function ntlm_get_user() { if (ntlm_check()) { $ntlm_user = $_SERVER['REMOTE_USER']; $strloc = strpos($ntlm_user, "\\"); $strloc++; $strloc++; if ($strloc > 2) { $username = substr($ntlm_user, $strloc); } else { $username = false; } return $username; } else { return false; } }
ob_implicit_flush(0); header('Content-Encoding: gzip'); } } } // // Parse and show the overall header. // $template->set_filenames(array('overall_header' => empty($gen_simple_header) ? 'overall_header.tpl' : 'simple_header.tpl')); // // Generate logged in/logged out status // if ($userdata['session_logged_in']) { $u_login_logout = 'login.' . $phpEx . '?logout=true&sid=' . $userdata['session_id']; $l_login_logout = $lang['Logout'] . ' [ ' . $userdata['username'] . ' ]'; if ($board_config['auth_mode'] == 'ldap' && ntlm_check() && !defined("IN_LOGIN")) { if (strcmp(strtolower(ntlm_get_user()), strtolower($userdata['username']))) { //Logout if we are logged on as a diffrent user header('Location: ' . append_sid("login.{$phpEx}?logout=true&redirect=index.{$phpEx}", true)); } } } else { $u_login_logout = 'login.' . $phpEx; $l_login_logout = $lang['Login']; if ($board_config['disable_guest'] == 1 && !defined("IN_LOGIN") && !defined("IN_SEARCHUSER")) { header('Location: ' . append_sid("login.{$phpEx}?redirect=index.{$phpEx}", true)); } } //-- mod : keep unread ----------------------------------------------------------------------------- //-- delete // $s_last_visit = ( $userdata['session_logged_in'] ) ? create_date($board_config['default_dateformat'], $userdata['user_lastvisit'], $board_config['board_timezone']) : '';
// Prillian - Begin Code Addition // include_once PRILL_PATH . 'prill_common.' . $phpEx; // // Prillian - End Code Addition //-------------------------------------------------------------------------------- // session id check if (isset($HTTP_GET_VARS['sid']) && !empty($HTTP_GET_VARS['sid'])) { $sid = $HTTP_GET_VARS['sid']; } elseif (isset($HTTP_POST_VARS['sid']) && !empty($HTTP_POST_VARS['sid'])) { $sid = $HTTP_POST_VARS['sid']; } else { $sid = ''; } $auth_mode = $board_config['auth_mode']; $use_ldap = $board_config['auth_mode'] == 'ldap' && ntlm_check() ? TRUE : FALSE; if (isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) || $use_ldap) { if ((isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || $use_ldap) && !$userdata['session_logged_in']) { if ($use_ldap) { $username = ntlm_get_user(); } else { $username = isset($HTTP_POST_VARS['username']) ? trim(htmlspecialchars($HTTP_POST_VARS['username'])) : ''; } $username = substr(str_replace("\\'", "'", $username), 0, 25); $username = str_replace("'", "\\'", $username); $password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : ''; $sql = "SELECT user_id, username, user_password, user_active, user_level, user_type\n FROM " . USERS_TABLE . "\n WHERE username = '******'", "''", $username) . "'"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result);
function ntlm_get_user($skip = FALSE) { if ($skip || ntlm_check()) { $ntlm_user = $_SERVER['REMOTE_USER']; $strloc = strpos($ntlm_user, "\\"); $strloc++; if (substr($ntlm_user, $strloc, 1) == "\\") { $strloc++; } if ($strloc > 2) { $username = substr($ntlm_user, $strloc); } else { $username = $ntlm_user; } return $username; } else { return false; } }