예제 #1
0
			<ul>
                <!-- <li><a href="">Change user resource</a></li> -->
                <!-- <li><a href="">Send mail if user resource is over</a></li> -->
				<li><a href="./index.php?s=p1">Change user password</a></li>
                <?php 
    if ($_GET["s"] === "p1") {
        print "New password: <input type=\"password\" name=\"login_password\" value=\"\">&nbsp;<input type=\"button\" value=\"Save\" onClick=\"checkInput(0);\"><br><font id=\"setting_row\" color=\"#FF0000\">{$message}</font><br>";
    }
    ?>
                <li><a href="./index.php?s=m1">Change mail address</a></li>
                <?php 
    if ($_GET["s"] === "m1") {
        $username = db_fetch_cell("SELECT user_auth.username FROM user_auth WHERE user_auth.id = '" . $_SESSION["sess_user_id"] . "'");
        if ($username) {
            include_once "./lib/ldap.php";
            $ldap_dn_search_response = cacti_ldap_search_dn($username, "", "", "", "", "", "", "", "", "", "", "", "", array("mail"));
            if ($ldap_dn_search_response["error_num"] == "0") {
                print "New mail address: <input type=\"text\" name=\"mail_address\" value=\"" . $ldap_dn_search_response["mail"]["0"] . "\">&nbsp;<input type=\"button\" value=\"Save\" onClick=\"checkInput(1);\"><br><font id=\"setting_row\" color=\"#FF0000\">{$message}</font><br>";
            }
        }
    }
    ?>
                <li><a href="./index.php?s=d1">Deactivate</a></li>
                <?php 
    if ($_GET["s"] === "d1" || $_GET["s"] === "d2") {
        $username = db_fetch_cell("SELECT user_auth.username FROM user_auth WHERE user_auth.id = '" . $_SESSION["sess_user_id"] . "'");
        if ($username) {
            //$message = file_get_contents("./text/deactivate.txt");
            //print str_replace("%USERNAME%", $username, $message);
            print "Before you deactivate <b><font color=\"#FF0000\">{$username}</font></b>, know this:\r\n                            <ul>\r\n                                <li>You don't need to deactivate your account to change your email address or password.</li>\r\n                                <li>Until the user data is permanently deleted, that information won't be available for use.</li>\r\n                                <li>Your account should be removed from this system within a few minutes, <br>but some content may be viewable on this system for a few days after deactivation.</li>\r\n                                <li>We have no control over content indexed by search engines like Google.</li>\r\n                            </ul>";
        }
예제 #2
0
     break;
 case "2":
     /* Web Basic Auth */
     $copy_user = true;
     $user_auth = true;
     $realm = 2;
     /* Locate user in database */
     $user = db_fetch_row("SELECT * FROM user_auth WHERE username = '******' AND realm = 2");
     break;
 case "3":
     /* LDAP Auth */
     if (get_request_var_post("realm") == "ldap" && strlen(get_request_var_post("login_password")) > 0) {
         /* include LDAP lib */
         include_once "./lib/ldap.php";
         /* get user DN */
         $ldap_dn_search_response = cacti_ldap_search_dn($username);
         if ($ldap_dn_search_response["error_num"] == "0") {
             $ldap_dn = $ldap_dn_search_response["dn"];
         } else {
             /* Error searching */
             cacti_log("LOGIN: LDAP Error: " . $ldap_dn_search_response["error_text"], false, "AUTH");
             $ldap_error = true;
             $ldap_error_message = "LDAP Search Error: " . $ldap_dn_search_response["error_text"];
             $user_auth = false;
             $user = array();
         }
         if (!$ldap_error) {
             /* auth user with LDAP */
             $ldap_auth_response = cacti_ldap_auth($username, get_request_var_post("login_password"), $ldap_dn);
             if ($ldap_auth_response["error_num"] == "0") {
                 /* User ok */
예제 #3
0
function set_stay_logon_user($username)
{
    include_once "./lib/ldap.php";
    $ldap_dn_search_response = cacti_ldap_search_dn($username, "", "", "", "", "", "", "", "", "", "", "", "", array("description"));
    if ($ldap_dn_search_response["error_num"] == "0") {
        $hash1 = hash_hmac('sha256', $username . $_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"], FALSE);
        $hash2 = substr($ldap_dn_search_response["description"]["0"], 64);
        $ldap_dn_add_response = cacti_ldap_mod_dn(2, $username, array("description" => $hash1 . $hash2));
        if ($ldap_dn_add_response["error_num"] == "0") {
            setcookie("stay_login", $username . ":" . $hash2, time() + 30 * 24 * 60 * 60, "/");
            // 30d * 24h * 60m * 60s
        }
    }
}