function change(){
if(strlen(trim($_POST["change_password"]))>1){
$sock=new sockets();
$sock->SET_INFO("RootPasswordChanged", 1);
$change_password=url_decode_special($_POST["change_password"]);
include_once(dirname(__FILE__))."/ressources/class.samba.inc";
$smb=new samba();
$smb->createRootID($change_password);
}
}
function Save()
{
ini_set('display_errors', 1);
ini_set('error_reporting', E_ALL);
ini_set('error_prepend_string', null);
ini_set('error_append_string', null);
$sock = new wifidog_settings($_POST["ruleid"]);
unset($_POST["ruleid"]);
while (list($key, $value) = each($_POST)) {
$value = url_decode_special($value);
$sock->SET_INFO($key, $value);
}
}
function change()
{
if (strlen(trim($_POST["change_password"])) > 1) {
$sock = new sockets();
$sock->SET_INFO("RootPasswordChanged", 1);
writelogs(" -> nsswitch ", __FUNCTION__, __FILE__, __LINE__);
$sock->getFrameWork("services.php?nsswitch=yes");
$change_password = url_decode_special($_POST["change_password"]);
$changeRootPasswd = urlencode(base64_encode($change_password));
writelogs(" -> services.php?changeRootPasswd= ", __FUNCTION__, __FILE__, __LINE__);
$sock->getFrameWork("services.php?changeRootPasswd={$changeRootPasswd}");
include_once dirname(__FILE__) . "/ressources/class.samba.inc";
$smb = new samba();
$smb->createRootID($change_password);
}
}
function change()
{
$sock = new sockets();
$nsswitchEnableLdap = intval($sock->GET_INFO("nsswitchEnableLdap"));
if (strpos(" {$_POST["change_password"]}", ":") > 0) {
echo "`:` not supported !\n";
return;
}
if (strlen(trim($_POST["change_password"])) > 1) {
$_POST["change_password"] = url_decode_special_tool($_POST["change_password"]);
if ($nsswitchEnableLdap == 1) {
include_once dirname(__FILE__) . "/ressources/class.samba.inc";
$smb = new samba();
if (!$smb->createRootID($_POST["change_password"])) {
return;
}
}
$sock->SET_INFO("RootPasswordChanged", 1);
$change_password = url_decode_special($_POST["change_password"]);
$changeRootPasswd = base64_encode($change_password);
writelogs(" -> services.php?changeRootPasswd= ", __FUNCTION__, __FILE__, __LINE__);
echo base64_decode($sock->getFrameWork("services.php?changeRootPasswd={$changeRootPasswd}&pass={$changeRootPasswd}"));
}
}
function ChangeUserPassword()
{
include_once 'ressources/class.main_cf.inc';
include_once 'ressources/class.main_cf_filtering.inc';
include_once 'ressources/class.squid.inc';
include_once 'ressources/class.samba.inc';
include_once 'ressources/class.httpd.inc';
$sock = new sockets();
$tpl = new templates();
$ERROR_NO_PRIVS = $tpl->_ENGINE_parse_body("{ERROR_NO_PRIVS}");
if ($_SESSION["uid"] != '-100') {
echo $ERROR_NO_PRIVS;
return;
}
if ($sock->GET_INFO("ArticaMetaDisableMasterAccount") == 1) {
echo $ERROR_NO_PRIVS;
return;
}
$users = new usersMenus();
$username = trim($_POST["change_admin"]);
$password = url_decode_special($_POST["change_password"]);
$md5 = md5($username . $password);
$ldap = new clladp();
$md52 = md5(trim($ldap->ldap_admin) . trim($ldap->ldap_password));
$tpl = new templates();
$ldap_server = $_POST["ldap_server"];
$ldap_port = $_POST["ldap_port"];
$suffix = $_POST["suffix"];
$change_ldap_server_settings = $_POST["change_ldap_server_settings"];
if ($change_ldap_server_settings != 'yes') {
$change_ldap_server_settings = "no";
}
writelogs("change_password {$password}", __FUNCTION__, __FILE__, __LINE__);
$password = base64_encode($password);
