function loginLDAPUser($user, $pass, $config, $domain = false)
{
$errorText = '';
$validUser = false;
//user lookup
$mysqli = $config->mysqli;
$sql_user = strtoupper($mysqli->real_escape_string($user));
$myq = "SELECT * FROM EMPLOYEE WHERE ID='" . $sql_user . "'";
$result = $mysqli->query($myq);
//show SQL error msg if query failed
if (!$result) {
throw new Exception("Database Error [{$mysqli->errno}] {$mysqli->error}");
} else {
}
//no loop, should be exactly one result
$resultAssoc = $result->fetch_assoc();
// Check user existence
if (strcasecmp($user, $resultAssoc['ID']) == 0) {
$errorText = "User Found <br />";
$admin = $resultAssoc['ADMINLVL'];
//Check LDAP status
if ($resultAssoc['isLDAP']) {
//login using LDAP Password
if ($user != "" && $pass != "") {
if ($resultAssoc['isMCO']) {
$ldap_domain = $config->ldap_MCO_domain;
$cnx = ldap_connect($config->ldap_MCO_server);
} else {
$ldap_domain = $config->domain;
$cnx = ldap_connect($config->ldap_server);
}
$ldaprdn = $user . '@' . $ldap_domain;
ldap_set_option($cnx, LDAP_OPT_PROTOCOL_VERSION, 3);
//Set the LDAP Protocol used by your AD service
ldap_set_option($cnx, LDAP_OPT_REFERRALS, 0);
//This was necessary for my AD to do anything
if (ldap_bind($cnx, $ldaprdn, $pass)) {
//Authorization success
$errorText .= " and Valid password ";
//Set Last Login
$lastLogin = new DateTime($resultAssoc['LASTLOGIN']);
$_SESSION['lastLogin'] = $lastLogin->format('m-d-Y H:i');
//Update last login
$myq = "UPDATE `PAYROLL`.`EMPLOYEE` SET `LASTLOGIN` = NOW() WHERE CONVERT(`EMPLOYEE`.`ID` USING utf8) = '" . strtoupper($user) . "' LIMIT 1;";
$mysqli = connectToSQL();
$result = $mysqli->query($myq);
//show SQL error msg if query failed
if (!$result) {
throw new Exception("Database Error [{$mysqli->errno}] {$mysqli->error}");
}
$_SESSION['userIDnum'] = $resultAssoc['IDNUM'];
$_SESSION['userName'] = $user;
$_SESSION['admin'] = $admin;
$_SESSION['validUser'] = true;
$_SESSION['isLDAP'] = true;
$_SESSION['timeout'] = time();
//session_regenerate_id();
$validUser = true;
$configNew = new Config();
$configNew->setAdmin(isset($_SESSION['admin']) ? $_SESSION['admin'] : -1);
addLog($configNew, 'Logged in to system');
echo '<meta http-equiv="refresh" content="0;url=' . $_SERVER['REQUEST_URI'] . '" />';
} else {
$errorText .= "Failed to authenticate user: "******"UPDATE `PAYROLL`.`EMPLOYEE` SET `LASTLOGIN` = NOW() WHERE CONVERT(`EMPLOYEE`.`ID` USING utf8) = '" . strtoupper($user) . "' LIMIT 1;";
$mysqli = connectToSQL();
$result = $mysqli->query($myq);
//show SQL error msg if query failed
if (!$result) {
throw new Exception("Database Error [{$mysqli->errno}] {$mysqli->error}");
}
$errorText .= " and Valid password ";
$_SESSION['userIDnum'] = $resultAssoc['IDNUM'];
$_SESSION['userName'] = $user;
$_SESSION['admin'] = $admin;
$_SESSION['validUser'] = true;
$_SESSION['isLDAP'] = false;
$_SESSION['timeout'] = time();
//session_regenerate_id();
$validUser = true;
$configNew = new Config();
$configNew->setAdmin(isset($_SESSION['admin']) ? $_SESSION['admin'] : -1);
addLog($configNew, 'Logged in to system');
echo '<meta http-equiv="refresh" content="0;url=' . $_SERVER['PHP_SELF'] . '" />';
}
}
} else {
if ($user != "" && $pass != "") {
//Attempt login and registration for Mahoning County Domain
