예제 #1
0
        echo json_encode(array("Status" => false, "Result" => $_SESSION['Lang']['login_linguagemMudadaErro']));
        die;
    }
    echo json_encode(array("Status" => false, "Result" => $_SESSION['Lang']['login_linguagemMudadaErro']));
    die;
}
if (isset($_SESSION['Lang_Id'])) {
    if (getLangById($_SESSION['Lang_Id']) != false) {
        $_SESSION['Lang'] = getLangById($_SESSION['Lang_Id']);
    } else {
        $_SESSION['Lang_Id'] = "Portugues";
        $_SESSION['Lang'] = getLangById($_SESSION['Lang_Id']);
    }
} else {
    $_SESSION['Lang_Id'] = "Portugues";
    $_SESSION['Lang'] = getLangById($_SESSION['Lang_Id']);
}
if ($_POST) {
    if (isset($_POST['email']) && isset($_POST['password']) && !empty($_POST['email']) && !empty($_POST['password'])) {
        $email = $_POST['email'];
        $password = $_POST['password'];
        $email = addslashes($email);
        // Nunca confiar no que o utilizar introduz.
        $password = addslashes($password);
        // Nunca confiar no que o utilizar introduz.
        $password = md5($password);
        // Encriptar password com md5
        $User = login($email, $password);
        if (!isset($User)) {
            header("Location: login.php?erro=2");
            die;
예제 #2
0
function checkLogin($username, $md5password, $rawpassword)
{
    global $db;
    # get variables from config file
    /* check if user exists in local database */
    $database = new database($db['host'], $db['user'], $db['pass'], $db['name']);
    $query = 'select * from `users` where `username` = binary "' . $username . '" and `password` = BINARY "' . $md5password . '" and `domainUser` = "0" limit 1;';
    /* execute */
    try {
        $result = $database->getArray($query);
    } catch (Exception $e) {
        $error = $e->getMessage();
        print "<div class='alert alert-error'>" . _('Error') . ": {$error}</div>";
        return false;
    }
    /* close database connection */
    $database->close();
    /* locally registered */
    if (sizeof($result) != 0) {
        # get user lang
        $lang = getLangById($result[0]['lang']);
        /* start session and set variables */
        session_start();
        $_SESSION['ipamusername'] = $username;
        $_SESSION['ipamlanguage'] = $lang['l_code'];
        session_write_close();
        # print success
        print '<div class="alert alert-success">' . _('Login successful') . '!</div>';
        # write log file
        updateLogTable('User ' . $username . ' logged in.', "", 0);
    } else {
        /* fetch settings */
        $settings = getAllSettings();
        /* if local failed and AD/OpenLDAP is selected try to authenticate */
        if ($settings['domainAuth'] != "0") {
            /* check if user exist in database and has domain user flag */
            $authAD = checkADLogin($username, $rawpassword);
            if ($authAD == "ok") {
                # get user lang
                $lang = getLangById($result[0]['lang']);
                /* start session and set variables */
                session_start();
                $_SESSION['ipamusername'] = $username;
                $_SESSION['ipamlanguage'] = $lang['l_code'];
                session_write_close();
                # print success
                if ($settings['domainAuth'] == "1") {
                    print '<div class="alert alert-success">' . _('AD login successful') . '!</div>';
                    updateLogTable('User ' . $username . ' logged in.', "", 0);
                } else {
                    print '<div class="alert alert-success">' . _('LDAP login successful') . '!</div>';
                    updateLogTable('User ' . $username . ' logged in.', "", 0);
                }
            } else {
                if ($authAD == 'Failed to connect to AD!') {
                    # print error
                    if ($settings['domainAuth'] == "1") {
                        print '<div class="alert alert-error"><button type="button" class="close" data-dismiss="alert">×</button>' . _('Failed to connect to AD server') . '!</div>';
                        updateLogTable('Failed to connect to AD!', "", 2);
                    } else {
                        print '<div class="alert alert-error"><button type="button" class="close" data-dismiss="alert">×</button>' . _('Failed to connect to LDAP server') . '!</div>';
                        updateLogTable('Failed to connect to LDAP!', "", 2);
                    }
                } else {
                    if ($authAD == 'Failed to authenticate user via AD!') {
                        # print error
                        if ($settings['domainAuth'] == "1") {
                            print '<div class="alert alert-error"><button type="button" class="close" data-dismiss="alert">×</button>' . _('Failed to authenticate user against AD') . '!</div>';
                            updateLogTable('User ' . $username . ' failed to authenticate against AD.', "", 2);
                        } else {
                            print '<div class="alert alert-error"><button type="button" class="close" data-dismiss="alert">×</button>' . _('Failed to authenticate user against LDAP') . '!</div>';
                            updateLogTable('User ' . $username . ' failed to authenticate against LDAP.', "", 2);
                        }
                    } else {
                        # print error
                        if ($settings['domainAuth'] == "1") {
                            print '<div class="alert alert-error"><button type="button" class="close" data-dismiss="alert">×</button>' . _('Wrong username or password') . '!</div>';
