/**
Check submitted credentials. Redirect to destination
on success, proceed to error message on failure
*/
public function post_name_password_handler()
{
$name = FormLib::get('name');
$password = FormLib::get('password');
$login = login($name, $password);
$redirect = FormLib::get('redirect', 'menu.php');
if (!$login && FannieConfig::config('AUTH_LDAP', false)) {
$login = ldap_login($name, $password);
}
if (!$login && FannieConfig::config('AUTH_SHADOW', false)) {
$login = shadow_login($name, $password);
}
if ($login) {
header("Location: {$redirect}");
return false;
} else {
return true;
}
}
/**
* Users trying to login, who do not yet exist in the Chamilo database,
* can be added by this script which tries to retrieve ldap information
* about them.
* @author Roan Embrechts
* @package chamilo.auth.ldap
*/
/**
* when a user does not exist yet in dokeos,
* but he or she does exist in the LDAP,
* we add him to the dokeos database
*/
//require_once('../../inc/global.inc.php'); - this script should be loaded by the /index.php script anyway, so global is already loaded
require_once 'authldap.php';
//error_log('Trying to register new user '.$login.' with pass '.$password,0);
$ldap_login_success = ldap_login($login, $password);
if ($ldap_login_success) {
//error_log('Found user '.$login.' on LDAP server',0);
/*
In here, we know that
- the user does not exist in dokeos
- the users login and password are correct
*/
$info_array = ldap_find_user_info($login);
ldap_put_user_info_locally($login, $info_array);
} else {
//error_log('Could not find '.$login.' on LDAP server',0);
$loginFailed = true;
unset($_user['user_id']);
$uidReset = false;
}
<?php
require_once 'inc/init.php';
ldap_login();
// select entry template
if (!empty($_REQUEST['export']) && $_REQUEST['export'] == 'csv') {
$entrytpl = 'list_csv_entry.tpl';
} elseif (!empty($_REQUEST['export']) && $_REQUEST['export'] == 'map') {
$entrytpl = 'list_map_entry.tpl';
} else {
$entrytpl = 'list_entry.tpl';
}
// check which fields are needed
$fields = get_fields_from_template($entrytpl);
//prepare filter
$ldapfilter = _makeldapfilter();
// fetch results
$result = ldap_queryabooks($ldapfilter, $fields);
$list = '';
if (count($result) == 1 && $_REQUEST['search']) {
//only one result on a search -> display page
header("Location: entry.php?dn=" . rawurlencode($result[0]['dn']));
exit;
} elseif (count($result)) {
$keys = array_keys($result);
uksort($keys, "_namesort");
foreach ($keys as $key) {
tpl_entry($result[$key]);
$list .= $smarty->fetch($entrytpl);
}
}
* @package chamilo.auth.ldap
*/
/**
* An external authentification module needs to set
* - $loginFailed
* - $uidReset
* - $_user['user_id']
* - register the $_user['user_id'] in the session
*
* As the LDAP code shows, this is not as difficult as you might think.
* LDAP authentification module
* this calls the loginWithLdap function
* from the LDAP library, and sets a few
* variables based on the result.
*/
//require_once('../../inc/global.inc.php'); - this script should be loaded by the /index.php script anyway, so global is already loaded
use ChamiloSession as Session;
require_once 'authldap.php';
$loginLdapSucces = ldap_login($login, $password);
if ($loginLdapSucces) {
$loginFailed = false;
$uidReset = true;
$_user['user_id'] = $uData['user_id'];
Session::write('_uid', $_uid);
// Jand: copied from event_login in events.lib.php to enable login statistics:
Event::event_login($uData['user_id']);
} else {
$loginFailed = true;
unset($_user['user_id']);
$uidReset = false;
}
$login = optional_param('login', NULL, PARAM_TEXT);
$pass = optional_param('pass', NULL, PARAM_TEXT);
$act = optional_param('act', NULL, PARAM_TEXT);
$urlinfo = parse_url($CFG['wwwroot']);
if ($act == "course") {
$id = optional_param('id', NULL, PARAM_INT);
$_SESSION['currentcourse'] = $id;
setcookie("mcm_course", $id, time() + 1200, "/", $urlinfo['host']);
die;
}
if (isset($login) && isset($pass)) {
if ($USER = get_record("user", array("username" => $login, "password" => md5($pass)))) {
$_SESSION['userid'] = $USER->id;
} else {
if (is_array($LDAPCFG)) {
if (ldap_login($login, $pass)) {
if (!($USER = get_record("user", array("username" => $login, "password" => md5($pass))))) {
$add = array();
$add['username'] = $login;
$add['password'] = md5($pass);
$add['firstname'] = 'ldapuser';
$add['lastname'] = 'ldapuser';
$add['email'] = 'ldapuser';
if (!empty($add['username'])) {
$id = insert_record("user", $add);
}
$USER = get_record("user", array("username" => $login, "password" => md5($pass)));
}
}
}
}
$exists = mysqli_num_rows($query);
# $strSQL_stud = "SELECT * FROM Students WHERE username = '******'";
# $query_stud = mysqli_query($con,$strSQL_stud);
# $exists_stud = mysqli_num_rows($query_stud);
$table_users = "";
$table_password = "";
if ($exists > 0) {
$row = mysqli_fetch_array($query);
$table_pwd = $row['password'];
$table_users = $row['username'];
$id = $row['id'];
if (password_verify($password, $table_pwd)) {
$_SESSION['user'] = $username;
$_SESSION['id'] = $id;
header("location:homeUser.php");
} else {
header("location: login.php");
}
} else {
if (ldap_login($username, $password)) {
$username = strtoupper($username);
$sql = "SELECT * FROM students WHERE username = '******'";
$query_s = mysqli_query($con, $sql);
$student = mysqli_fetch_array($query_s);
$_SESSION['fullname'] = $student['fullname'];
$_SESSION['user_stud'] = $username;
header("location:homeUser.php");
} else {
header("location: login.php");
}
}