writelogs("change_password {$password}", __FUNCTION__, __FILE__, __LINE__);
if ($ldap_server == null) {
$ldap_server = "127.0.0.1";
}
if ($ldap_port == null) {
$ldap_port = "389";
}
if ($suffix == null) {
$suffix = "dc=nodomain";
}
$username = urlencode($username);
$password = urlencode($password);
$cmd = "cmd.php?ChangeLDPSSET=yes&ldap_server={$ldap_server}&ldap_port={$ldap_port}&suffix={$suffix}";
$cmd = $cmd . "&change_ldap_server_settings={$change_ldap_server_settings}&username={$username}&password={$password}";
$datas = $sock->getFrameWork("{$cmd}");
echo replace_accents(html_entity_decode($tpl->_ENGINE_parse_body("{success}:{$ldap_server}:{$ldap_port} ({$suffix})\n{$username}\n-------\"\"------")));
}
function logon()
{
include "ressources/settings.inc";
$sock = new sockets();
$_POST["artica_password"] = url_decode_special($_POST["artica_password"]);
writelogs("Testing logon....{$_POST["artica_username"]}", __FUNCTION__, __FILE__, __LINE__);
writelogs("Testing logon.... password:{$_POST["artica_password"]}", __FUNCTION__, __FILE__, __LINE__);
$_COOKIE["artica-language"] = $_POST["lang"];
$FileCookyKey = md5($_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"]);
$sock->SET_INFO($FileCookyKey, $_POST["Changelang"]);
$socks = new sockets();
if (!$socks->TestArticaPort()) {
if (is_file("ressources/logs/boa.start")) {
$boa_error = file_get_contents("ressources/logs/boa.start");
}
echo "Unable to connect to Artica daemon port:{$boa_error}";
exit;
}
while (list($index, $value) = each($_SERVER)) {
$notice[] = "{$index}:{$value}";
}
if ($_POST["artica_username"] == $_GLOBAL["ldap_admin"]) {
if ($_POST["artica_password"] != $_GLOBAL["ldap_password"]) {
writelogs("Testing logon.... password:{$_POST["artica_password"]}!==\"{$_GLOBAL["ldap_password"]}\"", __FUNCTION__, __FILE__, __LINE__);
artica_mysql_events("Failed to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]}", @implode("\n", $notice), "security", "security");
echo "bad password";
return null;
} else {
artica_mysql_events("Success to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]} as SuperAdmin", @implode("\n", $notice), "security", "security");
//session_start();
$_SESSION["uid"] = '-100';
$_SESSION["groupid"] = '-100';
$_SESSION["passwd"] = $_POST["artica_password"];
$_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}";
setcookie("artica-language", $_POST["lang"], time() + 172800);
$_SESSION["detected_lang"] = $_POST["lang"];
$_SESSION["privileges"]["ArticaGroupPrivileges"] = '
[AllowAddGroup]="yes"
[AllowAddUsers]="yes"
[AllowChangeKav]="yes"
[AllowChangeKas]="yes"
[AllowChangeUserPassword]="yes"
[AllowEditAliases]="yes"
[AllowEditAsWbl]="yes"
[AsSystemAdministrator]="yes"
[AsPostfixAdministrator]="yes"
[AsArticaAdministrator]="yes"
';
$tpl = new templates();
echo "location:admin.index.php";
exit;
}
}
writelogs('This is not Global admin, so test user...', __FUNCTION__, __FILE__);
$u = new user($_POST["artica_username"]);
$userPassword = $u->password;
if (trim($u->uidNumber) == null) {
writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__);
echo "Unknown user";
return null;
}
if (trim($_POST["artica_password"]) == trim($userPassword)) {
$ldap = new clladp();
$users = new usersMenus();
$privs = new privileges($u->uid);
$privileges_array = $privs->privs;
setcookie("mem-logon-user", $_POST["artica_username"], time() + 172800);
$_SESSION["privileges_array"] = $privs->privs;
$_SESSION["privs"] = $privileges_array;