                            updateLogTable('User ' . $username . ' failed to authenticate against AD.', "", 2);
                        } else {
                            print '<div class="alert alert-error"><button type="button" class="close" data-dismiss="alert">×</button>' . _('Wrong username or password') . '!</div>';
                            updateLogTable('User ' . $username . ' failed to authenticate against LDAP.', "", 2);
                        }
                    }
                }
            }
        } else {
            # print error
            print '<div class="alert alert-error"><button type="button" class="close" data-dismiss="alert">×</button>' . _('Failed to log in') . '!</div>';
            # write log file
            updateLogTable('User ' . $username . ' failed to log in.', "", 2);
        }
    }
}
예제 #3
0
    if (isset($_POST['MudarTema']) && isset($_POST['ID'])) {
        if (count(getTemaById($_POST['ID']))) {
            $User->setIdTema($_POST['ID']);
            $User->atualizaInfo();
            $User->getInfo();
            echo json_encode(array("Status" => true, "Result" => $linguagens[$User->getLinguagem()]['alerta_okMudarTema']));
            die;
        } else {
            echo json_encode(array("Status" => false, "Result" => $linguagens[$User->getLinguagem()]['alerta_erroMudarTema']));
            die;
        }
        echo json_encode(array("Status" => false, "Result" => $linguagens[$User->getLinguagem()]['alerta_erroMudarTema']));
        die;
    }
    if (isset($_POST['MudarLang']) && isset($_POST['ID'])) {
        if (getLangById($_POST['ID']) != false) {
            $User->setLinguagem($_POST['ID']);
            $User->atualizaInfo();
            $User->getInfo();
            echo json_encode(array("Status" => true, "ID" => $User->getLinguagem(), "Result" => $linguagens[$User->getLinguagem()]['alerta_okMudarLinguagem']));
            die;
        } else {
            echo json_encode(array("Status" => false, "Result" => $linguagens[$User->getLinguagem()]['alerta_erroMudarLinguagem']));
            die;
        }
        echo json_encode(array("Status" => false, "Result" => $linguagens[$User->getLinguagem()]['alerta_erroMudarLinguagem']));
        die;
    }
}
$smarty->debugging = false;
$smarty->caching = false;
예제 #4
0
<?php

/**
 * Script to print add / edit / delete group
 *************************************************/
/* required functions */
require_once '../../functions/functions.php';
/* verify that user is admin */
checkAdmin();
/* filter input */
$_POST = filter_user_input($_POST, true, true, false);
$_POST['action'] = filter_user_input($_POST['action'], false, false, true);
/* get lang details */
$lang = getLangById($_POST['langid']);
?>


<!-- header -->
<div class="pHeader">
<?php 
/**
 * If action is not set get it form post variable!
 */
if ($_POST['action'] == "edit") {
    print _('Edit language');
} elseif ($_POST['action'] == "delete") {
    print _('Delete language');
} else {
    /* Set dummy data  */
    $lang['l_code'] = '';
    $lang['l_name'] = '';
예제 #5
0
/**
 * Login authentication
 *
 * First we try to authenticate via local database
 * if it fails we querry the AD, if set in config file
 */
function checkLogin($username, $md5password, $rawpassword)
{
    global $db;
    # set failed flag to update authFailed table
    $authFailed = true;
    $updatepass = false;
    $uerror = "";
    $lerror = "";
    # fetch settings to get auth types
    $settings = getAllSettings();
    # for login check
    $database = new database($db['host'], $db['user'], $db['pass'], $db['name']);
    # escape vars to prevent SQL injection
    $username = $database->real_escape_string($username);
    # try to fetch user
    $query = 'select * from `users` where `username` = "' . $username . '" limit 1;';
    /* execute */
    try {
        $result = $database->getArray($query);
    } catch (Exception $e) {
        $error = $e->getMessage();
        print "<div class='alert alert-danger'>" . _('Error') . ": {$error}</div>";
        return false;
    }
    # verify type and password
    if (sizeof($result) > 0) {
        # reset var
        $user = $result[0];
        /**
         * local auth
         */
        if ($user['domainUser'] == "0") {
            # try crypt
            if (substr($user['password'], 0, 1) == "\$") {
                if ($user['password'] == crypt($rawpassword, $user['password'])) {
                    $authFailed = false;
                }
            } else {
                if ($user['password'] == $md5password) {
                    $authFailed = false;
                    $updatepass = true;
                } else {
                    $authFailed = true;
                }
                //no math, fail
            }
            # ok
            if ($authFailed == false) {
                # try to update pass to crypt, only if version already changed
                if ($updatepass && $settings['version'] == "1.1") {
                    update_user_pass_to_crypt($username, $rawpassword);
                }
                # save results
                $uerror = 'Login successful';
                $lerror = 'User ' . $user['real_name'] . ' logged in.';
            } else {
                $uerror = 'Failed to log in';
                $lerror = 'User ' . $username . ' failed to log in.';
            }
        } elseif ($settings['domainAuth'] == "1" && $user['domainUser'] == "1") {
            # try to authenticate against AD
            $authAD = checkADLogin($username, $rawpassword);
            /**
             *	AD auth suceeded