// if(strcmp($domain, "MAHONINGCO") == 0){
$ldap_domain = $config->ldap_MCO_domain;
$cnx = ldap_connect($config->ldap_MCO_server);
// }
// else{
// $ldap_domain =$config->domain;
// $cnx = ldap_connect($config->ldap_server);
// }
$ldaprdn = $user . '@' . $ldap_domain;
ldap_set_option($cnx, LDAP_OPT_PROTOCOL_VERSION, 3);
//Set the LDAP Protocol used by your AD service
ldap_set_option($cnx, LDAP_OPT_REFERRALS, 0);
//This was necessary for my AD to do anything
if ($ldapbind = ldap_bind($cnx, $ldaprdn, $pass)) {
//Authorization success
$admin = "0";
error_reporting(E_ALL ^ E_NOTICE);
//Suppress some unnecessary messages
//Split given domain into LDAP Base DN
$temp = explode(".", $ldap_domain);
$dn = null;
foreach ($temp as $dc) {
if (empty($dn)) {
$dn = "DC=" . $dc;
} else {
$dn = $dn . ",DC=" . $dc;
}
}
// if(strcmp($domain, "MAHONINGCO") == 0)
// $dn = $config->ldap_MCO_OU.$dn;
$userToFind = $user;
$filter = "(&(objectCategory=person)(objectClass=user)";
$filter .= "(|(samaccountname=*" . $userToFind . "*)(sn=*" . $userToFind . "*)(displayname=*" . $userToFind . "*)";
$filter .= "(mail=*" . $userToFind . "*)(department=*" . $userToFind . "*)(title=*" . $userToFind . "*)))";
//Search fields
$isAuthOU = false;
$dnAppend = $dn;
foreach ($config->ldap_MCSO_OUS as $dn) {
$dn = $dn . $dnAppend;
$res = ldap_search($cnx, $dn, $filter);
$info = ldap_get_entries($cnx, $res);
if ($info['count'] > 0) {
$isAuthOU = true;
break;
}
}
$res = ldap_search($cnx, $dn, $filter);
$info = ldap_get_entries($cnx, $res);
if ($isAuthOU) {
if (strcmp($domain, "MAHONINGCO") == 0) {
registerUser($user, $pass, $pass, $admin, "1", "1");
} else {
registerUser($user, $pass, $pass, $admin, "1");
}
$idNum = getUserID($config, $user);
$myq = "UPDATE `PAYROLL`.`EMPLOYEE` SET \n `LNAME` = '" . $info[0]["sn"][0] . "',\n `FNAME` = '" . $info[0]["givenname"][0] . "'\n WHERE EMPLOYEE.IDNUM = '" . $idNum . "'";
//Perform SQL Query
$result = $mysqli->query($myq);
$errorText .= " and Valid password ";
//Set Session variables
$_SESSION['userIDnum'] = getUserID($config, $user);
$_SESSION['lastLogin'] = "******";
$_SESSION['userName'] = $user;
$_SESSION['admin'] = $admin;
$_SESSION['validUser'] = true;
$_SESSION['isLDAP'] = true;
$_SESSION['timeout'] = time();
//session_regenerate_id();
$validUser = true;
$configNew = new Config();
$configNew->setAdmin(isset($_SESSION['admin']) ? $_SESSION['admin'] : -1);
addLog($configNew, 'Logged in to system');
echo '<meta http-equiv="refresh" content="0;url=' . $_SERVER['PHP_SELF'] . '?updateProfile=true" />';
} else {
$errorText .= "WARNING! Failed to authenticate as a Sheriff user: "******"Failed to authenticate user: "******"Invalid Input: Missing Arguments";
}
if ($validUser != true) {
$errorText .= "Invalid username or password!";
} else {
$errorText = NULL;
}
return $errorText;
}
session_save_path('C:\\temp');
} else {
session_save_path('/var/www/sessions');
}
//linux server
session_start();
//Database related fucntions
require_once 'bin/db_sqli.php';
//User Based Files
require_once 'bin/db_config.php';
require_once 'bin/db_usr_menu.php';
require_once 'bin/usr_functions.php';
require_once 'bin/usr_display.php';
//Class Declarations for User Based Control
$config = new Config();