$_SESSION["OU_LANG"] = $privileges_array["ForceLanguageUsers"];
$_SESSION["uid"] = $_POST["artica_username"];
$_SESSION["passwd"] = $_POST["artica_password"];
$_SESSION["privileges"]["ArticaGroupPrivileges"] = $privs->content;
$_SESSION["groupid"] = $ldap->UserGetGroups($_POST["artica_username"], 1);
$_SESSION["DotClearUserEnabled"] = $u->DotClearUserEnabled;
$_SESSION["MailboxActive"] = $u->MailboxActive;
$_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}";
$_SESSION["ou"] = $u->ou;
$_SESSION["UsersInterfaceDatas"] = trim($u->UsersInterfaceDatas);
$lang = new articaLang();
writelogs("[{$_POST["artica_username"]}]: Default organization language={$_SESSION["OU_LANG"]}", __FUNCTION__, __FILE__);
if (trim($_SESSION["OU_LANG"]) != null) {
$_SESSION["detected_lang"] = $_SESSION["OU_LANG"];
setcookie("artica-language", $_SESSION["OU_LANG"], time() + 172800);
} else {
setcookie("artica-language", $_POST["lang"], time() + 172800);
$_SESSION["detected_lang"] = $lang->get_languages();
}
$users->_TranslateRights($privileges_array, true);
if (!$users->IfIsAnuser(true)) {
artica_mysql_events("Success to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]} as User", @implode("\n", $notice), "security", "security");
writelogs("[{$_POST["artica_username"]}]: This is not an user =>admin.index.php", __FUNCTION__, __FILE__);
echo "location:admin.index.php";
return null;
}
writelogs("[{$_POST["artica_username"]}]: IS AN USER =>../user-backup/logon.php", __FUNCTION__, __FILE__);
$tpl = new templates();
$array["USERNAME"] = $_POST["artica_username"];
$array["PASSWORD"] = md5($_POST["artica_username"]);
$credentials = base64_encode(serialize($array));
artica_mysql_events("Success to redirect on the end-user management console from {$_SERVER["REMOTE_HOST"]} as User", @implode("\n", $notice), "security", "security");
echo "location:../user-backup/logon.php?credentials={$credentials}";
return null;
exit;
} else {
writelogs("[{$_POST["artica_username"]}]: The password typed is not the same in ldap database...", __FUNCTION__, __FILE__);
artica_mysql_events("Failed to logon on the management console as user from {$_SERVER["REMOTE_HOST"]} (bad password)", @implode("\n", $notice), "security", "security");
echo "bad password";
return null;
}
}
function logon()
{
include "ressources/settings.inc";
$sock = new sockets();
$_POST["artica_password"] = url_decode_special($_POST["artica_password"]);
writelogs("Testing logon....{$_POST["artica_username"]}", __FUNCTION__, __FILE__, __LINE__);
writelogs("Testing logon.... password:{$_POST["artica_password"]}", __FUNCTION__, __FILE__, __LINE__);
$_COOKIE["artica-language"] = $_POST["lang"];
$FileCookyKey = md5($_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"]);
$sock->SET_INFO($FileCookyKey, $_POST["Changelang"]);
$FixedLanguage = $sock->GET_INFO("FixedLanguage");
$q = new mysql_squid_builder();
$langAutodetect = new articaLang();
unset($_SESSION);
$DetectedLanguage = $langAutodetect->get_languages();
if ($GLOBALS["DEBUG_TEMPLATE"]) {
error_log("[{$_SESSION["uid"]}]::LANGUAGE: _SESSION[detected_lang]=`{$DetectedLanguage}` function:" . __FUNCTION__ . " in " . basename(__FILE__) . " line " . __LINE__);
}
$GLOBALS["FIXED_LANGUAGE"] = $DetectedLanguage;
$tpl = new templates();
$tpl->language = $DetectedLanguage;
$page = CurrentPageName();
$md5submitted = $_POST["artica_password"];
$_POST["artica_username"] = trim(strtolower($_POST["artica_username"]));