             */
            if ($authAD == "ok") {
                # set flag
                $authFailed = false;
                # save results
                $uerror = 'AD Login successful';
                $lerror = 'User ' . $user['real_name'] . ' logged in.';
            } else {
                if ($authAD == 'Failed to connect to AD!') {
                    $uerror = 'Failed to connect to AD server';
                    $lerror = 'Failed to connect to AD!';
                } else {
                    if ($authAD == 'Failed to authenticate user via AD!') {
                        $uerror = 'Failed to authenticate user against AD';
                        $lerror = 'User failed to authenticate against AD.';
                    } else {
                        $uerror = 'Wrong username or password';
                        $lerror = 'User failed to authenticate against AD.';
                    }
                }
            }
        } elseif ($settings['domainAuth'] == "2" && $user['domainUser'] == "1") {
            # try to authenticate against AD
            $authAD = checkADLogin($username, $rawpassword);
            /**
             *	AD auth suceeded
             */
            if ($authAD == "ok") {
                # set flag
                $authFailed = false;
                # save results
                $uerror = 'LDAP Login successful';
                $lerror = 'User ' . $user['real_name'] . ' logged in.';
            } else {
                if ($authAD == 'Failed to connect to AD!') {
                    $uerror = 'Failed to connect to LDAP server';
                    $lerror = 'Failed to connect to LDAP!';
                } else {
                    if ($authAD == 'Failed to authenticate user via AD!') {
                        $uerror = 'Failed to authenticate user against LDAP';
                        $lerror = 'User failed to authenticate against LDAP.';
                    } else {
                        $uerror = 'Wrong username or password';
                        $lerror = 'User failed to authenticate against LDAP.';
                    }
                }
            }
        } else {
            $uerror = 'Failed to log in';
            $lerror = 'User ' . $username . ' failed to log in.';
        }
    } else {
        $uerror = 'Failed to log in';
        $lerror = 'User ' . $username . ' failed to log in.';
    }
    /**
     * print errors
     */
    if ($authFailed == true) {
        # print success
        print '<div class="alert alert-danger"><button type="button" class="close" data-dismiss="alert">×</button>' . _($uerror) . '!</div>';
        # write log file
        updateLogTable($lerror, "", 2);
        # also update blocked IP table
        if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
            $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
        } else {
            $ip = $_SERVER['REMOTE_ADDR'];
        }
        # add block count
        block_ip($ip);
    } else {
        # get user lang
        $lang = getLangById($user['lang']);
        /* start session and set variables */
        global $phpsessname;
        if (strlen($phpsessname) > 0) {
            session_name($phpsessname);
        }
        session_start();
        $_SESSION['ipamusername'] = $username;
        $_SESSION['ipamlanguage'] = $lang['l_code'];
        $_SESSION['lastactive'] = time();
        session_write_close();
        # print success
        print '<div class="alert alert-success">' . _($uerror) . '!</div>';
        # write log file
        updateLogTable($lerror, "", 0);
    }
}
예제 #6
0
foreach ($users as $user) {
    print '<tr>' . "\n";
    # set icon based on normal user or admin
    if ($user['role'] == "Administrator") {
        print '	<td><img src="css/images/userVader.png" rel="tooltip" title="' . _('Administrator') . '"></td>' . "\n";
    } else {
        print '	<td><img src="css/images/userTrooper.png" rel="tooltip" title="' . _($user['role']) . '"></td>' . "\n";
    }
    print '	<td>' . $user['real_name'] . '</td>' . "\n";
    print '	<td>' . $user['username'] . '</td>' . "\n";
    print '	<td>' . $user['email'] . '</td>' . "\n";
    print '	<td>' . $user['role'] . '</td>' . "\n";
    # language
    if (strlen($user['lang']) > 0) {
        # get lang name
        $lname = getLangById($user['lang']);
        print "<td>{$lname['l_name']}</td>";
    } else {
        print "<td>English (default)</td>";
    }
    # local or ldap?
    if ($user['domainUser'] == "0") {
        print '	<td>' . _('Local user') . '</td>' . "\n";
    } else {
        if ($settings['domainAuth'] == "2") {
            print '	<td>' . _('LDAP user') . '</td>' . "\n";
        } else {
            print '	<td>' . _('Domain user') . '</td>' . "\n";
        }
    }
    # groups
예제 #7
0
if (isset($_SESSION['ipamusername'])) {
    # destroy session
    session_destroy();
    # update table
    updateLogTable('User has logged out', 0);
    # set logout flag or timeout flag
    if (@$_GET['section'] == "timeout") {
        $timeout = true;
    } else {
        $logout = true;
    }
}
# set default language
if (isset($settings['defaultLang']) && !is_null($settings['defaultLang'])) {
    # get language
    $lang = getLangById($settings['defaultLang']);
    putenv("LC_ALL={$lang['l_code']}");
    setlocale(LC_ALL, $lang['l_code']);
    // set language
    bindtextdomain("phpipam", "./functions/locale");
    // Specify location of translation tables
    textdomain("phpipam");
    // Choose domain
}
?>
		
	<?php 
# include proper subpage
if ($_GET['page'] == "login") {
    include_once 'loginForm.php';
} else {