<?php /* * This example is simply an example of how a provisioning page may look * which includes such funcationality as createing users, initialising their * data, create a token for them, testing the token and resyncing it as needed * */ // Require our php libraries require_once "token.php"; require_once "dbfunctions.php"; require_once "input.php"; // now lets get an instance of our class $myga = new myGA(); global $myga; // this part of the page resonds to user input processInput(); ?> <html> <h1>Welcome to GA Provisioning!</h1> <?php // in this part of the code we look for "success" or "fail" things if (isset($_REQUEST["success"])) { echo "<br><font color=\"green\">" . $_REQUEST["success"] . "</font><br>"; } if (isset($_REQUEST["failure"])) { echo "<br><font color=\"red\">" . $_REQUEST["failure"] . "</font><br>"; } ?>
* the data is not a bad idea. The key for the encrypted data can be very long * and very random as its not designed for user interaction, though it should be * backed up occasionally */ // set these $host = ""; // for eg "1.2.3.4" $binduser = ""; // for eg "administrator" $bindpass = ""; // for eg "password" $basecn = ""; // for eg "CN=users, DC=google, dc=com" //require our GoogleAuthenticator sub classed class require_once "extend.php"; $myga = new myGA(); // this is here so i can keep my atributes somewhere in the tree and not have them float around on git/svn if (file_exists("../../../../.dontappearingitandsvn.php")) { require_once "../../../../.dontappearingitandsvn.php"; } $error = false; // first, lets bind our AD with out management creds error_log("host is {$host}"); $dsconnect = ldap_connect("{$host}", 389); // we mark it global so we can get it in our class global $dsconnect, $host, $binduser, $bindpass, $basecn; if (!$dsconnect) { $error = true; $errorText = "Can't Connect to AD"; } $ldapbind = ldap_bind($dsconnect, "{$binduser}", "{$bindpass}");
/* * This example rely's on the provisioning example, you must first create accounts in the provisioning * example then use them here. * * This example is solely an example of how a login page might look and/or work * * If a user doesnt have a token assigned, they wont require it on the login page. This is an example * of when your allowing the user to increase security of their OWN account, not the security of the * site as such. * */ require_once "../provisioning/dbfunctions.php"; require_once "../provisioning/token.php"; session_start(); $myga = new myGA(); // check if we're logged in if (isset($_SESSION["loginname"])) { if ($_SESSION["loginname"] != "") { // handle logout if (isset($_REQUEST["logout"])) { error_log("session killer"); unset($_SESSION["loginname"]); header("Location: index.php"); return; } // display the logged in page displayLogedInPage(); return; } }