$sql = "SELECT userid,user_password,email,enabled FROM usersisp WHERE email='{$_POST["artica_username"]}' ORDER BY enabled DESC";
$ligne = @mysql_fetch_array($q->QUERY_SQL($sql));
error_log("[{$_SESSION["uid"]}]::{$sql} ({$q->mysql_error}) function:" . __FUNCTION__ . " in " . __FILE__ . " line " . __LINE__);
if (!is_numeric($ligne["userid"])) {
$ligne["userid"] = 0;
}
if ($ligne["userid"] == 0) {
echo $tpl->javascript_parse_text("{unknown_user}");
die;
}
if ($ligne["enabled"] == 0) {
echo $tpl->javascript_parse_text("{account_disabled}");
die;
}
if ($ligne["user_password"] != $md5submitted) {
if ($GLOBALS["DEBUG_TEMPLATE"]) {
error_log("[{$_SESSION["uid"]}]::LANG:[{$_SESSION["detected_lang"]}]:: `{$ligne["user_password"]}` did not match submited `{$md5submitted}` function:" . __FUNCTION__ . " in " . basename(__FILE__) . " line " . __LINE__);
}
echo $tpl->javascript_parse_text("{failed_login}");
die;
}
while (list($index, $value) = each($_SERVER)) {
$notice[] = "{$index}:{$value}";
}
if (trim($FixedLanguage) != null) {
$_POST["lang"] = $FixedLanguage;
}
artica_mysql_events("Success to logon on the Artica End-user Web proxy console from {$_SERVER["REMOTE_HOST"]} as {$_POST["artica_username"]}", @implode("\n", $notice), "security", "security");
session_start();
$_SESSION["uid"] = $ligne["userid"];
$_SESSION["groupid"] = '0';
$_SESSION["email"] = $_POST["artica_username"];
$_SESSION["passwd"] = $md5submitted;
$_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}";
setcookie("artica-language", $_POST["lang"], time() + 172800);
$_SESSION["detected_lang"] = $_POST["lang"];
if ($GLOBALS["DEBUG_TEMPLATE"]) {
error_log("[{$_SESSION["uid"]}]::LANGUAGE: _SESSION[detected_lang]=`{$_SESSION["detected_lang"]}` function:" . __FUNCTION__ . " in " . basename(__FILE__) . " line " . __LINE__);
}
$_SESSION["privileges"]["ArticaGroupPrivileges"] = '
[AllowAddGroup]="no"
[AllowAddUsers]="no"
[AllowChangeKav]="no"
[AllowChangeKas]="no"
[AllowChangeUserPassword]="no"
[AllowEditAliases]="no"
[AllowEditAsWbl]="no"
[AsSystemAdministrator]="no"
[AsPostfixAdministrator]="no"
[AsArticaAdministrator]="no"
';
$arraySession["email"] = $_POST["artica_username"];
$arraySession["uid"] = $ligne["userid"];
$tpl = new templates();
error_log("[{$_SESSION["uid"]}]::uid:`{$_SESSION["uid"]}` -> squid.users.index.php function:" . __FUNCTION__ . " in " . basename(__FILE__) . " line " . __LINE__);
$sessionDatas = base64_encode(serialize($arraySession));
if ($GLOBALS["DEBUG_TEMPLATE"]) {
error_log("[{$_SESSION["uid"]}]::FINISH:LANG:[{$_SESSION["detected_lang"]}] => language: _COOKIE=`{$_COOKIE["artica-language"]}` _SESSION=`{$_SESSION["detected_lang"]}` function:" . __FUNCTION__ . " in " . basename(__FILE__) . " line " . __LINE__);
}
echo "location:squid.users.index.php?phpsess={$sessionDatas}";
die;
}
function ChangeUserPassword()
{
include_once 'ressources/class.main_cf.inc';
include_once 'ressources/class.main_cf_filtering.inc';
include_once 'ressources/class.squid.inc';
include_once 'ressources/class.samba.inc';
include_once 'ressources/class.httpd.inc';
if ($_SESSION["uid"] != '-100') {
echo "{error privileges}";
}
$users = new usersMenus();
$username = trim($_POST["change_admin"]);
$password = url_decode_special($_POST["change_password"]);
$md5 = md5($username . $password);
$ldap = new clladp();
$md52 = md5(trim($ldap->ldap_admin) . trim($ldap->ldap_password));
