log client IP

This commit is contained in:
Roland Gruber 2009-05-03 15:40:14 +00:00
parent 40bbee0c26
commit aa02b462ff
2 changed files with 11 additions and 12 deletions

View File

@ -1,4 +1,5 @@
July 2009 2.7.0 July 2009 2.7.0
- log client IP at login attempt
- Samba 3: allow to disable LM hashes (on by default) - Samba 3: allow to disable LM hashes (on by default)

View File

@ -401,21 +401,19 @@ function display_LoginPage($config_object) {
} }
// checking if the submitted username/password is correct. // checking if the submitted username/password is correct.
if(!empty($_POST['checklogin'])) if(!empty($_POST['checklogin'])) {
{
$_SESSION['lampath'] = realpath('../') . "/"; // Save full path to lam in session $_SESSION['lampath'] = realpath('../') . "/"; // Save full path to lam in session
include_once("../lib/ldap.inc"); // Include ldap.php which provides Ldap class include_once("../lib/ldap.inc"); // Include ldap.php which provides Ldap class
$_SESSION['ldap'] = new Ldap($_SESSION['config']); // Create new Ldap object $_SESSION['ldap'] = new Ldap($_SESSION['config']); // Create new Ldap object
if($_POST['passwd'] == "") if($_POST['passwd'] == "") {
{
$error_message = _("Empty password submitted. Please try again."); $error_message = _("Empty password submitted. Please try again.");
display_LoginPage($_SESSION['config']); // Empty password submitted. Return to login page. display_LoginPage($_SESSION['config']); // Empty password submitted. Return to login page.
} }
else else {
{ $clientSource = $_SERVER['REMOTE_ADDR'] . '/' . $_SERVER['REMOTE_HOST'];
if (get_magic_quotes_gpc() == 1) { if (get_magic_quotes_gpc() == 1) {
$_POST['passwd'] = stripslashes($_POST['passwd']); $_POST['passwd'] = stripslashes($_POST['passwd']);
} }
@ -455,7 +453,7 @@ if(!empty($_POST['checklogin']))
} }
if (!$searchSuccess) { if (!$searchSuccess) {
$error_message = $searchError; $error_message = $searchError;
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' failed to log in. ' . $searchError . ''); logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' (' . $clientSource . ') failed to log in. ' . $searchError . '');
$searchLDAP->close(); $searchLDAP->close();
display_LoginPage($_SESSION['config']); display_LoginPage($_SESSION['config']);
exit(); exit();
@ -477,7 +475,7 @@ if(!empty($_POST['checklogin']))
$_SESSION['sec_client_ip'] = $_SERVER['REMOTE_ADDR']; $_SESSION['sec_client_ip'] = $_SERVER['REMOTE_ADDR'];
$_SESSION['sec_sessionTime'] = time(); $_SESSION['sec_sessionTime'] = time();
// logging // logging
logNewMessage(LOG_NOTICE, 'User ' . $_POST['username'] . ' successfully logged in.'); logNewMessage(LOG_NOTICE, 'User ' . $_POST['username'] . ' (' . $clientSource . ') successfully logged in.');
// Load main frame // Load main frame
metaRefresh("./main.php"); metaRefresh("./main.php");
die(); die();
@ -485,25 +483,25 @@ if(!empty($_POST['checklogin']))
else { else {
if ($result === False) { if ($result === False) {
$error_message = _("Cannot connect to specified LDAP server. Please try again."); $error_message = _("Cannot connect to specified LDAP server. Please try again.");
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' failed to log in (LDAP error: ' . ldap_err2str($result) . ').'); logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' (' . $clientSource . ') failed to log in (LDAP error: ' . ldap_err2str($result) . ').');
display_LoginPage($_SESSION['config']); // connection failed display_LoginPage($_SESSION['config']); // connection failed
exit(); exit();
} }
elseif ($result == 81) { elseif ($result == 81) {
$error_message = _("Cannot connect to specified LDAP server. Please try again."); $error_message = _("Cannot connect to specified LDAP server. Please try again.");
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' failed to log in (LDAP error: ' . ldap_err2str($result) . ').'); logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' (' . $clientSource . ') failed to log in (LDAP error: ' . ldap_err2str($result) . ').');
display_LoginPage($_SESSION['config']); // connection failed display_LoginPage($_SESSION['config']); // connection failed
exit(); exit();
} }
elseif ($result == 49) { elseif ($result == 49) {
$error_message = _("Wrong password/user name combination. Please try again."); $error_message = _("Wrong password/user name combination. Please try again.");
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' failed to log in (wrong password).'); logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' (' . $clientSource . ') failed to log in (wrong password).');
display_LoginPage($_SESSION['config']); // Username/password invalid. Return to login page. display_LoginPage($_SESSION['config']); // Username/password invalid. Return to login page.
exit(); exit();
} }
else { else {
$error_message = _("LDAP error, server says:") . "\n<br>($result) " . ldap_err2str($result); $error_message = _("LDAP error, server says:") . "\n<br>($result) " . ldap_err2str($result);
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' failed to log in (LDAP error: ' . ldap_err2str($result) . ').'); logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' (' . $clientSource . ') failed to log in (LDAP error: ' . ldap_err2str($result) . ').');
display_LoginPage($_SESSION['config']); // other errors display_LoginPage($_SESSION['config']); // other errors
exit(); exit();
} }