<ul>
<!-- <li><a href="">Change user resource</a></li> -->
<!-- <li><a href="">Send mail if user resource is over</a></li> -->
<li><a href="./index.php?s=p1">Change user password</a></li>
<?php
if ($_GET["s"] === "p1") {
print "New password: <input type=\"password\" name=\"login_password\" value=\"\"> <input type=\"button\" value=\"Save\" onClick=\"checkInput(0);\"><br><font id=\"setting_row\" color=\"#FF0000\">{$message}</font><br>";
}
?>
<li><a href="./index.php?s=m1">Change mail address</a></li>
<?php
if ($_GET["s"] === "m1") {
$username = db_fetch_cell("SELECT user_auth.username FROM user_auth WHERE user_auth.id = '" . $_SESSION["sess_user_id"] . "'");
if ($username) {
include_once "./lib/ldap.php";
$ldap_dn_search_response = cacti_ldap_search_dn($username, "", "", "", "", "", "", "", "", "", "", "", "", array("mail"));
if ($ldap_dn_search_response["error_num"] == "0") {
print "New mail address: <input type=\"text\" name=\"mail_address\" value=\"" . $ldap_dn_search_response["mail"]["0"] . "\"> <input type=\"button\" value=\"Save\" onClick=\"checkInput(1);\"><br><font id=\"setting_row\" color=\"#FF0000\">{$message}</font><br>";
}
}
}
?>
<li><a href="./index.php?s=d1">Deactivate</a></li>
<?php
if ($_GET["s"] === "d1" || $_GET["s"] === "d2") {
$username = db_fetch_cell("SELECT user_auth.username FROM user_auth WHERE user_auth.id = '" . $_SESSION["sess_user_id"] . "'");
if ($username) {
//$message = file_get_contents("./text/deactivate.txt");
//print str_replace("%USERNAME%", $username, $message);
print "Before you deactivate <b><font color=\"#FF0000\">{$username}</font></b>, know this:\r\n <ul>\r\n <li>You don't need to deactivate your account to change your email address or password.</li>\r\n <li>Until the user data is permanently deleted, that information won't be available for use.</li>\r\n <li>Your account should be removed from this system within a few minutes, <br>but some content may be viewable on this system for a few days after deactivation.</li>\r\n <li>We have no control over content indexed by search engines like Google.</li>\r\n </ul>";
}
break;
case "2":
/* Web Basic Auth */
$copy_user = true;
$user_auth = true;
$realm = 2;
/* Locate user in database */
$user = db_fetch_row("SELECT * FROM user_auth WHERE username = '******' AND realm = 2");
break;
case "3":
/* LDAP Auth */
if (get_request_var_post("realm") == "ldap" && strlen(get_request_var_post("login_password")) > 0) {
/* include LDAP lib */
include_once "./lib/ldap.php";
/* get user DN */
$ldap_dn_search_response = cacti_ldap_search_dn($username);
if ($ldap_dn_search_response["error_num"] == "0") {
$ldap_dn = $ldap_dn_search_response["dn"];
} else {
/* Error searching */
cacti_log("LOGIN: LDAP Error: " . $ldap_dn_search_response["error_text"], false, "AUTH");
$ldap_error = true;
$ldap_error_message = "LDAP Search Error: " . $ldap_dn_search_response["error_text"];
$user_auth = false;
$user = array();
}
if (!$ldap_error) {
/* auth user with LDAP */
$ldap_auth_response = cacti_ldap_auth($username, get_request_var_post("login_password"), $ldap_dn);
if ($ldap_auth_response["error_num"] == "0") {
/* User ok */
function set_stay_logon_user($username)
{
include_once "./lib/ldap.php";
$ldap_dn_search_response = cacti_ldap_search_dn($username, "", "", "", "", "", "", "", "", "", "", "", "", array("description"));
if ($ldap_dn_search_response["error_num"] == "0") {
$hash1 = hash_hmac('sha256', $username . $_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"], FALSE);
$hash2 = substr($ldap_dn_search_response["description"]["0"], 64);
$ldap_dn_add_response = cacti_ldap_mod_dn(2, $username, array("description" => $hash1 . $hash2));
if ($ldap_dn_add_response["error_num"] == "0") {
setcookie("stay_login", $username . ":" . $hash2, time() + 30 * 24 * 60 * 60, "/");
// 30d * 24h * 60m * 60s
}
}
}