$tpl = new templates();
$ldap_server = $_POST["ldap_server"];
$ldap_port = $_POST["ldap_port"];
$suffix = $_POST["suffix"];
$change_ldap_server_settings = $_POST["change_ldap_server_settings"];
if ($change_ldap_server_settings != 'yes') {
$change_ldap_server_settings = "no";
}
$sock = new sockets();
writelogs("change_password {$password}", __FUNCTION__, __FILE__, __LINE__);
$password = base64_encode($password);
writelogs("change_password {$password}", __FUNCTION__, __FILE__, __LINE__);
$cmd = "cmd.php?ChangeLDPSSET=yes&ldap_server={$ldap_server}&ldap_port={$ldap_port}&suffix={$suffix}";
$cmd = $cmd . "&change_ldap_server_settings={$change_ldap_server_settings}&username={$username}&password={$password}";
$datas = $sock->getFrameWork("{$cmd}");
echo replace_accents(html_entity_decode($tpl->_ENGINE_parse_body("{success}:{$ldap_server}:{$ldap_port} ({$suffix})\n{$username}\n-------\"\"------")));
}
function logon()
{
include "ressources/settings.inc";
$_POST["artica_password"] = url_decode_special($_POST["artica_password"]);
writelogs("Testing logon....{$_POST["artica_username"]}", __FUNCTION__, __FILE__, __LINE__);
writelogs("Testing logon.... password:{$_POST["artica_password"]}", __FUNCTION__, __FILE__, __LINE__);
$_COOKIE["artica-language"] = $_POST["lang"];
$socks = new sockets();
if (!$socks->TestArticaPort()) {
if (is_file("ressources/logs/boa.start")) {
$boa_error = file_get_contents("ressources/logs/boa.start");
}
echo "Unable to connect to Artica daemon port:{$boa_error}";
exit;
}
if ($_POST["artica_username"] == $_GLOBAL["ldap_admin"]) {
if ($_POST["artica_password"] != $_GLOBAL["ldap_password"]) {
echo "bad password";
return null;
} else {
//session_start();
$_SESSION["uid"] = '-100';
$_SESSION["groupid"] = '-100';
$_SESSION["passwd"] = $_POST["artica_password"];
setcookie("artica-language", $_POST["lang"], time() + 172800);
$_SESSION["detected_lang"] = $_POST["lang"];
$_SESSION["privileges"]["ArticaGroupPrivileges"] = '
[AllowAddGroup]="yes"
[AllowAddUsers]="yes"
[AllowChangeKav]="yes"
[AllowChangeKas]="yes"
[AllowChangeUserPassword]="yes"
[AllowEditAliases]="yes"
[AllowEditAsWbl]="yes"
[AsSystemAdministrator]="yes"
[AsPostfixAdministrator]="yes"
[AsArticaAdministrator]="yes"
';
$tpl = new templates();
echo "location:admin.index.php";
exit;
}
}
writelogs('This is not Global admin, so test user...', __FUNCTION__, __FILE__);
$u = new user($_POST["artica_username"]);
$userPassword = $u->password;
if (trim($u->uidNumber) == null) {
writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__);
echo "Unknown user";
return null;
}
if (trim($_POST["artica_password"]) == trim($userPassword)) {
$ldap = new clladp();
$ouprivs = $ldap->_Get_privileges_ou($u->uid, $u->ou);
$privileges = $ldap->_Get_privileges_userid($_POST["artica_username"]);
$_SESSION["OU_LANG"] = $ouprivs["ForceLanguageUsers"];
$_SESSION["uid"] = $_POST["artica_username"];
$_SESSION["passwd"] = $_POST["artica_password"];
$_SESSION["privileges"]["ArticaGroupPrivileges"] = $privileges;
$_SESSION["groupid"] = $ldap->UserGetGroups($_POST["artica_username"], 1);
$_SESSION["DotClearUserEnabled"] = $u->DotClearUserEnabled;
$_SESSION["MailboxActive"] = $u->MailboxActive;
$_SESSION["ou"] = $u->ou;
$_SESSION["UsersInterfaceDatas"] = trim($u->UsersInterfaceDatas);
$lang = new articaLang();
writelogs("default organization language={$_SESSION["OU_LANG"]}", __FUNCTION__, __FILE__);
if (trim($_SESSION["OU_LANG"]) != null) {
