LDAP Account Manager

0) { echo "\n"; echo "\n\n"; echo "\n\n"; echo "\n"; echo "\n \n"; echo ""; echo "LDAP Account Manager\n"; echo "\n"; for ($i = 0; $i < sizeof($criticalErrors); $i++) { call_user_func_array("StatusMessage", $criticalErrors[$i]); echo "

"; } echo ""; exit(); } /** access to configuration options */ include_once("../lib/config.inc"); // Include config.inc which provides Config class session_save_path("../sess"); // Set session save path session_start(); // Start LDAP Account Manager session /** * Displays the login window. * * @param object $config_object current active configuration */ function display_LoginPage($config_object) { global $error_message; // generate 256 bit key and initialization vector for user/passwd-encryption // check if we can use /dev/random otherwise use /dev/urandom or rand() if(function_exists('mcrypt_create_iv')) { $key = @mcrypt_create_iv(32, MCRYPT_DEV_URANDOM); if (! $key) { srand((double)microtime()*1234567); $key = mcrypt_create_iv(32, MCRYPT_RAND); } $iv = @mcrypt_create_iv(32, MCRYPT_DEV_URANDOM); if (! $iv) { srand((double)microtime()*1234567); $iv = mcrypt_create_iv(32, MCRYPT_RAND); } // save both in cookie setcookie("Key", base64_encode($key), 0, "/"); setcookie("IV", base64_encode($iv), 0, "/"); } $_SESSION['language'] = $config_object->get_defaultLanguage(); $current_language = explode(":",$_SESSION['language']); $_SESSION['header'] = "\n"; $_SESSION['header'] .= "\n\n"; $_SESSION['header'] .= "\n\n"; $_SESSION['header'] .= "\n"; $_SESSION['header'] .= "\n "; // loading available languages from language.conf file $languagefile = "../config/language"; if(is_file($languagefile) == True) { $file = fopen($languagefile, "r"); $i = 0; while(!feof($file)) { $line = fgets($file, 1024); if($line == "" || $line == "\n" || $line[0] == "#") continue; // ignore comment and empty lines $value = explode(":", $line); $languages[$i]["link"] = $value[0] . ":" . $value[1]; $languages[$i]["descr"] = $value[2]; if(rtrim($line) == $_SESSION["language"]) { $languages[$i]["default"] = "YES"; } else { $languages[$i]["default"] = "NO"; } $i++; } fclose($file); } $profiles = getConfigProfiles(); setlanguage(); // setting correct language echo $_SESSION["header"]; ?> LDAP Account Manager -Login- \n"; echo "\n"; echo "\n"; ?>

"; } } // check if session expired if (isset($_GET['expired'])) { StatusMessage("ERROR", _("Your session expired, please log in again.")); echo "
"; } ?>

Pro: " . LAMVersion() . " "; } else { echo "LDAP Account Manager: " . LAMVersion() . " "; } ?>

connect($_POST['username'],$_POST['passwd']); // Connect to LDAP server for verifing username/password if($result === 0) // Username/password correct. Do some configuration and load main frame. { $_SESSION['loggedIn'] = true; $_SESSION['language'] = $_POST['language']; // Write selected language in session $current_language = explode(":",$_SESSION['language']); $_SESSION['header'] = "\n"; $_SESSION['header'] .= "\n\n"; $_SESSION['header'] .= "\n\n"; $_SESSION['header'] .= "\n"; $_SESSION['header'] .= "\n "; // set security settings for session $_SESSION['sec_session_id'] = session_id(); $_SESSION['sec_client_ip'] = $_SERVER['REMOTE_ADDR']; $_SESSION['sec_sessionTime'] = time(); // logging logNewMessage(LOG_NOTICE, 'User ' . $_POST['username'] . ' successfully logged in.'); // Load main frame include("./main.php"); } else { if ($result === False) { $error_message = _("Cannot connect to specified LDAP server. Please try again."); logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' failed to log in (LDAP error: ' . ldap_err2str($result) . ').'); display_LoginPage($_SESSION['config']); // connection failed } elseif ($result == 81) { $error_message = _("Cannot connect to specified LDAP server. Please try again."); logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' failed to log in (LDAP error: ' . ldap_err2str($result) . ').'); display_LoginPage($_SESSION['config']); // connection failed } elseif ($result == 49) { $error_message = _("Wrong password/user name combination. Please try again."); logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' failed to log in (wrong password).'); display_LoginPage($_SESSION['config']); // Username/password invalid. Return to login page. } else { $error_message = _("LDAP error, server says:") . "\n
($result) " . ldap_err2str($result); logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' failed to log in (LDAP error: ' . ldap_err2str($result) . ').'); display_LoginPage($_SESSION['config']); // other errors } } } } // Reload loginpage after a profile change elseif(!empty($_POST['profileChange'])) { $_SESSION['config'] = new Config($_POST['profile']); // Recreate the config object with the submited display_LoginPage($_SESSION['config']); // Load login page } // Load login page else { $_SESSION['loggedIn'] = false; $default_Config = new CfgMain(); $default_Profile = $default_Config->default; $_SESSION["config"] = new Config($default_Profile); // Create new Config object $_SESSION["cfgMain"] = $default_Config; // Create new CfgMain object display_LoginPage($_SESSION["config"]); // Load Login page } ?>