public function login()
{
header("Content-Type:text/html; charset=utf-8");
$username = isset($_POST['username']) ? $_POST['username'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
// print_r($username);
$sqlAuth = new SQLAuthenticator();
if ($SQLRet = $sqlAuth->authenticate($username, $password)) {
AuditLog::writeLog('login in', session('userid'));
$this->getUserPermission();
$this->success("login success 1 ");
} else {
if ($ldapRet = $this->authenticate($username, $password)) {
AuditLog::writeLog('login in', session('userid'));
$this->getUserPermission();
$this->success("login success 2 ");
} else {
$this->error('Your account may be disabled or blocked or the username/password you entered is incorrect.');
}
}
}
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
require_once "../ipplanlib.php";
require_once "../adodb/adodb.inc.php";
require_once "../class.dbflib.php";
require_once "../layout/class.layout";
require_once "../auth.php";
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Change user password");
newhtml($p);
$w = myheading($p, $title);
// explicitly cast variables as security measure against SQL injection
list($user, $password1, $password2) = myRegister("S:user S:password1 S:password2");
$formerror = "";
$ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database"));
if ($_POST) {
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
require_once "../ipplanlib.php";
require_once "../adodb/adodb.inc.php";
require_once "../class.dbflib.php";
require_once "../layout/class.layout";
require_once "../auth.php";
$auth = new SQLAuthenticator(REALM, REALMERROR);
// And now perform the authentication
$grps = $auth->authenticate();
// set language
isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']);
//setdefault("window",array("bgcolor"=>"white"));
//setdefault("table",array("cellpadding"=>"0"));
//setdefault("text",array("size"=>"2"));
$title = my_("Modify/Copy/Move/Delete/Split/Join subnets");
newhtml($p);
insert($p, $h = wheader("IPPlan - {$title}"));
insert($h, script("", array("type" => "text/javascript", "src" => "../cookies.js")));
insert($h, script("", array("type" => "text/javascript", "src" => "../phpserializer.js")));
insert($h, script("", array("type" => "text/javascript", "src" => "../ipplanlib.js")));
$w = myheading($p, $title, true);
// explicitly cast variables as security measure against SQL injection
function authenticate($username, $password)
{
global $dPconfig;
$this->username = $username;
if (strlen($password) == 0) {
return false;
}
// LDAP will succeed binding with no password on AD (defaults to anon bind)
if ($this->fallback == true) {
if (parent::authenticate($username, $password)) {
return true;
}
}
// Fallback SQL authentication fails, proceed with LDAP
if (!($rs = @ldap_connect($this->ldap_host, $this->ldap_port))) {
return false;
}
@ldap_set_option($rs, LDAP_OPT_PROTOCOL_VERSION, $this->ldap_version);
@ldap_set_option($rs, LDAP_OPT_REFERRALS, 0);
//$ldap_bind_dn = "cn=".$this->ldap_search_user.",".$this->base_dn;
$ldap_bind_dn = empty($this->ldap_search_user) ? NULL : $this->ldap_search_user;
$ldap_bind_pw = empty($this->ldap_search_pass) ? NULL : $this->ldap_search_pass;
if (!($bindok = @ldap_bind($rs, $ldap_bind_dn, $ldap_bind_pw))) {
// Uncomment for LDAP debugging
/*
$error_msg = ldap_error($rs);
die("Couldnt Bind Using ".$ldap_bind_dn."@".$this->ldap_host.":".$this->ldap_port." Because:".$error_msg);
*/
return false;
} else {
$filter_r = html_entity_decode(str_replace("%USERNAME%", $username, $this->filter), ENT_COMPAT, 'UTF-8');
$result = @ldap_search($rs, $this->base_dn, $filter_r);
if (!$result) {
return false;
}
// ldap search returned nothing or error
$result_user = ldap_get_entries($rs, $result);
if ($result_user["count"] == 0) {
return false;
}
// No users match the filter
$first_user = $result_user[0];
$ldap_user_dn = $first_user["dn"];
// Bind with the dn of the user that matched our filter (only one user should match sAMAccountName or uid etc..)
if (!($bind_user = @ldap_bind($rs, $ldap_user_dn, $password))) {
/*
$error_msg = ldap_error($rs);
die("Couldnt Bind Using ".$ldap_user_dn."@".$this->ldap_host.":".$this->ldap_port." Because:".$error_msg);
*/
return false;
} else {
if ($this->userExists($username)) {
return true;
} else {
$this->createsqluser($username, $password, $first_user);
}
return true;
}
}
}
function authenticate($username, $password)
{
$ret = parent::authenticate($username, $password);
if ($ret == false) {
return false;
}
$q = new DBQuery();
$q->addTable('user_ip_lock');
$q->addQuery('user_id');
$q->addWhere("user_id = {$this->user_id}");
$q->addWhere("user_ip = '{$_SERVER['REMOTE_ADDR']}'");
$row = $q->loadResult();
if ($row) {
return false;
}
return true;
}