$_SESSION["detected_lang"] = $_SESSION["OU_LANG"];
setcookie("artica-language", $_SESSION["OU_LANG"], time() + 172800);
} else {
setcookie("artica-language", $_POST["lang"], time() + 172800);
$_SESSION["detected_lang"] = $lang->get_languages();
}
$users = new usersMenus();
$privileges_array = $users->_ParsePrivieleges($privileges);
$users->_TranslateRights($privileges_array, true);
if (!$users->IfIsAnuser(true)) {
writelogs('This is not an user =>admin.index.php ', __FUNCTION__, __FILE__);
echo "location:admin.index.php";
return null;
}
writelogs('IT IS AN USER =>../user-backup/logon.php ', __FUNCTION__, __FILE__);
$tpl = new templates();
$array["USERNAME"] = $_POST["artica_username"];
$array["PASSWORD"] = md5($_POST["artica_username"]);
$credentials = base64_encode(serialize($array));
echo "location:../user-backup/logon.php?credentials={$credentials}";
return null;
exit;
} else {
writelogs("The passord typed is not the same in ldap database...", __FUNCTION__, __FILE__);
echo "bad password";
return null;
}
}
function logon()
{
include "ressources/settings.inc";
include_once 'ressources/class.sockets.inc';
include_once 'ressources/class.ldap.inc';
include_once 'ressources/class.user.inc';
include_once 'ressources/class.langages.inc';
$sock = new sockets();
$tpl = new templates();
$_POST["artica_password"] = url_decode_special($_POST["artica_password"]);
writelogs("Testing logon....{$_POST["artica_username"]}", __FUNCTION__, __FILE__, __LINE__);
//writelogs("Testing logon.... password:{$_POST["artica_password"]}",__FUNCTION__,__FILE__,__LINE__);
$_COOKIE["artica-language"] = $_POST["lang"];
$FileCookyKey = md5($_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"]);
$sock->SET_INFO($FileCookyKey, $_POST["Changelang"]);
if (!isset($GLOBALS["FixedLanguage"])) {
$GLOBALS["FixedLanguage"] = $sock->GET_INFO("FixedLanguage");
}
$VIA_API = false;
if (isset($_POST["VIA_API"])) {
$VIA_API = true;
}
if ($_SESSION["uid"] != null) {
if (!$VIA_API) {
echo "location:admin.index.php";
return;
}
}
$socks = new sockets();
while (list($index, $value) = each($_SERVER)) {
$notice[] = "{$index}:{$value}";
}
if ($_GLOBAL["ldap_admin"] == null) {
$sock->getFrameWork("services.php?process1-tenir=yes?MyCURLTIMEOUT=120");
include "ressources/settings.inc";
}
if ($_GLOBAL["ldap_admin"] == null) {
if ($VIA_API) {
echo "FALSE";
return;
}
$tpl = new templates();
echo $tpl->javascript_parse_text("{ldap_username_corrupt_text}");
return null;
}
$md5submitted = $_POST["artica_password"];
if ($VIA_API) {
$md5submitted = md5($_POST["artica_password"]);
}
$md5Manager = md5(trim($_GLOBAL["ldap_password"]));
if (trim($GLOBALS["FixedLanguage"]) != null) {
$_POST["lang"] = $GLOBALS["FixedLanguage"];
}
$trimed_artica_username = trim(strtolower($_POST["artica_username"]));
$trimed_ldap_admin = trim(strtolower($_GLOBAL["ldap_admin"]));
writelogs("Manager -> {$trimed_artica_username} ?=== {$trimed_ldap_admin}", _FUNCTION__, __FILE__, __LINE__);
if ($trimed_artica_username == $trimed_ldap_admin) {
writelogs("Manager: `YES`", __FUNCTION__, __FILE__, __LINE__);
if ($md5Manager != $md5submitted) {
$tpl = new templates();
//writelogs("Testing logon.... password:{$_POST["artica_password"]}!==\"{$_GLOBAL["ldap_password"]}\"",__FUNCTION__,__FILE__,__LINE__);
artica_mysql_events("Failed to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]}", @implode("\n", $notice), "security", "security");
