function checkprivs()
{
$_POST["userid"] = trim($_POST["userid"]);
include "ressources/settings.inc";
$socks = new sockets();
if (strtolower($_POST["userid"]) == strtolower($_GLOBAL["ldap_admin"])) {
if ($_POST["password"] != $_GLOBAL["ldap_password"]) {
die("bad password");
}
$dans = new dansguardian_rules(null, 1);
$dans->Add_exceptionsitelist(1, $_POST["uri"]);
AddEvents("Manager", $_POST["uri"]);
$sock = new sockets();
$sock->getFrameWork("reload-dansguardian");
die("SUCCESS");
}
$ldap = new clladp();
writelogs('This is not Global admin, so test user...', __FUNCTION__, __FILE__);
$hash = $ldap->UserDatas($_POST["userid"]);
$userPassword = $hash["userPassword"];
if (trim($hash["uid"]) == null) {
writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__);
die("Unknown user");
}
if (trim($_POST["password"]) == trim($userPassword)) {
$users = new usersMenus($ldap->_Get_privileges_userid($_POST["userid"]));
$priv_array = $users->_ParsePrivieleges($ldap->_Get_privileges_userid($_POST["userid"]));
$users->_TranslateRights($priv_array);
if ($users->AllowDansGuardianBanned) {
$dans = new dansguardian_rules(null, 1);
$dans->Add_exceptionsitelist(1, $_POST["uri"]);
$sock = new sockets();
AddEvents($_POST["userid"], $_POST["uri"]);
$sock->getFrameWork("cmd.php?reload-dansguardian");
die("SUCCESS");
}
} else {
die("BAD PASSWORD");
}
die("No privileges");
}
function login()
{
$tpl = new templates();
$ldap = new clladp();
$att = array("userPassword", "DisplayName");
$sr = @ldap_search($ldap->ldap_connection, "dc=organizations,{$ldap->suffix}", "(uid={$_POST["uid"]})", $att);
if (!$sr) {
echo $sr;
return $tpl->_ENGINE_parse_body('{unknown_user}');
}
$entry_id = ldap_first_entry($ldap->ldap_connection, $sr);
if (!$entry_id) {
writelogs("INFOS: bad value {$entry_id}: (' . {$entry_id} . ') find: (uid={$_POST["uid"]}) -> aborting function search engine doesn`t found the pattern", __LINE__, __FILE__);
return $tpl->_ENGINE_parse_body('{unknown_user}');
}
$attrs = ldap_get_attributes($ldap->ldap_connection, $entry_id);
$passw = $attrs["userPassword"][0];
$passw = md5($passw);
if (!$_GET["credentials"]) {
$_POST["password"] = md5($_POST["password"]);
}
if ($passw != $_POST["password"]) {
return $tpl->_ENGINE_parse_body('{bad_password}');
}
unset($_SESSION["MLDONKEY_{$_POST["uid"]}"]);
$_SESSION["NOM"] = $attrs["DisplayName"][0];
$privs = $ldap->_Get_privileges_userid($_POST["uid"]);
$_SESSION["privileges"]["ArticaGroupPrivileges"] = $privs;
$users = new usersMenus();
$uid_class = new user($_POST["uid"]);
$_SESSION["ou"] = $uid_class->ou;
$_SESSION["privs"] = $users->_ParsePrivieleges($privs);
if ($_SESSION["privs"]["ForceLanguageUsers"] != null) {
$_COOKIE["ArticaForceLanguageUsers"] = $_SESSION["privs"]["ForceLanguageUsers"];
} else {
unset($_COOKIE["ArticaForceLanguageUsers"]);
}
}
function logon()
{
include "ressources/settings.inc";
if ($_POST["artica_user"] == $_GLOBAL["ldap_admin"]) {
if ($_POST["password"] != $_GLOBAL["ldap_password"]) {
$_GET["ERROR"] = "bad password";
return false;
} else {
session_start();
$_SESSION["uid"] = '-100';
$_SESSION["groupid"] = '-100';
$_SESSION["passwd"] = $_POST["password"];
$_SESSION["privileges"] = '
[AllowAddGroup]="yes"
[AllowAddUsers]="yes"
[AllowChangeKav]="yes"
[AllowChangeKas]="yes"
[AllowChangeUserPassword]="yes"
[AllowEditAliases]="yes"
[AllowEditAsWbl]="yes"
[AsSystemAdministrator]="yes"
[AsPostfixAdministrator]="yes"
[AsArticaAdministrator]="yes"
';
return true;
}
}
writelogs('This is not Global admin, so test user...', __FUNCTION__, __FILE__);
$u = new user($_POST["artica_user"]);
$userPassword = $u->password;
if (trim($u->uidNumber) == null) {
writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__);
return false;
}
if (trim($_POST["password"]) == trim($userPassword)) {
$ldap = new clladp();
$ouprivs = $ldap->_Get_privileges_ou($u->uid, $u->ou);
