static function validate_login_ntlm($username, $password)
{
if (!function_exists("java_get_base")) {
require "lib/java/java.php";
}
if (!function_exists("java_require")) {
sys_log_message_alert("login", sprintf("{t}%s is not compiled / loaded into PHP.{/t}", "PHP/Java Bridge"));
return false;
}
java_require("jcifs-1.3.8_tb.jar");
$conf = new JavaClass("jcifs.Config");
$conf->setProperty("jcifs.smb.client.responseTimeout", "5000");
$conf->setProperty("jcifs.resolveOrder", "LMHOSTS,DNS");
$conf->setProperty("jcifs.smb.client.soTimeout", "10000");
$conf->setProperty("jcifs.smb.lmCompatibility", "0");
$conf->setProperty("jcifs.smb.client.useExtendedSecurity", false);
$auth = sys_get_header("Authorization");
$session = new JavaClass("jcifs.smb.SmbSession");
$result = new Java("jcifs.smb.NtlmPasswordAuthentication", "", $username, $password);
$username = $result->getUsername();
if (SETUP_AUTH_NTLM_SHARE) {
$w = new Java("jcifs.smb.SmbFile", SETUP_AUTH_NTLM_SHARE, $result);
$message = $w->canListFiles();
if ($message == "Invalid access to memory location.") {
header("Location: index.php");
exit;
}
} else {
$message = $session->logon(SETUP_AUTH_HOSTNAME_NTLM, $result);
}
if ($message != "" or $username == "") {
sys_log_message_alert("login", sprintf("{t}Login failed from %s.{/t} (ntlm) ({t}Username{/t}: %s, %s)", _login_get_remoteaddr(), $username, $message));
return false;
}
$_SERVER["REMOTE_USER"] = modify::strip_ntdomain($username);
if (empty($_REQUEST["folder"])) {
$_REQUEST["redirect"] = 1;
}
return true;
}
* @link http://www.simple-groupware.de
* @copyright Simple Groupware Solutions Thomas Bley 2002-2012
* @license GPLv2
*/
define("NOCONTENT", true);
define("NOSESSION", true);
require "index.php";
if (empty($_REQUEST["item"]) and empty($_REQUEST["filename"])) {
sys_error("Missing parameters.", "403 Forbidden");
}
sys_check_auth();
$ext = modify::getfileext(urldecode($_SERVER["REQUEST_URI"]));
if (in_array($ext, explode(",", INVALID_EXTENSIONS))) {
sys_error(t("{t}this file extension is not allowed{/t}") . " (" . $ext . ")", "403 Forbidden");
}
$content_length = sys_get_header("Content-Length");
if ($content_length == 0 and strtolower($_REQUEST["action"]) != "move") {
_upload_success();
}
if (strtolower($_REQUEST["action"]) == "move" and !empty($_SERVER["HTTP_DESTINATION"])) {
$_SERVER["REQUEST_URI"] = substr($_SERVER["HTTP_DESTINATION"], strpos($_SERVER["HTTP_DESTINATION"], "/sgdav/"));
}
if ($_REQUEST["item"] == "session") {
$path = str_replace("//", "/", urldecode($_SERVER["REQUEST_URI"]));
$filename = basename($path);
$path = dirname($path);
if (sys_strbegins($filename, "~") or sys_strbegins($filename, ".") or modify::getfileext($filename) == "tmp") {
$target = SIMPLE_CACHE . "/upload/" . $_SESSION["username"] . sha1($path) . "--" . urlencode($filename);
if ($fp = fopen("php://input", "r") and $ft = fopen($target, "wb")) {
while (!feof($fp)) {
fwrite($ft, fread($fp, 8192));