if ($VIA_API) {
echo "FALSE";
return;
}
echo $tpl->javascript_parse_text("{wrong_password_or_username}");
return null;
} else {
$users = new usersMenus();
artica_mysql_events("Success to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]} as SuperAdmin", @implode("\n", $notice), "security", "security");
//session_start();
$_SESSION["uid"] = '-100';
$_SESSION["groupid"] = '-100';
$_SESSION["passwd"] = $_GLOBAL["ldap_password"];
$_SESSION["MINIADM"] = false;
setcookie("MINIADM", "No", time() + 1000);
$_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}";
setcookie("artica-language", $_POST["lang"], time() + 172800);
$_SESSION["detected_lang"] = $_POST["lang"];
$_SESSION["CORP"] = $users->CORP_LICENSE;
$_SESSION["privileges"]["ArticaGroupPrivileges"] = '
[AllowAddGroup]="yes"
[AllowAddUsers]="yes"
[AllowChangeKav]="yes"
[AllowChangeKas]="yes"
[AllowChangeUserPassword]="yes"
[AllowEditAliases]="yes"
[AllowEditAsWbl]="yes"
[AsSystemAdministrator]="yes"
[AsPostfixAdministrator]="yes"
[AsArticaAdministrator]="yes"
[AsArticaMetaAdmin]="yes"
';
if ($VIA_API) {
writelogs("VIA API = TRUE -> BUILD SESSION", _FUNCTION__, __FILE__, __LINE__);
BuildSession($_SESSION["uid"]);
echo "TRUE";
return;
}
$tpl = new templates();
$sock->getFrameWork("squid.php?clean-catz-cache=yes");
writelogs("OK it is a global admin -> location:admin.index.php", _FUNCTION__, __FILE__, __LINE__);
echo "location:admin.index.php";
exit;
}
}
$ldap = new clladp();
if ($ldap->IsKerbAuth()) {
$userPassword = $_POST["artica_password"];
if (isset($_POST["artica_password_crypted"])) {
$userPassword = $_POST["artica_password_crypted"];
include_once dirname(__FILE__) . "/ressources/class.cryptform.inc";
$userPassword = logon_decrypt($userPassword);
}
writelogs("*** TEST Active Directory user {$_POST["artica_username"]} ****", __FUNCTION__, __FILE__, __LINE__);
$external_ad_search = new external_ad_search();
if ($external_ad_search->CheckUserAuth($_POST["artica_username"], $userPassword)) {
writelogs("*** TEST Active Directory user {$_POST["artica_username"]} success ****", __FUNCTION__, __FILE__, __LINE__);
$_SESSION["MINIADM"] = false;
setcookie("MINIADM", "No", time() + 1000);
$_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}";
setcookie("artica-language", $_POST["lang"], time() + 172800);
$_SESSION["detected_lang"] = $_POST["lang"];
$_SESSION["CORP"] = $users->CORP_LICENSE;
$users = new usersMenus();
$privs = new privileges($_POST["artica_username"]);
$privileges_array = $privs->privs;
DumpPrivileges($_POST["artica_username"], $privileges_array);
$users->_TranslateRights($privileges_array, true);
setcookie("mem-logon-user", $_POST["artica_username"], time() + 172800);
$_SESSION["privileges_array"] = $privs->privs;
$_SESSION["uid"] = $_POST["artica_username"];
BuildSession($_POST["artica_username"]);
$sock->getFrameWork("squid.php?clean-catz-cache=yes");
$_SESSION["MINIADM"] = false;
setcookie("MINIADM", "No", time() + 1000);
if ($VIA_API) {
BuildSession($_SESSION["uid"]);
echo "TRUE";
return;
}
echo "location:admin.index.php";
return;
} else {
if (is_array($GLOBALS["CLASS_ACTV"])) {
while (list($key, $line) = each($GLOBALS["CLASS_ACTV"])) {
writelogs("*** Active Directory {$line}", __FUNCTION__, __FILE__, __LINE__);
}
}
}
}
if (Radius_admins($_POST["artica_username"], $md5submitted)) {
writelogs('*** TEST RADIUS USER ****', __FUNCTION__, __FILE__, __LINE__);
$tpl = new templates();
