// // Get user action // $action = PMF_Filter::filterInput(INPUT_GET, 'action', FILTER_SANITIZE_STRING, 'main'); // // Authenticate current user // $auth = null; $error = ''; $faqusername = PMF_Filter::filterInput(INPUT_POST, 'faqusername', FILTER_SANITIZE_STRING); $faqpassword = PMF_Filter::filterInput(INPUT_POST, 'faqpassword', FILTER_SANITIZE_STRING); if (!is_null($faqusername) && !is_null($faqpassword)) { $user = new PMF_User_CurrentUser(); if ($faqconfig->get('main.ldapSupport')) { $authLdap = new PMF_Auth_AuthLdap(); $user->addAuth($authLdap, 'ldap'); } if ($user->login($faqusername, $faqpassword)) { if ($user->getStatus() != 'blocked') { $auth = true; } else { $error = $PMF_LANG["ad_auth_fail"] . " (" . $faqusername . " / *)"; $user = null; } } else { // error $error = sprintf('%s<br /><a href="admin/password.php" title="%s">%s</a>', $PMF_LANG['ad_auth_fail'], $PMF_LANG['lostPassword'], $PMF_LANG['lostPassword']); $user = null; } $action = 'main'; } else {
$faqpassword = PMF_Filter::filterInput(INPUT_POST, 'faqpassword', FILTER_SANITIZE_STRING); $faqremember = PMF_Filter::filterInput(INPUT_POST, 'faqrememberme', FILTER_SANITIZE_STRING); // Set username via SSO if ($faqConfig->get('security.ssoSupport') && isset($_SERVER['REMOTE_USER'])) { $faqusername = trim($_SERVER['REMOTE_USER']); $faqpassword = ''; } // Login via local DB or LDAP or SSO if (!is_null($faqusername) && !is_null($faqpassword)) { $user = new PMF_User_CurrentUser($faqConfig); if (!is_null($faqremember) && 'rememberMe' === $faqremember) { $user->enableRememberMe(); } if ($faqConfig->get('security.ldapSupport') && function_exists('ldap_connect')) { $authLdap = new PMF_Auth_Ldap($faqConfig); $user->addAuth($authLdap, 'ldap'); } if ($faqConfig->get('security.ssoSupport')) { $authSso = new PMF_Auth_Sso($faqConfig); $user->addAuth($authSso, 'sso'); } if ($user->login($faqusername, $faqpassword)) { // login, if user account is NOT blocked if ($user->getStatus() != 'blocked') { $auth = true; } else { $error = $PMF_LANG['ad_auth_fail']; } } else { // error $logging = new PMF_Logging($faqConfig);