LDAPAccountManager/lam/templates/login.php

250 lines
7.1 KiB
PHP

<?php
/*
$Id$
This code is part of LDAP Account Manager (http://www.sourceforge.net/projects/lam)
Copyright (C) 2003 Michael Duergner
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
LDAP Account Manager checking login datas.
*/
include_once("../lib/config.inc"); // Include config.inc which provides Config class
session_save_path("../sess"); // Set session save path
@session_start(); // Start LDAP Account Manager session
function display_LoginPage($config_object)
{
global $error_message;
// generate 256 bit key and initialization vector for user/passwd-encryption
$key = mcrypt_create_iv(32, MCRYPT_DEV_RANDOM);
$iv = mcrypt_create_iv(32, MCRYPT_DEV_RANDOM);
// save both in cookie
setcookie("Key", base64_encode($key), 0, "/");
setcookie("IV", base64_encode($iv), 0, "/");
session_register("language");
$_SESSION["language"] = $config_object->get_defaultLanguage();
// loading available languages from language.conf file
$languagefile = "../config/language.conf";
if(is_file($languagefile) == True)
{
$file = fopen($languagefile, "r");
$i = 0;
while(!feof($file))
{
$line = fgets($file, 1024);
if($line == "" || $line == "\n" || $line[0] == "#") continue; // ignore comment and empty lines
$value = explode(":", $line);
$languages[$i]["link"] = $value[0] . ":" . $value[1];
$languages[$i]["descr"] = $value[2];
if(rtrim($line) == $_SESSION["language"])
{
$languages[$i]["default"] = "YES";
}
else
{
$languages[$i]["default"] = "NO";
}
$i++;
}
fclose($file);
}
else
{
$message = _("Unable to load available languages. Setting English as default language. For further instructions please contact the Admin of this site.");
}
setlanguage(); // setting correct language
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">
<html>
<head>
<title>
";
echo "LDAP Account Manager -Login-";
echo "
</title>
<link rel=\"stylesheet\" type=\"text/css\" href=\"../style/layout.css\">
</head>
<body>
<p align=\"center\"><img src=\"../graphics/banner.jpg\" border=\"1\"></p>
<table width=\"100%\" border=\"0\">
<tr>
<td width=\"100%\" align=\"right\">
<a href=\"./config/conflogin.php\" target=\"_self\">";
echo _("Configuration Login");
echo "
</a>
</td>
</tr>
</table>
<hr><br><br>
<b><p align=\"center\">";
echo _("Enter Username and Password for Account:");
echo "
</b></p>";
if($error_message != "")
{
echo "<p align=\"center\">";
echo $error_message;
echo "</p>";
}
echo "
<form action=\"login.php\" method=\"post\">
<input type=\"hidden\" name=\"action\" value=\"checklogin\">
<table width=\"500\" align=\"center\" border=\"0\">
<tr>
<td width=\"45%\" align=\"right\">";
echo _("Username:");
echo "
</td>
<td width=\"10%\">
</td>
<td width=\"45%\" align=\"left\">
<select name=\"username\" size=\"1\">";
for($i = 0; $i < count($config_object->Admins); $i++)
{
$text = explode(",", $config_object->Admins[$i]);
$text = explode("=", $text[0]);
echo "<option value=\"" . $config_object->Admins[$i] . "\">" . $text[1] . "</option>";
}
echo "
</select>
</td>
</tr>
<tr>
<td width=\"45%\" align=\"right\">";
echo _("Password:");
echo "
</td>
<td width=\"10%\">
</td>
<td width=\"45%\" align=\"left\">
<input type=\"password\" name=\"passwd\">
</td>
</tr>
<tr>";
if($message != "")
{
echo " <td width=\"100%\" colspan=\"3\" align=\"center\">";
echo $message;
echo " <input type=\"hidden\" name=\"language\" value=\"english\">
</td>";
}
else
{
echo " <td width=\"45%\" align=\"right\">";
echo _("Your Language:");
echo "
</td>
<td width=\"10%\">
</td>
<td width=\"45%\" align=\"left\">
<select name=\"language\" size=\"1\">";
for($i = 0; $i < count($languages); $i++)
{
if($languages[$i]["default"] == "YES")
{
echo "<option selected value=\"" . $languages[$i]["link"] . ":" . $languages[$i]["descr"] . "\">" . $languages[$i]["descr"] . "</option>";
}
else
{
echo "<option value=\"" . $languages[$i]["link"] . ":" . $languages[$i]["descr"] . "\">" . $languages[$i]["descr"] . "</option>";
}
}
echo " </select>
</td>";
}
echo "
</tr>
<tr>
<td width=\"100%\" colspan=\"3\" align=\"center\">
<input type=\"submit\" name=\"submit\" value=\"";
echo _("Login") . "\">";
echo "
</td>
</tr>
</table>
<br><br><br>
<table width=\"310\" align=\"center\" bgcolor=\"#C7E7C7\" border=\"0\">
<tr>
<td width=\"100%\" align=\"center\">";
echo _("You are connecting to the server specified below:");
echo "
</td>
</tr>
<tr>
<td><br></td>
</tr>
<tr>
<td width=\"100%\" align=\"center\">
ServerURL: <b>";
echo $config_object->get_ServerURL();
echo "
</b></td>
</tr>
</table>
</form>
</body>
</html>";
}
// checking if the submitted username/password is correct.
if($_POST['action'] == "checklogin")
{
include_once("../lib/ldap.inc"); // Include ldap.php which provides Ldap class
$ldap = new Ldap($_SESSION['config']); //$config); // Create new Ldap object
$result = $ldap->connect($_POST['username'],$_POST['passwd']); // Connect to LDAP server for verifing username/password
if($result == True) // Username/password correct. Do some configuration and load main frame.
{
$_SESSION["language"] = $_POST["language"]; // Write selected language in session
session_register("ldap"); // Register $ldap object in session
include("./main.php"); // Load main frame
}
else
{
if($ldap->server)
{
$error_message = _("Wrong Password/Username combination. Try again.");
display_LoginPage($_SESSION['config']); // Username/password invalid. Return to login page.
}
else
{
$error_message = _("Cannot connect to specified LDAP-Server. Try again.");
display_LoginPage($_SESSION['config']); // Username/password invalid. Return to login page.
}
}
}
// Load login page
else
{
session_register("config"); // Register $config object in session
$config = new Config; // Create new Config object
display_LoginPage($config); // Load Login page
}
?>