$sock->getFrameWork("squid.php?clean-catz-cache=yes");
writelogs("OK it is a global admin -> location:admin.index.php", _FUNCTION__, __FILE__, __LINE__);
if ($VIA_API) {
BuildSession($_SESSION["uid"]);
echo "TRUE";
return;
}
echo "location:admin.index.php";
exit;
}
writelogs('This is not Global admin, so test user...', __FUNCTION__, __FILE__, __LINE__);
$u = new user($_POST["artica_username"]);
$userPassword = $u->password;
if (trim($u->uidNumber) == null) {
if ($VIA_API) {
echo "FALSE";
return;
}
writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__);
echo $tpl->javascript_parse_text("{wrong_password_or_username}");
return null;
}
$tpl = new templates();
if (trim($_POST["artica_password"]) == md5(trim($userPassword))) {
BuildSession($u->uid);
$ldap = new clladp();
$users = new usersMenus();
$privs = new privileges($u->uid);
$privileges_array = $privs->privs;
if (trim($FixedLanguage) != null) {
$_SESSION["detected_lang"] = $FixedLanguage;
}
$users->_TranslateRights($privileges_array, true);
if (!$users->IfIsAnuser(true)) {
if ($VIA_API) {
echo "TRUE";
return;
}
artica_mysql_events("Success to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]} as User", @implode("\n", $notice), "security", "security");
writelogs("[{$_POST["artica_username"]}]: This is not an user =>admin.index.php", __FUNCTION__, __FILE__);
$sock->getFrameWork("squid.php?clean-catz-cache=yes");
$_SESSION["MINIADM"] = false;
setcookie("MINIADM", "No", time() + 1000);
if ($VIA_API) {
BuildSession($_SESSION["uid"]);
echo "TRUE";
return;
}
echo "location:admin.index.php";
return null;
}
if ($VIA_API) {
BuildSession($_SESSION["uid"]);
echo "TRUE";
return;
}
writelogs("[{$_POST["artica_username"]}]: IS AN USER =>../user-backup/logon.php", __FUNCTION__, __FILE__);
$array["USERNAME"] = $_POST["artica_username"];
$array["PASSWORD"] = md5($_POST["artica_username"]);
$credentials = base64_encode(serialize($array));
artica_mysql_events("Success to redirect on the end-user management console from {$_SERVER["REMOTE_HOST"]} as User", @implode("\n", $notice), "security", "security");
echo "location:../miniadm.logon.php?credentials={$credentials}";
return null;
exit;
} else {
if ($VIA_API) {
echo "FALSE";
return;
}
writelogs("[{$_POST["artica_username"]}]: The password typed is not the same in ldap database...", __FUNCTION__, __FILE__);
artica_mysql_events("Failed to logon on the management console as user from {$_SERVER["REMOTE_HOST"]} (bad password)", @implode("\n", $notice), "security", "security");
echo $tpl->javascript_parse_text("{wrong_password_or_username}");
return null;
}
}
function change(){
$sock=new sockets();
$sock->SET_INFO("PAMLdapPrio", $_POST["PAMLdapPrio"]);
if(strlen(trim($_POST["change_password"]))>1){
$_POST["change_password"]=url_decode_special_tool($_POST["change_password"]);
include_once(dirname(__FILE__))."/ressources/class.samba.inc";
$smb=new samba();
if(!$smb->createRootID($_POST["change_password"])){
return;
}
$sock->SET_INFO("RootPasswordChanged", 1);
writelogs(" -> nsswitch ",__FUNCTION__,__FILE__,__LINE__);
$sock->getFrameWork("services.php?nsswitch=yes");
$change_password=url_decode_special($_POST["change_password"]);
$changeRootPasswd=base64_encode($change_password);
writelogs(" -> services.php?changeRootPasswd= ",__FUNCTION__,__FILE__,__LINE__);
echo base64_decode($sock->getFrameWork("services.php?changeRootPasswd=$changeRootPasswd&pass=$changeRootPasswd"));
}
}