<?php
/*
* This example is simply an example of how a provisioning page may look
* which includes such funcationality as createing users, initialising their
* data, create a token for them, testing the token and resyncing it as needed
*
*/
// Require our php libraries
require_once "token.php";
require_once "dbfunctions.php";
require_once "input.php";
// now lets get an instance of our class
$myga = new myGA();
global $myga;
// this part of the page resonds to user input
processInput();
?>
<html>
<h1>Welcome to GA Provisioning!</h1>
<?php
// in this part of the code we look for "success" or "fail" things
if (isset($_REQUEST["success"])) {
echo "<br><font color=\"green\">" . $_REQUEST["success"] . "</font><br>";
}
if (isset($_REQUEST["failure"])) {
echo "<br><font color=\"red\">" . $_REQUEST["failure"] . "</font><br>";
}
?>
* the data is not a bad idea. The key for the encrypted data can be very long
* and very random as its not designed for user interaction, though it should be
* backed up occasionally
*/
// set these
$host = "";
// for eg "1.2.3.4"
$binduser = "";
// for eg "administrator"
$bindpass = "";
// for eg "password"
$basecn = "";
// for eg "CN=users, DC=google, dc=com"
//require our GoogleAuthenticator sub classed class
require_once "extend.php";
$myga = new myGA();
// this is here so i can keep my atributes somewhere in the tree and not have them float around on git/svn
if (file_exists("../../../../.dontappearingitandsvn.php")) {
require_once "../../../../.dontappearingitandsvn.php";
}
$error = false;
// first, lets bind our AD with out management creds
error_log("host is {$host}");
$dsconnect = ldap_connect("{$host}", 389);
// we mark it global so we can get it in our class
global $dsconnect, $host, $binduser, $bindpass, $basecn;
if (!$dsconnect) {
$error = true;
$errorText = "Can't Connect to AD";
}
$ldapbind = ldap_bind($dsconnect, "{$binduser}", "{$bindpass}");
/*
* This example rely's on the provisioning example, you must first create accounts in the provisioning
* example then use them here.
*
* This example is solely an example of how a login page might look and/or work
*
* If a user doesnt have a token assigned, they wont require it on the login page. This is an example
* of when your allowing the user to increase security of their OWN account, not the security of the
* site as such.
*
*/
require_once "../provisioning/dbfunctions.php";
require_once "../provisioning/token.php";
session_start();
$myga = new myGA();
// check if we're logged in
if (isset($_SESSION["loginname"])) {
if ($_SESSION["loginname"] != "") {
// handle logout
if (isset($_REQUEST["logout"])) {
error_log("session killer");
unset($_SESSION["loginname"]);
header("Location: index.php");
return;
}
// display the logged in page
displayLogedInPage();
return;
}
}
