Esempio n. 1
0
include "../Annu/includes/check-token.php";
session_name("Lcs");
@session_start();
include ("./includes/headerauth.inc.php");
include ("../Annu/includes/ldap.inc.php");
include ("../Annu/includes/ihm.inc.php");
include ("./includes/jlcipher.inc.php");

if ( !isset($_SESSION['login'])) {
    header("Location:$urlauth");
    exit;
}

$login=$_SESSION['login'];

if ( pwdMustChange($login) ) {
    header("Location:../Annu/must_change_default_pwd.php");
    exit;
}

// Recherche du nom a partir du login
list($user, $groups)=people_get_variables ($login, false);
// Recherche si l'utilisateur connecte possede le droit lcs_is_admin
$is_admin = is_admin("Lcs_is_admin",$login);

// Recherche si monlcs est present
if (!@((bool)mysqli_query( $authlink, "USE " . $DBAUTH)))
    die ("Sélection de base de données impossible.");
$query="SELECT value from applis where name='monlcs'";
$result = @mysqli_query( $authlink, $query);
if ($result)
Esempio n. 2
0
	{
	// Verif login / password on LCS LDAP
    $password = decodekey($string_mdp);
    if ( user_valid_passwd ( $string_login, $password ) )
    	{
    	// If password account OK
		// Create user home folder and data base
		$login = $string_login;
		$cryptpasswd = $string_mdp;
		if ( !@is_dir("/home/".$login) ||  (@is_dir("/home/".$login) && ( !@is_dir("/home/".$login."/public_html") || !@is_dir("/home/".$login."/Maildir") || !@is_dir("/home/".$login."/Documents"))) )
			{
			$group=strtolower(people_get_group ($login));
			exec ("/usr/bin/sudo /usr/share/lcs/scripts/mkhdir.sh ".escapeshellarg($login)." '$group' '$cryptpasswd' > /dev/null 2>&1");
			}
        //Compare with date of birth
		if ( ! pwdMustChange ($string_login) )
			{
            //If password account is different than date of birth
			// Insert data in ent_lcs table
			if (!@((bool)mysqli_query( $authlink, "USE " . $DBAUTH)))
    				die ("Sélection de base de données impossible.");
			// Verification si une entree login existe dans la table ent_lcs.login_lcs
			$login=((isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"])) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $login) : ((trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR)) ? "" : ""));
			$string_lilie=((isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"])) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $tring_lilie) : ((trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR)) ? "" : ""));
			$query="SELECT id FROM ent_lcs WHERE login_lcs='$login_escp'";
			$result=@mysqli_query($authlink, $query);
			if ( mysqli_num_rows($result) == "0" ) {
				// Creation
				$query="INSERT INTO ent_lcs (id_ent, login_lcs, token) VALUES ('".$string_lilie."', '".$login."', '$token')";
			} else {
				// Update
Esempio n. 3
0
$_srvr = array("domain" => $domain, "baseurl" => $baseurl, "url_accueil" => urlAccueil(), "stgo" => "../lcs/statandgo.php?use=", "monlcs" => is_dir("/var/www/monlcs") ? 1 : 0);
// infos etab
$_etab = infosEtab();
// pas d'authentification
// On pourrait ajouter la verif php du pwdMustChange
// pour plus de securite et ne renvoyer que ce qu'il faut
// c'est fait en js mais la fonction est-elle ultra sensible ?
if ($login == "") {
    $_user["idpers"] = 0;
    // lien de connexion
    $_applis['auth'] = array("txt" => "Se connecter", "url" => $urlauth, "rev" => "auth", "img" => "core/images/icons/icon_22_connect.png", "typ" => "buro");
    // tableau renvoye
    $resp = array("user" => $_user, "srvr" => $_srvr, "opts" => loadOpts('default', "") != false ? array_merge($_opts, loadOpts('default', "")) : $_opts, "etab" => $_etab, "apps" => $_applis);
} else {
    //user
    $_user = infosUser($login, pwdMustChange($login));
    //les prefs du user
    $_opts = loadOpts($login, $_opts);
    //les options admin
    $_prms = array_merge($_prms, loadPrms());
    // les ressources
    $_ress = array_merge($_ress, loadRess(isset($_user["grps"]["gp"]) ? $_user["grps"]["gp"] : "admin"));
    // les applis ( du menu deroulant )
    $_apps = menuApplis($login, $_ssmn);
    // on place le lien pour l'appel maintenance
    if (isset($_apps["maintenance"])) {
        $_prms["maintUrl"] = $_apps["maintenance"]["smn"]["call"]["url"];
    } else {
        $_prms["maintUrl"] = isset($_apps["webmail"]) ? $_apps["webmail"]["smn"]["compose"]["to"] . "admin@" . $_srvr["domain"] : '';
    }
    // lien de connexion
Esempio n. 4
0
    ?>
				<li>
					<a class="open_win ext_link" rel="core/user_form_prefs.php" rev="Parametres" href="#"><img src="core/images/icons/desktop_24.png" style="height:20px;" /> Pr&eacute;f&eacute;rences...</a>
				</li>
				<li>
					<a class="deconnect" href="../lcs/logout.php"><img src="core/images/icons/icon_22_stop.png" style="width:20px;" /> Se d&eacute;connecter</a>
				</li>
<?php 
}
?>
			</ul>
		</li>
	<?php 
// Un utilisateur est authentifie  et a modifie son mot de passe
// on affiche les menus applis
if ($login != "" && !pwdMustChange($login)) {
    ?>
		<li>
		<a class="menu_trigger" href="#">Services</a>
			<ul class="menu">
				<?php 
    echo $html_menu_services;
    ?>
			</ul>
		</li>
		<li>
			<a class="menu_trigger" href="#">Applications</a>
			<ul class="menu">
			<?php 
    echo $html_menu;
    ?>