");