$_SESSION["OU_LANG"] = $ouprivs["ForceLanguageUsers"];
$_SESSION["uid"] = $_POST["artica_user"];
$_SESSION["passwd"] = $_POST["password"];
$_SESSION["privileges"]["ArticaGroupPrivileges"] = $ldap->_Get_privileges_userid($_POST["artica_user"]);
return true;
}
}
function logon()
{
include "ressources/settings.inc";
$_POST["artica_password"] = url_decode_special($_POST["artica_password"]);
writelogs("Testing logon....{$_POST["artica_username"]}", __FUNCTION__, __FILE__, __LINE__);
writelogs("Testing logon.... password:{$_POST["artica_password"]}", __FUNCTION__, __FILE__, __LINE__);
$_COOKIE["artica-language"] = $_POST["lang"];
$socks = new sockets();
if (!$socks->TestArticaPort()) {
if (is_file("ressources/logs/boa.start")) {
$boa_error = file_get_contents("ressources/logs/boa.start");
}
echo "Unable to connect to Artica daemon port:{$boa_error}";
exit;
}
if ($_POST["artica_username"] == $_GLOBAL["ldap_admin"]) {
if ($_POST["artica_password"] != $_GLOBAL["ldap_password"]) {
echo "bad password";
return null;
} else {
//session_start();
$_SESSION["uid"] = '-100';
$_SESSION["groupid"] = '-100';
$_SESSION["passwd"] = $_POST["artica_password"];
setcookie("artica-language", $_POST["lang"], time() + 172800);
$_SESSION["detected_lang"] = $_POST["lang"];
$_SESSION["privileges"]["ArticaGroupPrivileges"] = '
[AllowAddGroup]="yes"
[AllowAddUsers]="yes"
[AllowChangeKav]="yes"
[AllowChangeKas]="yes"
[AllowChangeUserPassword]="yes"
[AllowEditAliases]="yes"
[AllowEditAsWbl]="yes"
[AsSystemAdministrator]="yes"
[AsPostfixAdministrator]="yes"
[AsArticaAdministrator]="yes"
';
$tpl = new templates();
echo "location:admin.index.php";
exit;
}
}
writelogs('This is not Global admin, so test user...', __FUNCTION__, __FILE__);
$u = new user($_POST["artica_username"]);
$userPassword = $u->password;
if (trim($u->uidNumber) == null) {
writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__);
echo "Unknown user";
return null;
}
if (trim($_POST["artica_password"]) == trim($userPassword)) {
$ldap = new clladp();
$ouprivs = $ldap->_Get_privileges_ou($u->uid, $u->ou);
$privileges = $ldap->_Get_privileges_userid($_POST["artica_username"]);
$_SESSION["OU_LANG"] = $ouprivs["ForceLanguageUsers"];
$_SESSION["uid"] = $_POST["artica_username"];
$_SESSION["passwd"] = $_POST["artica_password"];
$_SESSION["privileges"]["ArticaGroupPrivileges"] = $privileges;
$_SESSION["groupid"] = $ldap->UserGetGroups($_POST["artica_username"], 1);
$_SESSION["DotClearUserEnabled"] = $u->DotClearUserEnabled;
$_SESSION["MailboxActive"] = $u->MailboxActive;
$_SESSION["ou"] = $u->ou;
$_SESSION["UsersInterfaceDatas"] = trim($u->UsersInterfaceDatas);
$lang = new articaLang();
writelogs("default organization language={$_SESSION["OU_LANG"]}", __FUNCTION__, __FILE__);
if (trim($_SESSION["OU_LANG"]) != null) {
$_SESSION["detected_lang"] = $_SESSION["OU_LANG"];
setcookie("artica-language", $_SESSION["OU_LANG"], time() + 172800);
} else {
setcookie("artica-language", $_POST["lang"], time() + 172800);
$_SESSION["detected_lang"] = $lang->get_languages();
}
$users = new usersMenus();
$privileges_array = $users->_ParsePrivieleges($privileges);
$users->_TranslateRights($privileges_array, true);
if (!$users->IfIsAnuser(true)) {
writelogs('This is not an user =>admin.index.php ', __FUNCTION__, __FILE__);
echo "location:admin.index.php";
return null;
}
writelogs('IT IS AN USER =>../user-backup/logon.php ', __FUNCTION__, __FILE__);
$tpl = new templates();
$array["USERNAME"] = $_POST["artica_username"];
$array["PASSWORD"] = md5($_POST["artica_username"]);
$credentials = base64_encode(serialize($array));
echo "location:../user-backup/logon.php?credentials={$credentials}";
return null;
exit;
} else {
writelogs("The passord typed is not the same in ldap database...", __FUNCTION__, __FILE__);
echo "bad password";
return null;
}
}