$config->setAdmin(isset($_SESSION['admin']) ? $_SESSION['admin'] : -1);
//Content Based Files
require_once 'bin/wts_content.php';
require_once 'bin/wts_content_class.php';
//Class Declarations for Content Based Control
$wts_content = new wts_content();
//Announcements with Admin backend
require_once 'bin/wts_announce.php';
//Searching
require_once 'bin/wts_search.php';
require_once 'bin/WTS_Classes/Employee.php';
//Time gain/use (leave) request functions
require_once 'bin/time_request_functions.php';
include_once 'bin/Modules/TimeRequests/request_gui.php';
//WTS Logs
//Secondary Employment Logs
function expungeRequest($mysqli, $referNum, $unExpunge = false, $delBtnIndex = false, $totalRows = false, $extraInputs = '')
{
$confirmBtn = isset($_POST['confirmBtn']) ? true : false;
if ($unExpunge) {
if (!isset($_POST['okBtn'])) {
$myq = "UPDATE REQUEST \r\n SET STATUS='PENDING'\r\n WHERE REFER=" . $mysqli->real_escape_string($referNum);
$result = $mysqli->query($myq);
if (!SQLerrorCatch($mysqli, $result, $myq, $debug = false)) {
$configNew = new Config();
$configNew->setAdmin(isset($_SESSION['admin']) ? $_SESSION['admin'] : -1);
popUpMessage('Request ' . $referNum . ' Has been placed back into PENDING State.
<div align="center"><form method="POST">
' . $extraInputs . '
<input type="submit" name="okBtn" value="OK" />
</form></div>');
addLog($configNew->mysqli, 'UnExpunged Time Request with Ref# ' . $referNum);
}
}
} else {
if ($confirmBtn && !empty($_POST['expungedReason']) && $_SESSION['admin']) {
$myq = "UPDATE REQUEST \r\n SET STATUS='EXPUNGED',\r\n HRAPP_ID='0',\r\n EX_REASON='" . $mysqli->real_escape_string($_POST['expungedReason']) . "',\r\n AUDITID='" . $mysqli->real_escape_string($_SESSION['userIDnum']) . "',\r\n IP= INET_ATON('" . $mysqli->real_escape_string($_SERVER['REMOTE_ADDR']) . "')\r\n WHERE REFER='" . $mysqli->real_escape_string($referNum) . "'";
$result = $mysqli->query($myq);
if (!SQLerrorCatch($mysqli, $result, $myq, $debug = false)) {
$configNew = new Config();
$configNew->setAdmin(isset($_SESSION['admin']) ? $_SESSION['admin'] : -1);
addLog($configNew, 'Expunged Time Request with Ref# ' . $referNum);
popUpMessage('Request ' . $referNum . ' expunged.
<div align="center"><form method="POST" action="' . $_SERVER['REQUEST_URI'] . '">
' . $extraInputs . '
<input type="submit" name="okBtn" value="OK" />
</form></div>');
}
} else {
if (!isset($_POST['okBtn'])) {
$result = "";
if (isset($_POST['expungedReason'])) {
if (empty($_POST['expungedReason'])) {
$result = '<font color="red">Requires a Reason</font><br/>';
}
}
$echo = '<div align="center"><form method="POST" action="' . $_SERVER['REQUEST_URI'] . '">
<input name="deleteBtn' . $delBtnIndex . '" type="hidden" value="' . $referNum . '" />
<input type="hidden" name="totalRows" value="' . $totalRows . '" />
Request ' . $referNum . ' to be expunged<br/> ' . $result . '
Reason:<textarea name="expungedReason"></textarea><br/>
<input type="submit" name="confirmBtn" value="CONFIRM EXPUNGE" />
<input type="submit" name="okBtn" value="CANCEL" />
' . $extraInputs . '
</form></div>';
popUpMessage($echo);
}
}
}
}
<?php require_once '../config.php'; require_once '../extern/password.php'; Config::setAdmin(); $dbConnection = Config::getConnection(); require_once 'validate.php'; session_start();
