default;
if(isset($_COOKIE["lam_default_profile"])) {
$default_Profile = $_COOKIE["lam_default_profile"];
}
// Reload loginpage after a profile change
if(isset($_POST['profileChange'])) {
logNewMessage(LOG_DEBUG, "Change server profile to " . $_POST['profile']);
$_SESSION['config'] = new LAMConfig($_POST['profile']); // Recreate the config object with the submited
}
// Load login page
else {
$_SESSION["config"] = new LAMConfig($default_Profile); // Create new Config object
}
$_SESSION['language'] = $_SESSION["config"]->get_defaultLanguage();
if (isset($_POST['language'])) {
$_SESSION['language'] = $_POST['language']; // Write selected language in session
}
$current_language = explode(":",$_SESSION['language']);
$_SESSION['header'] = "\n\n";
$_SESSION['header'] .= "\n
\n";
$_SESSION['header'] .= "\n";
$_SESSION['header'] .= "\n ";
/**
* Displays the login window.
*
* @param object $config_object current active configuration
*/
function display_LoginPage($config_object) {
logNewMessage(LOG_DEBUG, "Display login page");
global $error_message;
// generate 256 bit key and initialization vector for user/passwd-encryption
// check if we can use /dev/random otherwise use /dev/urandom or rand()
if(function_exists('mcrypt_create_iv')) {
$key = @mcrypt_create_iv(32, MCRYPT_DEV_URANDOM);
if (! $key) {
srand((double)microtime()*1234567);
$key = mcrypt_create_iv(32, MCRYPT_RAND);
}
$iv = @mcrypt_create_iv(32, MCRYPT_DEV_URANDOM);
if (! $iv) {
srand((double)microtime()*1234567);
$iv = mcrypt_create_iv(32, MCRYPT_RAND);
}
// save both in cookie
setcookie("Key", base64_encode($key), 0, "/");
setcookie("IV", base64_encode($iv), 0, "/");
}
// loading available languages from language.conf file
$languagefile = "../config/language";
if(is_file($languagefile) == True)
{
$file = fopen($languagefile, "r");
$i = 0;
while(!feof($file))
{
$line = fgets($file, 1024);
if($line == "" || $line == "\n" || $line[0] == "#") continue; // ignore comment and empty lines
$value = explode(":", $line);
$languages[$i]["link"] = $value[0] . ":" . $value[1];
$languages[$i]["descr"] = $value[2];
if(trim($line) == trim($_SESSION["language"]))
{
$languages[$i]["default"] = "YES";
}
else
{
$languages[$i]["default"] = "NO";
}
$i++;
}
fclose($file);
}
$profiles = getConfigProfiles();
setlanguage(); // setting correct language
echo $_SESSION["header"];
?>
LDAP Account Manager -Login-
\n";
echo "\n";
echo "\n";
?>
|
" . _("Want more features? Get LAM Pro!") . "";
}
?>
|
";
}
}
// check TLS
$useTLS = $config_object->getUseTLS();
if (isset($useTLS) && ($useTLS == "yes")) {
if (!function_exists('ldap_start_tls')) {
StatusMessage("ERROR", "Your PHP installation does not support TLS encryption!");
echo "
";
}
}
// check if session expired
if (isset($_GET['expired'])) {
StatusMessage("ERROR", _("Your session expired, please log in again."));
echo "
";
}
// check if main config was saved
if (isset($_GET['confMainSavedOk'])) {
StatusMessage("INFO", _("Your settings were successfully saved."));
echo "
";
}
?>
Pro: " . LAMVersion() . " ";
logNewMessage(LOG_DEBUG, "LAM Pro " . LAMVersion());
}
else {
echo "LDAP Account Manager: " . LAMVersion() . " ";
logNewMessage(LOG_DEBUG, "LAM " . LAMVersion());
}
?>
|
getLoginMethod() == LAMConfig::LOGIN_SEARCH) {
$searchFilter = $_SESSION['config']->getLoginSearchFilter();
$searchFilter = str_replace('%USER%', $username ,$searchFilter);
$searchSuccess = true;
$searchError = '';
$searchLDAP = new Ldap($_SESSION['config']);
$searchLDAPResult = $searchLDAP->connect('', '', true);
if (! ($searchLDAPResult == 0)) {
$searchSuccess = false;
$searchError = _('Cannot connect to specified LDAP server. Please try again.') . ' ' . @ldap_error($searchLDAP->server());
}
else {
$searchResult = @ldap_search($searchLDAP->server(), $_SESSION['config']->getLoginSearchSuffix(), $searchFilter, array('dn'), 0, 0, 0, LDAP_DEREF_NEVER);
if ($searchResult) {
$searchInfo = @ldap_get_entries($searchLDAP->server(), $searchResult);
if ($searchInfo) {
$searchInfo = cleanLDAPResult($searchInfo);
if (sizeof($searchInfo) == 0) {
$searchSuccess = false;
$searchError = _('Wrong password/user name combination. Please try again.');
}
elseif (sizeof($searchInfo) > 1) {
$searchSuccess = false;
$searchError = _('The given user name matches multiple LDAP entries.');
}
else {
$username = $searchInfo[0]['dn'];
}
}
else {
$searchSuccess = false;
$searchError = _('Unable to find the user name in LDAP.');
if (ldap_errno($searchLDAP->server()) != 0) $searchError .= ' ' . ldap_error($searchLDAP->server());
}
}
else {
$searchSuccess = false;
$searchError = _('Unable to find the user name in LDAP.');
if (ldap_errno($searchLDAP->server()) != 0) $searchError .= ' ' . ldap_error($searchLDAP->server());
}
}
if (!$searchSuccess) {
$error_message = $searchError;
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' (' . $clientSource . ') failed to log in. ' . $searchError . '');
$searchLDAP->close();
display_LoginPage($_SESSION['config']);
exit();
}
$searchLDAP->close();
}
// try to connect to LDAP
$result = $_SESSION['ldap']->connect($username,$_POST['passwd']); // Connect to LDAP server for verifing username/password
if($result === 0) {// Username/password correct. Do some configuration and load main frame.
$_SESSION['loggedIn'] = true;
// set security settings for session
$_SESSION['sec_session_id'] = session_id();
$_SESSION['sec_client_ip'] = $_SERVER['REMOTE_ADDR'];
$_SESSION['sec_sessionTime'] = time();
// logging
logNewMessage(LOG_NOTICE, 'User ' . $_POST['username'] . ' (' . $clientSource . ') successfully logged in.');
// Load main frame
metaRefresh("./main.php");
die();
}
else {
if ($result === False) {
// connection failed
$error_message = _("Cannot connect to specified LDAP server. Please try again.");
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' (' . $clientSource . ') failed to log in (LDAP error: ' . ldap_err2str($result) . ').');
}
elseif ($result == 81) {
// connection failed
$error_message = _("Cannot connect to specified LDAP server. Please try again.");
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' (' . $clientSource . ') failed to log in (LDAP error: ' . ldap_err2str($result) . ').');
}
elseif ($result == 49) {
// user name/password invalid. Return to login page.
$error_message = _("Wrong password/user name combination. Please try again.");
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' (' . $clientSource . ') failed to log in (wrong password).');
}
else {
// other errors
$error_message = _("LDAP error, server says:") . "\n
($result) " . ldap_err2str($result);
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' (' . $clientSource . ') failed to log in (LDAP error: ' . ldap_err2str($result) . ').');
}
display_LoginPage($_SESSION['config']);
exit();
}
}
}
display_LoginPage($_SESSION["config"]);
?>